Social Media Privacy Settings That Actually Matter in 2024
Social media platforms are data broker goldmines. Every post, like, share, friend connection, and profile detail feeds into massive databases that get packaged and sold. While you're sharing vacation photos and birthday wishes, Facebook, Instagram, Twitter, LinkedIn, and TikTok are building detailed psychological profiles about you. These platforms know your political views, relationship status, income level, health concerns, and future plans – all derived from your voluntary sharing and behavior patterns. This chapter cuts through the overwhelming maze of privacy settings to show you which ones actually protect your data and which are just privacy theater.
The challenge with social media privacy is that these platforms profit from your data sharing. Every privacy setting they offer represents a potential loss of revenue. That's why important privacy controls are buried deep in confusing menus, use misleading descriptions, and get reset during "updates." We'll navigate these deliberately confusing interfaces together, showing you exactly which settings to change on each major platform and explaining what protection each provides. By the end of this chapter, you'll have locked down your social media accounts as much as possible while still maintaining the connections and features you value.
Understanding Social Media's Data Collection Machine
Social media platforms collect far more data than just what you explicitly share. They track how long you look at each post, what you almost shared but deleted, who you search for, and when you're most active. They analyze your photos for locations, brands, and even emotional states. They monitor which ads you scroll past quickly and which make you pause. All this behavioral data creates a psychological profile more detailed than any survey could produce.
The interconnected nature of social media amplifies privacy risks. Your data doesn't stay on the platform where you shared it. Facebook owns Instagram and WhatsApp, sharing data between them. Twitter data feeds into advertising networks. LinkedIn information appears in Microsoft products. TikTok's Chinese ownership raises additional concerns about international data sharing. Each platform's data becomes part of a larger ecosystem that profiles you across the internet.
Third-party apps and games connected to social media create additional privacy holes. Every quiz that tells you which Disney princess you are, every game that needs Facebook login, every app that offers social sharing – they all get access to your data. These third parties often have worse privacy practices than the platforms themselves and frequently sell data directly to brokers. The permissions you granted years ago for a forgotten app might still be harvesting your information today.
Facebook Privacy Settings: The Big One to Lock Down
Facebook remains the most important social media platform to secure because of its size, the amount of data it collects, and its aggressive data sharing practices. Start by visiting facebook.com on a computer (mobile apps hide important settings). Click the down arrow in the top right, then "Settings & privacy" > "Settings." This opens the main settings page where privacy controls are scattered across multiple sections.
Click "Privacy" in the left sidebar. Start with "Your activity" section. Change "Who can see your future posts?" to "Friends" or "Only me" depending on your comfort level. Never leave it as "Public" unless you want your posts appearing in data broker databases. Click "Limit who can see past posts" and use this tool to restrict all your historical posts to friends only. This is crucial – many people tighten future posting but leave years of public posts exposed.
In "How people find and contact you," change every setting to "Friends" or "Friends of friends" at most. Set "Who can look you up using the email address you provided?" and "Who can look you up using the phone number you provided?" to "Friends" only. This prevents data brokers and strangers from finding your profile using contact information they've obtained elsewhere. Critically, turn OFF "Do you want search engines outside Facebook to link to your profile?" This single setting keeps your Facebook profile out of Google search results.
Navigate to "Profile and tagging" settings. Set "Who can post on your profile?" to "Friends" and enable "Review posts you're tagged in before the post appears on your profile?" This prevents others from associating you with content you haven't approved. Under "When you're tagged in a post, who do you want to add to the audience?" select "Only Me" to prevent tag exposure to broader audiences.
The most important privacy settings hide in "Ads" settings. Click "Ad preferences" then "Ad settings." Turn OFF "Ads based on data from partners" to stop Facebook from using external data broker information for targeting. Turn OFF "Ads based on your activity on Facebook Company Products that you see elsewhere" to prevent Facebook from following you across the internet. These settings significantly reduce Facebook's data sharing with external companies.
Instagram Privacy Lockdown
Instagram, owned by Facebook, requires separate privacy configuration. Open the Instagram app and tap your profile icon, then the hamburger menu (three lines), then Settings > Privacy. Start by switching to a private account if you haven't already. Tap "Account Privacy" and enable "Private Account." This single change prevents non-followers from seeing your posts, stories, and follower lists – crucial information that data brokers harvest from public profiles.
