Your Digital Privacy Matters: Here Are Some Basic Steps You Can Take to Protect It
Every day, we share some of the most intimate and private aspects of our lives using digital communication platforms and the internet. As we go along doing our routine tasks, behind the scene, our data is being collected by corporations for generating revenue and by states for surveillance. The unconsented collection of our private lives is a clear violation of our privacy and interests as citizens. As ProPublica’s Julia Angwin puts it:
“Like it or not, we are all combatants in an information war, with our data under constant siege.”
The revelations of Edward Snowden (i.e., PRISM, Boundless Informant, XKeyscore) and the recent controversies around how our privacy is being compromised by big tech, make it clear that we are living under mass surveillance. This surveillance isn’t in our interest regardless of the context.
In this essay, I describe the essential tools you need for protecting yourself in the digital realm. These suggestions are for average users who do not have sensitive jobs; if you’re a journalist, a blogger, or a user with a particularly sensitive job, there are more steps you need to take for protecting your digital privacy and security.
Ultimately, not even Dread Pirate Roberts (Silk Road’s founder) managed to hide forever. Even if the cryptography is perfect, we all make human errors. However, that shouldn’t mean that ordinary people shouldn’t take some easy steps to mitigate threats.
Encrypting Your Traffic Though Using a Virtual Private Network
One of the most important steps is to use a reliable Virtual Private Network (VPN) to encrypt your online traffic and mask your location.
Without a VPN your Internet Service Provider (ISP) can see everything you’re doing on the web, which can be passed down to the state. Your Internet Protocol (IP) address is being tracked everywhere you go, allowing third parties to track your location, in addition to making your real identity vulnerable. A VPN also allows you to access websites that are blocked by an ISP. This feature is especially helpful when you’re traveling to countries with limited internet freedom.
I have used numerous VPN providers over the years and personally use ProtonVPN. They use the OpenVPN protocol with the AES-256 encryption standard–the same standard used by the NSA–don’t log your traffic, don’t log your activities, are leak-free, and store their servers in Switzerland–which means Swiss privacy laws protect the data.
While I encourage and support using the TOR network, this is something you should do in addition to using a VPN. Though your ISP can’t tell what you’re doing while using TOR, they can tell whether you’re using it, unless you connect to a VPN first. (It’s not illegal to use TOR, but why reveal it to your ISP? They’re not your friend.)
Web Browser & Extensions
For most people, web browsers are how they interact with the web. Making the wrong decision here can have severe privacy and security consequences down the road.
From the age of Mosiac and Internet Explorer (RIP) during the browser wars of the 90s to today’s environment, web browsers have been one of the battlefronts in the world of digital life. With Chromium (made by Google) taking over the browser standards (e.g., Opera and Edge) it’s becoming even more important which browser you choose to use. Web developers have to optimize their code to make sure it’s compatible with all browsers if most people start using Chromium, then they won’t worry about the minority whose browsers don’t support the content, that’s when we’ll be at Google’s mercy, whose tentacles I’ve been trying to escape.
I suggest using Firefox. The Firefox browser is open-source (unlike Chrome), and Mozilla develops it–a company that is committed to internet freedom, privacy, and transparency. I recommend all their products (e.g., Thunderbird would be a great alternative to Google calendar).
After installing Firefox, consider installing the following three extensions to improve your privacy and security:
Privacy Badger
As you browse the web, there are tens of trackers following you around through the utilization of Cookies, which is a unconsented intrusion of our privacy. Privacy Badger keeps track of cookies, and if it notices that they are tracing you around, it will block their access to your traffic.
The Electronic Frontier Foundation is the developer of Privacy Badger, an organization dedicated to free speech, privacy, and transparency in the digital realm.
HTTPS Everywhere
Traditionally most websites used the Hypertext Transfer Protocol (HTTP), but they were susceptible to man in the middle attacks, which is where HTTPS comes in–S stands for secure. HTTPS protects you by encrypting the traffic to ensure privacy and integrity.
The HTTPS Everywhere extension is made through a collaborative effort between EFF and the TOR project. Sometimes, websites default to the HTTP version of their website; this extension rewrites requests to these sites to HTTPS.
uBlock Origin
You might be surprised to see an adblocker on the list, but much of the invasion of our privacy is as a result of the advertisement business model, and by using an adblocker, we can make the ad incentive less lucrative.
If you want to support a website, simply deactivate the adblocker for that website. There are alternatives in work–I like the efforts of the Brave browser in this space.
While there are numerous adblockers readily available, studies have shown uBlock origin uses the least amount of memory, so it’ll your browser performance will be affected the least.
Smartphone Operating System
I used Android phones most of my life, but eventually, I concluded that iOS is a far superior operating system as far as user privacy is concerned.
Unlike Google, Apple does not use the advertisement business model, and the applications they provide (i.e., iMessage, iCloud) encrypt your data. Additionally, Tim Cook has shown to be a staunch supporter of encryption. (Apple stores the decryption key, meaning they could access your information.)
Apple could make a lot of money by selling user data, but they have decided not to, and we should support that.
Email Provider
Most people I know use Gmail (owned by Google) as their primary email account, which is concerning because Google uses all its services to learn more about your life, preferences, and behavior to sell you advertisements. Not to mention that the emails sent using Gmail are not end-to-end encrypted, and can be easily requested by the state through FISA orders.
I suggest using ProtonMail as your email provider. They’re based out of Switzerland, which means that they don’t have to comply with FISA orders and Swiss privacy laws protect your data. Any email sent using their service is end-to-end encrypted (not even they can read your emails), and they’re an organization that is committed to user privacy and internet freedom.
Though ProtonMail and ProtonVPN are two separate legal entities, they can be bundled together and have similar principles!
Texting
When you text someone, your service provider (i.e., Verizon) can read your texts. People share some of the most intimate moments of their life through texting, and it’s essential to use a service that is end-to-end encrypted.
Signal is one of the most secure communication apps available. It’s an open-source messaging app that encrypts your texts and allows you to set an expiration date on them. Bruce Schneier, who is an internationally renowned security expert said that he is “regularly impressed with the thought and care put into both the security and the usability of this app. It’s my first choice for an encrypted conversation.”
Password Manager
If you’re using the same password for all your accounts, you’re putting your privacy and security at a huge risk. Almost every day some platform is getting hacked, and when they do, on average it takes months for the IT folks to figure out they’ve been compromised, and sometimes weeks to patch the security vulnerabilities. Which means that your password is probably already out there!
There are a few good password managers to choose from; the most popular ones are 1password and LastPass. I’ve used both and prefer LastPass, but either one works. You can automate password changes and save secure notes on there too.
Webcam protector
I’m sure you’ve all seen people with stickers on their webcam. For a while, I thought they were just paranoid until I saw it on Mark Zuckerberg’s laptop, so I decided to investigate it.
A hacker can use a Remote Administration Tool (RAT) to spy on you using the built-in camera. Additionally, through using a plug-in called GUMFISH, the NSA can access your webcam (and microphone) too.
More recently, laptop manufacturers have started building webcams that only pop-up when you’re using them. If you don’t want an ugly sticker, use a pretty sticker, or get one of those webcams covers. Whatever you do, just put something up there.
Organizations to support
And finally, here are a few organizations to advocate for; they’re doing the Lord’s work!
