First, there is no blanket "right" decision that will work for everyone. People have different needs and we make different trade-offs depending on our contexts.
If you want to consider the various options of leaving Facebook, we recommend reading What the Facebook?! To Leave or not to Leave.
But for now, as long as you continue to use Facebook, we recommend the following:
Use a passphrase (not just a password) to protect your account against hacking. Here is more info from Security in a Box on how to do that:
Always log out of Facebook when you are done using it.
Clear your browser cache often, to protect yourself against cookies. Use Privacy Badger to block trackers. Read more on how to increase your privacy on Me & My Shadow
On your phone, access Facebook via a privacy-protecting browser like DuckDuckGo or Firefox. If possible, avoid having or using the Facebook app on your phone. The Facebook app, like many other apps, is after your data. If you're not extra careful, you may give the Facebook app permission to access your contacts, call logs, text messages, calendars, location, camera, photos, internal storage, and even your WiFi connections.
Create Lists and use them to grant or restrict access to who can see what on your profile. Be creative in the names you give your groups, e.g. avoid using “Family” for your family members, and “Work” for work contacts.
Avoid using Facebook Smart Lists. (These are lists created by Facebook, and can be found on your friends' profiles, or when you approve someone's friend request; they tend to have a “lightning" symbol next to them.)
If you add someone to one of those lists, Facebook will automatically ask them to modify the information on their own profile if their information doesn’t match up. (For example, if you add a friend to a Smart List for the city you live in, say “Cairo,” Facebook will assume your friend lives there or is related to the city of Cairo. Your friend might not have opted to share this information about themselves.) Keep in mind that all the lists you create will be used to profile other people as well as yourself. Another reason to be creative and subtle in your list names.
Unless you are an activist, an artist or a journalist, or someone who uses Facebook as a public platform to openly share information, you might want to place some limitations on who can access your data.
Click on the arrow at the top right of any Facebook page > Settings >Privacy (in the left column)
Click on Settings
Click on Privacy in the left column
Under “Your Activity” and under “How People Find and Contact You”, you can:
Click Apps in the left column and review what apps and websites you have subscribed to using your Facebook account. Also review the permissions you have granted to these apps. Revoke permissions, unsubscribe and remove apps and services you are not using; or that don't meet your privacy needs.
Make sure your account is secure: Click Security in the left column and set-up Two Factor Authentication. There are a few different options here - one of the easiest is the Text Message option. (this will, of course, require having access to the phone number you provided Facebook).
At the time of publishing this article, this feature was available in some regions but not for everyone, so it’s possible that you don’t have these particular settings.
Since Facebook changes its permissions and its interface regularly, make sure to review this section periodically.
Though Facebook has taken and is taking measures to regulate what data is shared with the apps they authorise to collect data about us, there are still steps that can and should be taken to guarantee our privacy. In the meantime, and till Facebook takes the necessary measures recommended by privacy groups and others; here is what you can do.
If you feel you are not ready yet for so much commitment, there is the option to control what information is available for apps used by others who can view your profile. According to Facebook, users who can see your info can bring it with them when they use apps, games and websites. This includes data like your Bio, your birthday, family and relations, your activists, interests and things you like..etc. To control this:
The Facebook app has permissions to access your contacts, location, camera, storage, texts and calls and more. So if you want to log onto you Facebook account on the go on your phone, it is recommended to use the browser and avoid installing the Facebook app.
Software developer Dylan McKay downloaded his Facebook data and he found his entire call history with his partner's mum. A historical record of every single contact on his phone, including ones he no longer has, and metadata about every text message he has received or sent since getting on Facebook. He also found the metadata of every phone call he made including time and duration. You can read McKay's documentation on Twitter
IF YOU USE THE FACEBOOK APP ON YOUR MOBILE:
Check is you can set permission to access your contacts, location and camera in your mobile phone settings. On the mobile Facebook app the privacy settings are almost the same as those for the browser, the only difference are the location settings.
→ Location → Turn off
Limitations: You will not be able to use location-specific features on Facebook like check-ins, Nearby Friends or Nearby Places.
→ General: Change your basic information. Name, email, telephone number etc.
→ Security → Login Alerts → Turn on This will alert you if anyone tries to log in from a new device or browser.
→ Privacy: Adjust who can contact you, look you up and see your posts. Do not select Everybody or Public, otherwise your profile will then be public to even those who are not on Facebook.
→ Timeline and Tagging: Restrict who can post on your timeline, who can see what you've been tagged in and what others have posted on your timeline, and select that you want to review friends' posts and tags before they appear on your timeline.
Avoid writing sensitive information and sharing any kind of thoughts that can be used against you. Even though these messages are 'private' in the sense that your other Friends on Facebook can't see them, Facebook itself still has access to them
_ This article was written by Leil-Zahra Mortada, with contributions from Stephanie Hankey, Ling Luther and Helen Kilbey._