Over the weekend, former president Donald Trump finally attempted to launch his own social network, Truth Social. After being banned from most mainstream social networks and losing the 2020 election, Trump’s team focused its efforts on launching the right-leaning app where his followers could gather.
Whether it’s Truth Social, Facebook or a niche social network, you should take certain precautions when joining any new service. Let’s break down what you can (and can’t) do to keep your data private.
No matter how fervently you follow a political figure, it’s nearly impossible to know what is going on behind the scenes from a technical standpoint. The Truth Social app’s rollout was plagued with glitches from the start, including error messages, the inability to actually access the site and a waitlist nearing a half-million people long.
Technical problems could mean more than just a delay in seeing “truths” (what it calls posts) and “retruths” (re-shared posts). The teams behind the launch could also be responsible for security on the site, protecting users’ data and collecting additional information about them for advertising purposes or to solicit political donations.
“You put your trust into these applications because you think maybe you know how they work, but you have no way to verify the competence of the developers, of the services they’re using,” said Patrick Jackson, chief technology officer of privacy software company Disconnect. “Give these apps the least amount of data possible, and treat any app as if they’re malicious.”
Even the least social apps on your phone have access to information about you. An app can know what model of device you are using, how much free space or battery life it has left, what cellular network you use, your IP address and information from the accelerometer like what orientation a phone is in. Together, these slivers of information can be enough to “fingerprint” your phone and identify who you are.
Jackson said these are things people often don’t know they’re giving up. You can limit some of this collection with tools like a VPN, a virtual private network, but even those can present their own security issues or simply be too much of an extra step for casual phone users.
Now we know what we can’t control when it comes to sharing data, but what about what we can? Smartphones from Android and Apple are increasingly adding individualized controls over sensitive types of information and forcing apps to ask you before accessing them. Always say no. If it’s something that seems necessary later, you can change your mind then.
Never grant an app access to your contacts list — yes, even on a social network. Instead, find your friends manually. There’s very little transparency or control when it comes to what field apps grab when you share your address book, and it exposes people in your personal and work life as much as yourself.
Other categories to never share include your location, photos, camera, calendar, microphone and anything else explicitly requested. You can check what any app is tapping into in your smartphone’s privacy settings and also revoke their access.
You should also be cautious about what you share willingly on a social site, like personal details in a post. These can be scraped by other users or exposed in other ways. If you plan on committing crimes, you should avoid posting evidence online, as many participants and users of the social network Parler discovered after the Jan. 6, 2021, storming of the U.S. Capitol.
Right now, Truth Social is only available as an app, and even barely at that. But when possible, you should access services through their websites instead of stand-alone apps when you are worried about privacy. It limits what they can access a bit, though they’re still able to collect plenty of information about you.
If you’re on an iPhone, you can turn on the iCloud Private Relay option, which acts like a VPN and limits what websites can see. But this setting only works for web traffic and not apps.
The first thing you hand over when signing up for a new service is typically your email address. It’s a small piece of information that can be used to connect data about you from all over the Internet. If an app’s email addresses are ever exposed in a breach, they can also be used to identify who users are by cross-referencing them against other sites.
The best way to avoid that is to use a one-time email address. Apple users can generate one through iCloud. Though the Truth Social app does not appear to offer Apple Sign In as an option, you can still get a fresh address by going to iCloud in your settings. Other options include using a Gmail alias, which still includes your original address, or something safer like Mozilla’s Firefox Relay. The same precautions apply to using a phone number.
Another giveaway is what handle you choose. First, don’t use your real name or any variation on it. Many people will make the mistake of using the same anonymous-seeming screen names across apps. Even if you choose something completely unrelated to your real name, like CarrotsAndPeas84, it can be used to identify you or connect you with your other profiles if you always use the same name.
The final precaution is another one you should take everywhere you hang out online. Be vigilant about scammers shilling anything including cryptocurrency and vitamin supplements, or just a stranger asking personal questions.
“It’s a new network. The scammers are ready and they’re nimble. They can be very agile in adapting to the platform, and they know people are going to be there and ready to engage,” Jackson said. “Don’t think this is just a network of friends.”