Practical privacy and simple cybersecurity.
TheNewOil.org

Today is Data Privacy Day. Here’s Another List

Today is Data Privacy Day – as the title says – so I thought it only appropriate that I make another list. This time, I want this list to focus solely on ways to protect your privacy. Normally on this site I try to take a balanced approach to both privacy and security, usually leaning more on the security side. Privacy and security are almost never at odds, and in fact usually go hand-in-hand. But in honor of today, here’s a list of simple tools and steps you can take to really up your privacy game specifically.

Switch to a Privacy-Respecting Search Engine

Are you using Google, Bing, Yahoo, or similar? Boo! Switch to a privacy respecting search engine such as DuckDuckGo or Startpage. Already using those? Great! But believe it or not, you can actually do even better! DDG is not without their fair share of controversy, and Startpage has a questionable relationship with an advertising company. Instead, try SearX, a fully open source and decentralized search engine; MetaGer, a fully open source search engine; or even YaCy, which is designed to be self-hosted and peer-to-peer. If you have the technical skill, you can even self-host your own instances of all three of those.

Switch to a Privacy-Respecting Browser

Using Chrome? Ditch it for Brave, which is a Chrome fork that comes pre-built with advanced privacy and security tools. However, just like with search engines, Brave is not the perfect choice. Admittedly, there are no perfect choices in this category. Personally I’m a fan of Firefox, but researchers have proven that Firefox is technically not as secure as Chromium. This is one of those rare times when privacy and security diverge somewhat. Since this blog post is focusing on privacy, I’ll focus on why I recommend Firefox: I believe that Firefox can be made more private than Chromium-based browsers. In addition to user-friendly privacy controls in the preferences such as anti-fingerprinting and tracking protection, Firefox also offers a powerful “about:config” section which can be configured in advanced and powerful ways. Firefox may not be the perfect choice, especially for security, but for privacy I think it has the most potential by far.

Disable Invasive Settings

Here’s a quick question: when was the last time your phone updated? Don’t know? Do you know if any of the settings got changed when it updated? What about your computer? What about your social media profiles? Whenever you set up any new profile or device, you should always go straight to the settings and enable two-factor authentication, as well as disable any privacy-invading settings. Instagram really doesn’t need to know your location, and honestly life is just fine without Siri. Disable as many settings as you can to preserve your privacy. You should also make time to periodically check your settings, especially after updates, just to make sure there’s nothing new or no changes were made or reverted. Want to take it a step further? Learn how to live without your phone. Going to a movie? You’re gonna turn it off anyways, just leave it at home. Running a few quick errands? People can live without having instant access to you, they can leave a message.

Ditch the Mainstream Providers

Using Google? They’ve been accused of reading your emails to scan for keywords for advertising. Don’t mind them reading emails from your bank so they know your budget? Maybe you’ll mind the Yahoo employee who illegally ]accessed user accounts](https://mashable.com/article/yahoo-employee-account-hacker/) looking for nudes. The fact is that numerous privacy abuses can be cited for all the major tech companies because privacy abuse isn’t just rampant among them: it’s their business model. Skype was part of PRISM, the NSA program attempting to collect all data for mass surveillance revealed by Edward Snowden in 2013. Facebook’s privacy abuses are too numerous to list. Apple has been accused of listening to Siri recordings even after agreeing to stop (so much for their privacy-friendly marketing). Amazon is in Facebook territory with privacy concerns that would take entire websites to list. So the solution? Ditch all of them. Get rid of Gmail, Yahoo, or Outlook for a privacy-respecting email provider. Ditch Skype, Zoom, and Teams for Jitsi. Avoid home assistants. Sometimes the biggest privacy moves you can make are the most obvious.

Encrypt Everything

You should encrypt your devices, but in this case I’m talking about a favorite of the privacy community: encrypted communication. Whether you go with Signal, Wire, XMPP, or something else, I highly encourage you to use encrypted messaging. Your texts and emails are not private. They can be read by your cellular or internet providers, and in the case of SMS they can often be read by the owner of the Wi-Fi, local analysts, and basically anyone with a computer and a little free time. Encrypted messaging is a simple, effective way to regain a major level of privacy.

Change Your Mindset

Privacy (and security) is not just a few apps you download or services you switch to. It’s a state of mind. Literally. Try this: next time you sign up for a website or an online purchase, enter literally nothing. Click “next” and see what fields pop up as mandatory. You might be surprised what’s considered optional. Or next time you’re filling out a form – doctor, DMV, reservation at Chili’s – ask the person behind the counter what information is actually mandatory. Again, you might be surprised what’s optional. The fact is that we are conditioned. Humans like to be helpful by nature, so when people ask us for information, our impulse is to give it to them to be helpful. But the problem is that once we let go of that information, we have no control over it anymore. The recipient might promise not to sell your phone number to marketing companies, but if they do you have no real recourse. Now it’s out there. And you have no real control over who they hand it over to. Maybe they won’t sell your information, but if they’re using a third-party service for their database management, who’s to say that company won’t? You have to think of every piece of data you disclose as potentially public record, either by being handed off to another party or by being caught up in a data breach. And ultimately, the best privacy is to not reveal that information in the first place. The best privacy practices are to have total control over your data, who has it, and how they use it.

You can find more recommended services and programs at TheNewOil.org, and you can find our other content across the web here or support our work in a variety of ways here. You can also leave a comment on this post here: Discuss...