Collage by Beth.

Collage by Beth.

If you’re on the internet (hi!), then you live in a world where privacy isn’t a concept: It’s a policy. Every site has a different definition of what privacy means, and those definitions tend to be 10 pages long and incredibly boring to read. Most of us, when signing up for a new site, tend to scroll past that blabbity-blah legalese and automatically check the “I agree with the terms and conditions” box without scrutinizing to make sure we ACTUALLY AGREE. This may seem like a small act of negligence, but it has HUGE CONSEQUENCES. It sends a message to the big websites dominating the internet that we don’t care about our privacy. And if we don’t care, why should they?

Your opinion about this stuff matters. Public perception makes a big difference in how internet companies conduct themselves in terms of privacy. Online privacy was brought to the forefront of media attention in 2013 when Edward Snowden revealed that the NSA has been spying on American citizens’ emails, and again in 2014 when a whole crew of celebrities had their private photos hacked and leaked onto the internet. These two situations started global conversations about privacy and the internet which are by no means finished. Most sites still don’t make it easy to understand what you may or may not be giving up when you sign on with them. Some have even been accused of being intentionally confusing in the hopes that people will simply skip the headache and check the box. NICE TRY, GUYS. To help you understand what you’re getting into before you click “I agree,” here’s a breakdown of the privacy policies on a few of the Big Ones:


Here’s what Tumblr is tracking and collecting from its users: your location, what you look at, what websites you came from, and where you are going when you leave. They can use this information to create a hidden profile about you: what you like and don’t like based on how you use Tumblr. Tumblr’s parent company, Yahoo, can then use that profile to target advertisements at you on any website, as long as you are still logged in to Tumblr in one of your tabs. In 2013, Yahoo bought Tumblr for 1.1 billion dollars, mainly to sell advertisements to its huge user base. If you look at the CEO of Yahoo, Marissa Meyer’s, Tumblr post about acquiring Tumblr, she states: “The two companies will also work together to create advertising opportunities that are seamless and enhance user experience.” That’s pretty clear. Tumblr is a service; Yahoo is involved to monetize it by using your data to target ads at you.

If you delete your account, Tumblr claims that they eventually delete all your stuff off their servers. However, keep in mind that they will NOT remove anything that got reblogged, so those posts stay online FOREVER. This is worth repeating: Once something is reblogged, there is no way to take it down. Ever. For eternity.


OK, let’s tackle the giant! Facebook is the most widely used social network of our entire planet, and IT IS WATCHING US ALL. Facebook collects tons of data, including everything you do in the site or app—and by that, I truly mean everything: How long you chat with your mom; what you bought anywhere on the internet by matching your email address to the address you’ve used on shopping sites; your friend’s email address that you have stored on your phone. Did you know that Facebook monitors every word you type, including things you type but then delete without posting? This means they’re tracking how long you were typing, how many words you deleted, and guessing why you deleted your thoughts. Why is Facebook so interested in our self-censorship, you ask? From Slate:

Facebook considers your thoughtful discretion about what to post as bad, because it withholds value from Facebook and from other users. Facebook monitors those unposted thoughts to better understand them, in order to build a system that minimizes this deliberate behavior. This feels dangerously close to “ALL THAT HAPPENS MUST BE KNOWN,” a motto of the eponymous dystopian Internet company in Dave Eggers’ recent novel The Circle

Facebook also relentlessly tracks everything you do on Instagram (which Facebook owns) and any service you have used Facebook to “log in” with. A few examples: Spotify, OKCupid, Fitbit, Lyft, BarkBuddy, and almost any app/game on your phone.

If you are logged into Facebook, and then go do other stuff online, they are likely tracking that through “third-party partners.” From Facebook’s privacy policy: “We receive information about you and your activities on and off Facebook from third-party partners, such as information from a partner when we jointly offer services or from an advertiser about your experiences or interactions with them.” “Experiences and interactions” mean what you click, where you go, what you buy, how long you spend on any site, what videos you watch, what you download, etc. This is accomplished through cookies, and through Facebook’s increasing integration with everything on the web. Facebook is very interested in tying what you buy online to your personal information, because this is golden data to Facebook’s advertising partners.

