How to improve your online privacy

H

My views on online privacy have evolved a lot in recent years. This is partly because I better understand why privacy is valuable, why it’s important to pay for online media and services, and because of all the recent cases of abuse of our online data by the big online platforms.

Right to privacy

My reasons to value my privacy might be different from yours, but I’d encourage you to do some reading (and thinking) about why it matters. The following talk by Glenn Greenwald is a good starting point and explains that it’s not about labelling people as “good” people (with nothing to hide) or “bad” people (with something to hide), but rather just as “people” and that we lock the bathroom, dance where nobody can see us and close our curtains simply because we do certain things that we just don’t want everyone to see. You don’t need to explain why you’re doing those things, nor do you need to justify why you’re hiding them from prying eyes.

Personal data to me should be, well, personal, but there is also the economic side: my data is a valuable asset, not just to me but to many companies. It is something that commands value. Many platforms collect your data – the things you write about, the things you like and do and say online, the things you search for, along with some information like where you live, your age, gender, political views and the like. The more information a platform has on you, the better they can connect you with third parties who are interested in selling things to you. The more information they have, the more at risk you are when that platform gets compromised.

Google, one of the largest companies in the world, despite having a multitude of very useful and fantastical products makes nearly all of its money through advertising.

For most people this simply isn’t an issue yet and they may rightfully argue that it’s better to see relevant adverts –the latest running shorts, because Facebook knows you’re a runner, for instance – rather than the nonstop irrelevant adverts, flash games and other nonsense that filled up our web pages only a few years ago. Many are happy to give away their information and allow snooping in exchange for “free” products, but something definitely clicked for me and I’ve gone the opposite direction.

These “free” products are slick, fast and undeniably makes our online lives a lot easier. The price you pay, however, is giving up your personal data and privacy. Each email you’ve sent or received with Gmail gets scanned. Every place you’ve travelled to and from using Google Maps is logged. Every Google search you’ve done is stored and used in some way.

I’ve come to the conclusion that it’s virtually impossible for me to restrict all access to my entire digital data trail, but that I value my privacy enough to take some basic and rather affordable steps to at least restrict access to it.

These steps include spending money – a few dollars each month for private, encrypted email and privacy-enhancing services – and making tradeoffs of time and convenience by using services that aren’t as nice, fast or user-friendly as the ones provided by “free” platforms. I also lived in the surveillance state of China for a few years, and it helped shape the way I view and value my privacy. It suddenly becomes incredibly valuable when you know it has been taken away from you.

Below are some suggestions on how to restrict access to your personal information, including some honest drawbacks of using these services.

✉️ Gmail alternative: ProtonMail

As mentioned above, Google scans the emails you send and receive to build a profile on who you are and what services might be relevant to you. Its algorithm can probably accurately determine your financial status (those banking, tax and trading statements you receive in your mailbox), the things you buy online and where you live (through your shipping receipts), where you travel to (through airline and Airbnb confirmation emails) and countless other private things.

I made the switch to ProtonMail, the largest encrypted email service in the world, headquartered in Switzerland. It’s not a perfect solution, not by a long shot, but it’s a lot better than giving away all my information and a product I believe in supporting with my dollars.

ProtonMail phone

It’s been designed so that nobody (including ProtonMail themselves) can read my emails. The interface is intuitive, both on the web and mobile apps, and they’re adding and improving on a lot of features all the time.

How to get a ProtonMail account

  1. Head over to protonmail.com and select Sign Up.
  2. If you want to kick the tyres a bit, sign up for a free account, otherwise select a paid plan.
  3. I suggest picking a random username that obfuscates your identity a bit (don’t use your standard Twitter handle or default username). Once you upgrade to a paid plan (which you should do) you can add your own domain name and personal email addresses.
  4. Use a unique, difficult-to-guess password. If you used the same username and password on any other site and that site gets compromised, your ProtonMail account can also get compromised. See more about password managers further down.
  5. Follow the rest of the sign-up and setup prompts.
  6. Extra: set up two-factor authentication (you can do it by selecting Settings > Security or navigating here: https://mail.protonmail.com/security). More on 2FA further down.
  7. Extra II: Set up ProtonMail with your desktop mail client (like Outlook, Mac Mail, Fedora, Thunderbird etc.) using the ProtonMail Bridge. Instructions and more information here: https://protonmail.com/bridge/
  8. Extra III: If you want to get a black belt in privacy, you can get information on using PGP with ProtonMail here: https://protonmail.com/support/knowledge-base/how-to-use-pgp/
ProtonMail web
The ProtonMail web app interface

Things I like:

  • It’s encrypted, end-to-end (nobody can scan, intercept or read my emails).
  • Their business plan relies on subscriptions for a service rendered (paying for a valuable product), not advertising and information sharing with other products or third parties.
  • They have a mobile mail app for iOS and Android.
  • You can use custom domains (yourname.com) with multiple email addresses and even catch-all addresses (hello@myname.com, shopping@myname.com, newsletters@myname.com).
  • It’s compatible with standalone email apps like Mac Mail and Thunderbird.
  • They support two-factor authentication and many other ways to keep your account secure.
  • It’s affordable. You can get a free account (with limited features) and paid accounts start at only $5 a month.