In Privacy settings, tap "Activity Status" and turn it OFF. This prevents others from seeing when you were last active – behavioral data that reveals your patterns and habits. Tap "Story" and configure who can see and reply to your stories. Consider creating a "Close Friends" list for more personal content, keeping your broader follower list from seeing everything.
Under "Tags," set both "Add Automatically" options to "Don't Add Anyone." This requires your approval before tagged photos appear on your profile. In "Comments," consider enabling "Hide Offensive Comments" and creating a custom keyword list to block spam that often contains phishing or data harvesting attempts.
Navigate to Settings > Ads and tap "Ad Activity." Here you can see advertisers who uploaded lists containing your information. This reveals which companies are sharing your data with Facebook/Instagram. Tap "About This Account" to see if data brokers have lists including you. While you can't stop this practice entirely, knowing who's sharing your data helps you target opt-out requests.
Twitter/X Privacy Configuration
Twitter's public-by-default nature makes privacy challenging, but important settings exist. On desktop, click "More" then "Settings and privacy." On mobile, tap your profile picture then "Settings and privacy." Navigate to "Privacy and safety" for the crucial controls. Start with "Audience and tagging" – consider protecting your tweets, which makes your account private and requires approval for new followers.
In "Your Tweets," disable "Add location information to your Tweets." Location data is particularly valuable to data brokers and unnecessary for most tweets. Under "Photo tagging," set to "Only people you follow can tag you" to prevent spam accounts from associating you with problematic content.
The "Data sharing and off-Twitter activity" section contains critical settings. Disable "Allow use of where you see Twitter content across the web" to prevent Twitter from tracking you on other websites. Turn OFF "Personalized ads" to reduce data sharing with advertisers. Disable "Share additional information with business partners" – this directly prevents data broker access.
Review "Apps and sessions" to see which third-party apps have access to your Twitter account. Revoke access for any apps you don't actively use. Many old apps continue harvesting data years after you've forgotten about them. Be especially suspicious of apps promising follower analytics or tweet scheduling – they often sell data to brokers.
LinkedIn: Professional Data That Brokers Love
LinkedIn poses unique privacy challenges because professional information is inherently more public. However, you can still limit data broker access while maintaining professional networking. Go to linkedin.com, click your profile photo, then "Settings & Privacy." Navigate to "Visibility" section first.
Under "Visibility of your profile & network," set "Your profile's public visibility" to limit what non-members see. You can't completely hide your profile, but minimize visible information. Set "Who can see your connections" to "Only you" – your professional network is valuable data that competitors and brokers harvest. Disable "Viewers of this profile also viewed" to prevent your profile from being suggested based on others' browsing.
In the "Data privacy" section, find "Job seeking preferences." Even if not job hunting, configure these carefully as recruiters often share data. Under "Social, economic, and workplace research," toggle OFF data sharing for research. This prevents LinkedIn from sharing your data with external researchers who might be fronts for data brokers.
Navigate to "Advertising preferences" and click "Manage." Turn OFF all advertising categories, especially "Ads based on data from advertising partners" and "Ads on LinkedIn based on your activity on other sites and apps." These settings directly prevent data broker information from being used for LinkedIn targeting.
TikTok Privacy: The New Frontier
TikTok's rapid growth and Chinese ownership create unique privacy concerns. The app collects extensive data including biometric information, keystroke patterns, and clipboard contents. While you can't eliminate all tracking, you can reduce it. Open TikTok, tap Profile > Menu (three lines) > Settings and privacy > Privacy.
Set your account to private by toggling ON "Private account." This prevents non-followers from viewing your videos and follower list. Under "Safety," disable "Suggest your account to others" to prevent TikTok from recommending your profile based on contacts, Facebook friends, or other connections that reveal real-world relationships.
In "Personalization and data," turn OFF "Ads personalization." This reduces data sharing with TikTok's advertising partners. Disable "Data sharing with third parties" if the option appears (availability varies by region). Under "Downloads," set to "Off" to prevent others from saving your videos and potentially sharing them elsewhere.
Review "Apps and websites" to see third-party services connected to your TikTok account. Remove any you don't actively use. TikTok's API provides extensive data access, making connected apps particularly risky for privacy. Be especially wary of apps offering TikTok analytics or follower tracking.
Managing Tagged Photos and Posts
Tagged content creates privacy vulnerabilities across all platforms. When others tag you in posts, they're creating public associations that data brokers harvest. Even with strict privacy settings, tags can expose you through other people's public profiles. Implementing tag review across all platforms is essential for maintaining privacy.
