In the last few days, news reports on the Cambridge Analytica scandal have served as an unsettling reminder to Facebook users of the scope of the social media network’s data collection efforts, not to mention the challenges inherent in keeping all that private info secure.
All told, about 50 million people had their profile information and “likes” harvested—without permission—by a third-party quiz app.
In an online statement Wednesday responding to the crisis, Facebook CEO Mark Zuckerberg conceded that his company had made mistakes in safeguarding that data, but he wrote that it had already taken steps to prevent an event like it from happening again. “There’s more to do,” he added, “and we need to step up and do it.”
In the meantime, some Facebook users have decided to suspend or delete their accounts. For others, though, it’s hard to imagine giving up the practice of sharing pictures and posts with friends.
MORE: Opt Out of Platform API Sharing
If you are among that group, there’s still a number of actions you can take to secure your Facebook data and limit the access the social network and others have to it. Here’s what we suggest.
Put the brakes on third-party data collection. All those mobile apps, plug-ins, games, and websites that you linked to your Facebook account via Facebook Login gather info on you, too. For a complete list, visit the Apps section in Facebook’s Settings menu. To close the door on that snooping, you can turn off Facebook Platform, the utility that houses the apps and services created by those third-party developers. Go to Settings, select Apps, and click on the box titled Apps, Websites, and Plugins. Keep in mind that you will no longer be able to access the unlinked apps and services using your Facebook Login, so you may want to create new logins and passwords before you shut off Facebook Platform.
Limit Facebook tracking on other websites. Many online sites feature code that tells Facebook what pages you visit. They do this by embedding on your computer tiny data files known as cookies and hidden images known as web beacons that track your movements, analyzing what you watch and read. You can cut down on this by installing a tracker blocker extension (such as Disconnect, Ublock, or Privacy Badger) on your web browser. They only take a few seconds to download and activate.
Disable Location Services. By default, Facebook gathers location data and uses it for status updates and photo uploads. You can turn off location services from within the Facebook app or from a phone’s own settings. On an iPhone, go to Settings > Privacy > Location Services > Facebook and choose the Never option. Android users can go to Settings > Apps & Notifications > App Permissions > Location Permissions > Facebook, and slide the bar to the Off position.
Use two-factor authentication. Turn it on, and Facebook will require a verification code whenever your account is accessed from an unverified location, computer, browser, or phone. Facebook sends the code to an email or mobile number you’ve designated, and you need to enter the code, along with your usual login credentials, to gain access to the account. It adds a layer of protection against unauthorized access. To activate this feature using a laptop, go to Facebook’s Account Settings menu, select Security and Login, tap “Use two-factor authentication,” and click on the Set Up link.
Make yourself harder to find. Using the “Who can look me up?” section of Facebook’s Privacy Settings and Tools menu, you can control who can find you using your email address or phone number, and whether or not search engines can link to your profile. The Privacy Checkup tool will show you what information, such as your email address and birthday, is visible to friends and to the public.
Control who can see your posts. To do this, use the drop-down menu right next to the Post button. Choices include friends, the public, groups you belong to, and an option to build your own custom list. You can choose specific people to block (i.e. your direct superior in a workplace group you belong to.) This feature is not exclusive to statuses—photo albums can have custom viewer lists, too.
Choose who can add to your timeline. Enabling Timeline Review lets you control what’s allowed on your timeline by requiring you to approve each post. Notices asking for you to approve posts appear in the Activity Logportion of your profile page, alongside an overview of your Likes and images you’ve been tagged in.
Facebook allows users to add their friends to a group without consent; it’s a sometimes problematic feature, as Mark Zuckerberg once famously experienced. While there is no way to keep this from happening, you can use the Activity Log to see if you have been added to any groups. (You can then permanently remove yourself, if you choose.)
Stop your likes from becoming advertisements. You’ve probably seen posts reading “So-and-so likes this” with a sponsored link and a Like Page button. While you may like a company or group in the non-Facebook sense, that doesn’t mean you want to publicly endorse it. To opt-out of this, go to the Ads section of the Settings menu and change the “Ads with my social actions” option to “No one.” This area of Settings also allows you to control whether Facebook can target you with ads based on your online activity.