The Modest Guide to Digital Privacy

Considerations and tools for a more private, enjoyable internet.

Photography by Rheisen Dennis

Over the course of the past few years our data has become more valuable than oil. As a result, numerous technology companies now thrive on the collection, aggregation, and distribution of our data. Although there is progress being made towards more transparent data collection and usage there are still great reasons to take digital privacy into your own hands.

As an individual you can directly, tangibly benefit from taking some simple steps to protect your data. Digital privacy can help you avoid filter bubbles and targeted advertisements, and help you find accurate information with fewer distractions.

Taking your digital privacy into your own hands only involves changing a few ways in which you interact with online content. Here’s a list of what we’ll cover:

1. Choosing privacy-first browser(s) on our laptop and mobile devices.
2. Understanding the limitations of our browser(s) privacy features.
3. Leveling up our online privacy with a VPN (virtual private network).
4. Understanding the dark side of our favorite applications.
5. Choosing an email service that won’t spy on us.
6. Considering how we send online messages.
7. Selecting a password manager.
8. Selecting a virtual card service.
9. Adding some file encryption.
10. Protecting ourselves using VMs (virtual machines).

That might look like a lot of ground to cover, but don’t worry! None of the steps above depend on the other steps, so you can pick and choose what interests you now and come back to do the other steps at any time.

Choosing privacy-first browser(s) on our laptop and mobile devices.

When it comes to browsing the internet we have a number of options: Google Chrome, Firefox, Safari, Internet Explorer, Edge, Opera, Brave, Vivaldi, etc. and of course, Tor.

The most popular browser is Google Chrome, but I advise trying to avoid Google whenever possible. Although they provide many amazing tools there’s simply no getting around the fact that they are one of the biggest data sellers to ever exist.

For most browsing I would recommend using Firefox on desktop and mobile devices, but also consider Firefox Focus on mobile devices (Android, iOS) for an even more private browsing experience.

Firefox is incredibly fast and offers a suite of privacy tools. The browser is open-source, so you can feel comfortable knowing a community of independent developers keep a watchful eye on it.

If you do decide to go with Firefox and don’t mind messing with some configuration options, this is a good place to start in making your browser even more private.

Then there are times when we really want to keep our browsing private, and in these times there is nothing better than Tor. Tor gives you access to onion websites and “the dark net”, but it can also be used to browse “the surface web”, or what most would consider the normal internet.

My personal runner up in privacy-first browsing would be Brave, which works with advertisers to reward you when viewing privacy-respecting advertisements. If you’re interested in supporting your favorite sites monetarily than using this browser is a good way to do so.

In the next section we’ll look at when we might want to use Tor over other browsers, and get more of an understanding of the privacy-protecting limitations of browsers.

Understanding the limitations of our browser(s) privacy features.

Most traditional browsers like Google Chrome and even Firefox will reveal a lot of information to those who care to look. They will save tracking tools from websites, they will reveal where you are geographically located, they will attach device information, and of course your internet service provider will see everything you do. This is true for most out of the box browsers.

Some browsers come with incognito or private-browsing modes. Incognito or private-browsing only prevents the saving of tracking tools past a single session and locally doesn’t save a history of your browsing. Other than that it’s pretty much the same. Don’t count on it for doing much to keep you truly private.

So what can you do to prevent these things from being shared? You can either use a VPN like we talk about in the next section, or you can use Tor.

The only reason I wouldn’t consider Tor for most daily browsing is simply because it is much slower than the other browsers mentioned due to the nature of the Tor network.

The Tor network essentially makes it extremely difficult for your internet provider to figure out what sites you are visiting, and reveals almost no information to the sites you visit about where you are coming from or the device you are using. It does this by bouncing you all over the world before delivering you to any site you enter and keeping a strict browser configuration. Tor also prevents websites from tracking you, maintains no local history, and generally provides few conveniences so as to minimize your online exposure.

Long story short, we should use Tor all the time if we want to maintain our online privacy to the highest degree. Doing so comes with losing a lot of conveniences though, so we can try to strike a balance and use our knowledge to assess when it’s ok to use a browser like Firefox.

Leveling up our online privacy with a VPN (virtual private network).

A VPN is a great way to prevent your internet service provider from tracking your internet behavior and sites you visit from knowing where you are geographically located. Generally a standard VPN will send your web requests through a network of servers (that others are using as well) before going to their intended destinations. By doing so it becomes very hard to trace back any request to an individual user unless the servers on the network are given to authorities.

Often times the VPN service that you use will offer servers in a variety of countries, which can help you avoid geographic online content restrictions.

