Data Privacy Day - My Setup

January 29, 2020

tech

Yesterday, January 28th, was Data Privacy Day.

In light of this, I will share some recommendations for tools and software which can help regain some privacy and improve online security.

It's something I have become very concerned/passionate about over the past couple of years, so I'm pleased to see it is becoming somewhat of a hot topic.


Password Manager

Probably the most important step to implement. If someone isn't very technically minded, I tell them, "If you do nothing else, use a password manager!"

A lot of the time people just don't understand why using the same password again and again is such a security risk, particularly if they haven't had their user credentials stolen in the past.

They also might say something like, "surely having all my passwords in one place, protected by one password, is a bigger risk?". Potentially, yes. There is always some level of risk.

In truth, it's better to have just one point of weakness in your online setup. In that way, it's easier to monitor. You can also ensure the password you use for the password manager is as strong as can be, and also use Two Factor Authentication for an added layer of security.

The password manager I recommend is:

Bitwarden


Browser and Browser Plugins

Firefox is my personal choice. I use the following plugins:

as well as these custom configuration settings. This setup might be overkill for the everyday user however.

Brave Browser is a more practical option. It's a chromium browser (meaning it's built in a similar way to Google Chrome), but with a lot of ad-blocking and anti-tracking features built in. They are also trying something slightly different: users getting 'paid' for seeing ads. There's more to it than that, but it's not privacy related so I won't go into it here.

Tor should also get a mention, useful if you're seeking anonymity on the web. Some people do use it as their everyday browser, but expect a lot of sites not to function correctly if you do so.

On Mobile

Given the amount of time we spend browsing on our phones nowadays, privacy-orientated browsers on them should not be neglected.

For iOS:

For Android:


Email

The biggy. And probably the hardest to change, given that it's tied to most of our online accounts, holds all our online correspondance, and is basically just a pain in the ass to even think about switching.

However, lets take Gmail as an example. It's free. It works. It's good at filtering spam (although I have an unsubstantiated theory on that). What's not to love?

Google is reading every email you send and receive. It's collecting data from every single email you have ever sent or received. It's using it to better understand you as a person - what makes you click, and thus what makes you tick.

Of course Gmail is only one part of Google's data collection process, but it's a great resource for them.

It's free because you are the product being sold.

I think a lot of people pretend like they don't care, or that they've got nothing to hide so it doesn't really matter. If it really doesn't bother you, then fine. If it does, there are alternative email providers who don't view you as a commodity.

Proton Mail - I can't recommend this company highly enough.

I'd recommend signing up to a paid plan, if only as a way of supporting what Proton Technologies are trying to achieve. Reclaiming a huge chunk of your online privacy for the price of a coffee a month? That's money wisely spent.

Tutanota

Sign in with Apple - a great user-friendly option.

While not strictly an email provider alternative, it's worth drawing attention to what Apple are now doing with 'Sign in with Apple'.

They now offer the option of hiding your email whenever you use this option to create an account with an app or website.

Apple will generate a unique, random email address for that account, meaning your personal email isn't shared with the app or website.

Any messages sent to that address are then automatically forwarded to your personal email address.


VPN

A VPN (virtual private network) will not make you anonymous online.

However, it will hide your browsing activity from your internet service provider, because all traffic will go through the VPN's servers.

It's therefore essential that you can trust your VPN, as they potentially have access to all your internet browsing data (and if they are dodgy, they can sell this on to the highest bidder).

Mullvad

ProtonVPN

Algo VPN

This is a more technically challenging option, as it involves spinning up your own 'private' VPN on your own cloud server. It's actually nowhere near as difficult as it might sound, because Algo does almost all the work for you. If you're mildly comfortable at the command line, this will be no problem. Here is a podcast with the creator of Algo VPN, should you be interested in finding out more.


Messaging

This is another difficult change for people to make, as a messaging app is only as good as the friends you have that also use it.

Signal

SafeSwiss

Here is a detailed comparison of all the major secure messengers: https://securechatguide.org/effguide.html


Other Digital Tools

Cloud Storage

Nextcloud

Productivity/Notes

Standard Notes (referral link)

Two-factor Authentication (2FA)


Things To Remember

Avoid Google wherever possible. Use something like DuckDuckGo for searching.

Tip: if you really need to use Google for a specific search, in DuckDuckGo just put !g before your search term e.g.

!g privacy

While you are signed in somewhere, like Facebook, you are voluntarily leaving a trail. Facebook has just released its Off-Facebook Activity Tool, which shows you the apps, websites and businesses that Facebook knows you have visited. This tool allows you to clear the identifiable information they have linked to your account. This is a great step!

Some changes take time to get used to, or just take more time in general e.g. 2FA. This is time well spent. Your data and online activity should not be treated as products.

Privacy is not the same as anonymity. Requesting that our online actions remain mostly private is not an admission of nefarious behaviour. After all, why do people choose to have curtains in their home?


Deep Dive Resources

Further recommendations and comparisons:

A huge resource where you can learn much more:

Books:

Podcasts:

Sign up for my idea of the week

Go on, one more newsletter won't hurt. It will always just be one idea.