The good news is that if you don’t want Facebook or other companies targeting ads to you based on your browsing data, you can opt out of all participating companies through the Digital Advertising Alliance in the US, the Digital Advertising Alliance of Canada, or the European Digital Advertising Alliance. You can also opt out using your mobile device settings. Facebook will still be collecting your data (there’s no opting out from that), but they won’t be profiting from it as much.


Instagram is owned by Facebook, so in a nutshell: like parent, like child.

A li’l history: Right after Facebook bought Instagram in 2012, they changed the Terms of Service and the privacy policy. All of a sudden, Instagram was claiming the right to use and sell users’ photos with no payment at all. According to this new policy, any user’s photos could wind up as a “sponsored story” or in the hands of some big company or advertising firm. After public outcry and some really negative media attention, Instagram appeared to back down. However, if you look at the current Terms of Use, you will notice that by signing up, you are granting Instagram a “a non-exclusive, fully paid and royalty-free, transferable, sub-licensable, worldwide license to use the Content that you post on or through the Service.” The words transferable and sub-licensable are new to the policy since Facebook bought the service. They mean Instagram can sell the rights to use your photos to another company without consulting you or paying you. This suggests they are still trying to keep the door open for selling the right to use the photos you post to the service. NOT A COOL MOVE, INSTA.

One other heads up! As Instagram’s privacy policy states:

We may share User Content and your information (including but not limited to, information from cookies, log files, device identifiers, location data, and usage data) with businesses that are legally part of the same group of companies that Instagram is part of, or that become part of that group (“Affiliates”).

This means all of your data and “User Content” (i.e., your photos and videos) can be shared with any of the Facebook family of companies– sold, turned into advertisements, whatever they want—without your express consent. This isn’t to say that Facebook has actually done this yet—just that they can according to their policies.


Like the other sites we’ve covered so far, Twitter tracks your IP address, your location, and your activity on the site in order to target ads to you (in the form of “sponsored tweets”). But other than that, nothing particularly untoward is going on here. Twitter and Snapchat are the only sites on this list that are not part of the United States’ PRISM surveillance program, which collects data for the National Security Agency. Having the government monitor all of our internet communication is invasive, and moves us from a society of presumed innocence to a society of presumed guilt. Plus, it expects us to trust that the NSA is only using all this information for the good of everyone, not just those in power. (Yeah right???) Gold star for Twitter for not being part of this!

Always remember that “public” tweets mean ANYONE can see them, so tweeting personal details about your life—particularly your location—can be dangerous. Twitter trolls can be vicious, disruptive, and hateful in ways that extend past the internet, too. Twitter is trying to crack down on this stuff to make the site a safer place for everyone, but that’s a tall order. For now, watch your back!


Snapchat gets points for not being part of the US government’s scary PRISM surveillance program, but I’m still gonna throw some CAUTION tape here. Snapchat’s privacy policy has a history of being rather iffy. Of particular concern is the “How We Use Information” section where it says, to “carry out any other purpose for which the information was collected.” Pretty vague, right? This is Snapchat covering their bases by saying, basically, “We can do what we want with your information, if that’s what we decide we want to do.” So…yikes.

The big question: Do your pics have really and truly disappear forever after the window to view has expired? Snapchat claims they do not save your pictures permanently, but they admit they cannot control their users’ behavior. So every time you send a Snapchat, there is the distinct possibility that the person on the other end has a way to save the picture permanently through a hack or app.


The most important definition of privacy should be YOURS, and the sites you use should reflect that. The best way to get websites to change their policies is for all of us to STAY INFORMED. Some countries, like France and Brazil, have better internet privacy laws than the US. You can call your congressperson and tell them we need to France up our game. Obama has appointed advisors to potentially form an “Internet Bill of Rights,” but it is unclear where that is headed.

Reading “techie” sites like Lifehacker, Ars Technica, The Verge, and WIRED is a good way to stay aware of changes and movements around online privacy. The more informed we are, the harder it is for the big sites to get away with sneaky bullshit. Examining privacy policies and changing our settings away from the “default” sends a message that we are paying attention to this stuff. You are not just a speck of plankton in the ocean of the internet; you are the ocean! ♦