A VPN offers enough benefits that I would recommend purchasing and using one as soon as possible, and yes I did say you should purchase one.

The downsides of VPNs are that you are trusting them with your web requests, so it is best to know how they are making money. Purchasing a VPN is the easiest way to ensure that they are providing you a service and not selling you as a service. By paying for a VPN you also get higher quality servers and support, so your internet speeds will suffer as little an impact as possible.

Purchasing a VPN is the easiest way to ensure that they are providing you a service and not selling you as a service.

My personal recommendations for a VPN service would be ExpressVPN or NordVPN. Both are very similar services, and there exist plenty of others that I could recommend. If you have the time do more comprehensive research, but ultimately I think getting a good VPN is relatively straightforward and the best thing to do is simply pick one.

That being said, if you’re choosing a VPN that isn’t listed above give it a search using this site to figure out if it fits your privacy needs. One important thing to consider when choosing a VPN is ensuring that the company is based somewhere that won’t cooperate with your government (like Panama).

Understanding the dark side of our favorite applications.

Equipping ourselves with these tools mentioned above are good first steps in securing our privacy, but if we use services that require accounts or provide services without requiring direct paying we need to consider how they can still be collecting and profiting from our data.

First let’s look at the most popular search engine, Google. Google seems like a safe way to browse the internet, and most would say a Google search is free access to information. This is not the case. Google collects tons of information.

I would recommend interacting with Google the way you would a conservative parental figure you’d like to have a good impression of you. When you want to search for something without having your shoulder looked over use DuckDuckGo.

If you’re interested in making the switch away from Google then I’d recommend changing the search engine your browser uses by default to DuckDuckGo.

I would recommend interacting with Google the way you would a conservative parental figure you’d like to have a good impression of you.

If you are a social media user and enjoy services like Facebook, Twitter, Snapchat, Tinder etc. then it is in your best interest to consider how those services use your information.

Facebook is perhaps the greatest offender as they have developed an incredibly targeted ad platform and control other large social media apps like Instagram and WhatsApp (and they do collect information from these sources).

Although other social media services aren’t as advanced as Facebook they will also target you with advertisements and collect information to profile you. Such is the nature of a free social media service.

A list of our favorite apps with privacy concerns simply wouldn’t be complete without mentioning Amazon. Amazon as a corporation puts an extremely high value on user data, and they try to collect as much of it as they can from interactions with their website or the products under the Amazon IoT umbrella like Ring and Alexa.

In general I recommend trying to buy as little as possible from Amazon and supporting local businesses instead. This solves the data privacy problem and helps local communities. I also recommend avoiding products under the Amazon IoT umbrella simply because legislation has not caught up with technology in this arena and it is unclear how much information these devices can legally capture.

Another avenue of data collection that is rarely talked about is through porn. Porn companies are absolutely massive, and if anything was to be learned by the PornHub event this year its that they are watching. Personally if I were to visit these sites I’d try to only do so while using a VPN and over Tor (minimum), but to each their own.

In addition to these concerns many mobile apps leak information to data collection companies. The best thing to do here is to manage your permissions for apps as strictly as possible and ideally keep as few apps as possible on your mobile devices.

Whew, yeah… snakes everywhere.

Choosing an email service that won’t spy on us.

In this day and age it is nearly impossible to avoid using Google or Microsoft for at least one email account, but you should probably try to use them as little as possible. Emails by default are unencrypted, and the information contained in them can be read by the service you use to receive and send emails. If you’ve ever wondered why the advertisements in Google Mail are so relevant to your interests, now you know.

My personal recommendation in this category is to switch over to something like ProtonMail. It is based in Switzerland and puts a high priority on user privacy and email security. It provides mobile apps, a web app, and it has a free tier (although it would be great if you supported it and upgraded).

There are other secure email providers, but from my personal experience ProtonMail has been a quality service and I’ve been transitioning over to using it more and more these past few years.

It is worthwhile to note that if you are sending an email to someone who isn’t using ProtonMail the email will not be encrypted by default, but you have the option to encrypt the email with a password.

Considering how we send online messages.

There are plenty of messaging services to consider using. For the sake of brevity I simply recommend using Signal whenever possible and especially when you need to send someone sensitive information.

The three main benefits in using Signal are that it is backed by an independent non-profit organization, it collects as little information as possible, and the technology is all open source. This is the messenger that Edward Snowden uses and if it is good enough for him it’s probably good enough for the rest of us (at least for now).

This is not to say that services like WhatsApp or Telegram are bad. Just that they aren’t the best. WhatsApp for example does use end-to-end encryption on messaging, but does send other data back to Facebook. Using WhatsApp or Telegram is still a step up from sending plain unencrypted text messages.