On each platform, enable tag review features that require your approval before tags appear on your profile. But this isn't enough – you also need to regularly review pending tags and think carefully about approvals. Consider not just the content but who can see the tagger's post. Their public post tagging you creates an association visible to data scrapers even if you don't approve the tag on your profile.
Develop a personal policy for tag handling. Consider asking close friends to avoid tagging you publicly, using private messages to share photos instead. For professional contacts, accept strategic tags that support your career while declining casual social tags. Remove old tags from posts that no longer represent you or reveal outdated information like former addresses or relationships.
Quick Wins You Can Do in 5 Minutes
Right now, go to Facebook Settings > Privacy and turn OFF "Do you want search engines outside Facebook to link to your profile?" This single setting removes your Facebook profile from Google search results within days. It's the most impactful privacy setting that most people miss. Takes 30 seconds but provides significant protection.
Next, open Instagram and switch to a private account if you haven't already. Settings > Privacy > Account Privacy > Private Account. This immediately prevents data brokers from scraping your posts, followers, and activity. You can always approve legitimate followers while blocking automated harvesting systems.
Finally, review your LinkedIn connections visibility. Settings & Privacy > Visibility > Who can see your connections > Only you. Your professional network is valuable intelligence for competitors, recruiters, and data brokers. Hiding connections takes seconds but protects important professional privacy.
Third-Party App Audit
The biggest privacy risks often come from forgotten third-party apps connected to your social accounts. These apps received permissions years ago and continue harvesting data. Each platform makes finding and removing these apps deliberately difficult. Set aside 20 minutes to audit all connected apps across your social media accounts.
On Facebook: Settings > Apps and Websites shows all connected apps. Be ruthless – remove everything you don't actively use. Many apps like personality quizzes, games, and old services you tried once continue collecting data. Click "View and edit" then "Remove" for each unnecessary app. Pay special attention to apps marked "Active" that you don't remember using recently.
Similar audits exist on other platforms: - Twitter: Settings and privacy > Apps and sessions - LinkedIn: Settings & Privacy > Data privacy > Other applications - Instagram: Settings > Security > Apps and Websites - TikTok: Settings and privacy > Security > Manage app permissions
After removing apps, change your default permissions for new apps. On Facebook, under Apps and Websites, click "Preferences" and set defaults to the most restrictive options. This prevents future apps from accessing unnecessary data even if you quickly click through permissions.
The Nuclear Option: Account Deletion
Sometimes the best privacy move is leaving platforms entirely. If you haven't used a social media account in months, consider deleting it rather than leaving it as a data collection point. Dormant accounts are particularly vulnerable – you're not monitoring privacy settings while the platform continues monetizing your historical data.
Before deleting, download your data archive. Every major platform offers data export: - Facebook: Settings > Your Facebook Information > Download Your Information - Instagram: Settings > Security > Download Data - Twitter: Settings > Your account > Download an archive of your data - LinkedIn: Settings & Privacy > Data privacy > Get a copy of your data
Review downloaded data to understand what these platforms store. You'll likely be shocked by the extent of data collection. Save important photos and messages, then proceed with deletion. Use the platform's actual deletion option, not just deactivation. Deactivated accounts can be reactivated and continue existing in databases.
Maintaining Social Media Privacy Long-Term
Social media privacy requires ongoing vigilance. Platforms regularly introduce new features that default to public sharing. Privacy policies change, usually in favor of more data collection. Settings you carefully configured get reset during updates. Set quarterly reminders to review privacy settings on all your social accounts.
Create a privacy routine for new social media features. When platforms launch stories, reels, or other features, assume they're public by default. Research privacy implications before using new features. Early adopters often unknowingly participate in data collection experiments. Let others be guinea pigs while you wait to understand privacy implications.
Consider your social media strategy holistically. Maybe you maintain LinkedIn for professional networking but delete Facebook. Perhaps you keep Instagram private for close friends but maintain a public Twitter for professional thoughts. There's no one-size-fits-all approach. Design a social media presence that balances your connection needs with privacy protection.
Your social media accounts are now significantly more private. Combined with the browser privacy, email protection, and data broker removals from previous chapters, you've dramatically reduced your digital footprint. The next chapter addresses one of the most challenging privacy tasks: removing your home address from the internet.