Selecting a password manager.

Most of us likely have a large number of online accounts, which means either lots of passwords to remember or reusing passwords and opening ourselves up to a big security risk. For a very long time I used a pseudo-algorithm to generate unique passwords for my accounts, and although it was fairly complex and secure it doesn’t beat the password strength and ease of a good password manager.

Password managers lock all of your account credentials behind a single (preferably very secure) password, and ideally multi-factor authentication. From there it allows you to save account credentials for different services and generate secure passwords to use with them.

My current password manager and one I recommend highly is 1Password. They offer a web app and mobile apps, have options for multi-factor authentication, and the interface is to my liking. Another very popular option is LastPass.

Generally the payments for password managers are fairly low, so I’d recommend choosing a premium service.

Selecting a virtual card service.

Another service that you might look into adding to your online privacy arsenal is that of a virtual card service. A virtual card service is a way to secure your online transactions that rely on supplying bank card information.

A virtual card service generates individual cards you can use online that tie back to your banking. It is great for subscriptions or single transactions as it allows you to easily manage subscriptions and cancel individual cards should a service have a data breach.

The biggest player in this space right now and the virtual card service I would recommend is Privacy. You can sign up and create 12 secure virtual cards per month for free. (How they make money with a free tier: Every time you spend using a Privacy card, the merchant or website pays a small fee called interchange. This fee is shared with us.)

Adding some file encryption.

File encryption is great if you need to work on sensitive information on shared computers, if you use cloud storage for sensitive information, or if you worry about a malicious party gaining access to your file system through some form of malware.

Depending on what type of information you keep on your computer you might not need file encryption. My bar for encrypting a file is if the file contains information that I wouldn’t want revealed publicly. I’d consider file encryption for images of government documents, sensitive images or videos, financial statements, etc.

There exist a few ways to encrypt files, but for most people I would recommend VeraCrypt.

VeraCrypt allows you to make encrypted drives/folders and secure them with a password (which you could generate and store with a password manager). These drives look like a file and can be easily carried around on flash drives or uploaded to cloud storage. The VeraCrypt software can also be loaded onto flash drives so you could keep an encrypted file system with you should you need.

One really nice feature is the ability to create a secret partitioning of the drive/folder. If you choose to go this route you will need two passwords for the drive/folder. One password will unlock a larger drive in which you would place fake sensitive files, and another password will unlock a smaller drive where you could put your actual sensitive files. The benefit to this approach is you’d be able to deny the existence of the smaller drive and only provide the password for the main drive if you were coerced.

Protecting ourselves using VMs (virtual machines).

Virtualization allows for operating systems to be run in an isolated environment using a subset of a computers resources. Essentially, you can run operating systems like Ubuntu on top of whatever operating system your computer is using.

You might consider using a virtual machine if your operating system is Windows 10 since Windows 10 is terrible for privacy. If you use Windows 10:

1. Your device is by default tagged with a unique advertising ID.
2. Data syncing is by default enabled (browsing history, app settings and wi-fi names and passwords).
3. Cortana can collect any of your data (like, literally any data you operate with on your computer, including credit card info, mic input, etc.)
4. Microsoft can collect any personal data about you.
5. All that data about you can be shared, with any third-party and even without your consent.

(This list was taken from a much longer article on privacy linked here that I’d highly recommend)

Or you might consider using a VM just to be extra safe with the files you download online and with your private browsing.

Regardless of your motivation, if you’re interested in creating a virtual machine to use on top of your system I’d recommend trying Virtual Box. Once you have Virtual Box installed I’d recommend getting an OS like Ubuntu. If you’re unsure of how to set up a VM, check out this video for Windows and this for MacOS.

To get the most out of private browsing on your virtual machine I’d recommend downloading Tor and a VPN if you use one.

Conclusion

If you’ve stuck with me through this guide, thank you. I’ve been an avid computer user since I was just a kid and for me making a guide like this has been long overdue. By finishing it you’ve acquired a lot of the knowledge I’ve gained over the past decade in this area in what is hopefully a fairly short amount of your time.

None of the products I’ve referenced or linked to have an affiliation with me or provide any benefit to me. They are all consist of what I truly believe to be good options.

Digital privacy is an important thing for all of us to consider. My hope is that this modest guide helps point people towards tools and considerations that empower individual data protection.

If you take just a few things from this guide please consider using Tor and/or a VPN, and being mindful of what information you’re sharing. The first steps to digital privacy are quite small, but will lead you down a good path.