Things I dislike:

  • This could very well be a deal-breaker for many: their search feature is pretty much useless. This isn’t entirely due to bad product design, it’s actually due to privacy reasons. When you use the search feature, it only scans a limited amount of information like the recipient, sender and email subject line. They don’t store the contents of your emails unencrypted – and therefore searchable – at all, remember. This isn’t an issue when you use a desktop mail client like Mac Mail, but it is very frustrating on mobile. This seems to be a priority for the team and they seem to be working on a solution, as from their feedback page.
  • I’ve experienced downtime once where I couldn’t sign into my account for five or ten minutes. I’ve never experienced downtime on any of the big “free” mail platforms. Hopefully, these are growing pains of a fast-growing company that they’ll better avoid in future.
  • It’s slower than Gmail. I sometimes have to wait a few seconds for an email to arrive, whereas with Gmail (and others) it pretty much shows up instantly.
  • It doesn’t have all the nice features you can add to Gmail through Google Labs and browser extensions, such as Streak CRM, Boomerang and the like. There are, however, many excellent plugins available for the Mozilla Thunderbird email client.

I’m now using accessing both my secure, encrypted ProtonMail emails and my not-so-private Gmail email accounts using Mac Mail. This takes care of the frustratingly bad search on the ProtonMail apps and it also allows me to use a single platform to do all my email communication from.

The platform is improving by the day and as more people start paying for the service they’ll get better and better.

🔍 Google Search alternative: DuckDuckGo

DuckDuckGo is an excellent search engine and it’s getting better each month. No, it’s probably never going to rival Google’s speed and power, but it certainly is a superb, free alternative. They don’t track, store or share your personal information, so they don’t have anything to sell or share with third parties and advertisers.

DuckDuckGo

We share a ridiculous amount of private information, without thinking, with search engines. Information that most of us probably won’t share with even our most trusted confidants. I challenge anyone who tells me they don’t care about privacy to send me their browsing history or allow me to constantly check over their shoulder what they’re searching for ;-)

Duckduckgo traffic

If you’re still looking for reasons why you should use DuckDuckGo, read this Quora response by their CEO. You really should give it a go for a few weeks and see for yourself.

Setting up DuckDuckGo

  1. Set it as your default search engine on your desktop and mobile browsers.
  2. You’re all done!

If you ever feel the need to use Google search, consider using a second Google account set up for that purpose using your browser’s private/incognito mode. You can even use DuckDuckGo to search on Google through bangs (and here’s a longer list of useful hacks).

Another honourable mention here is the technical, computational-knowledge search engine: Wolfram Alpha.

🌐 Google Chrome alternative: FireFox

The fewer Google products you use, the less you’ll notice or miss them. They are fantastic, free products and most of them are beautifully integrated into each other to make for a seamless experience when navigating online life. But, as mentioned ad nauseum above, to me those benefits aren’t enough to willingly give over reams of my personal information.

FirefoxSince the majority of my Internet use is through my browser, I gave extra attention to cleaning up this department. I used Firefox for years when it came out, but at some stage, Google Chrome just became the default on my machine and I stopped using it.

Mozilla Firefox is one of the oldest, fastest and most-trusted internet browsers. The team is serious about privacy, it supports a horde of useful extensions (including a bridge to use Chrome extensions) and you can keep all your browsers, tabs and bookmarks neatly synced across devices. I’ve deleted Chrome a few months ago and haven’t missed it at all.

How to (properly) set up Firefox

  1. Download and install the latest version from Mozilla: https://www.mozilla.org/
  2. Set it as your device’s default browser (and make sure DuckDuckGo is the default search engine)
  3. In Firefox’s preferences, tighten up your tracking preferences:
    Firefox tracking protection
  4. Also make sure your Security settings are:
    Firefox security
  5. Consider adding the following extensions for increased privacy:
    HTTPS Everywhere
    Privacy Badger
    DecentralEyes
    AdGuard (more on this below)

💥 extra! ways to get even more secure

Get a VPN

If you don’t want to risk sharing your web traffic with your employer, Internet service provider or anyone else, you should consider using a virtual private network (VPN). With a VPN,  all your web traffic is encrypted and sent in a tunnel to a remote server – it can’t be intercepted and read between your machine and that server, from where you technically then connect to the Internet from. Even if your data was intercepted between that server and a website, it would look like the connection came from the VPN server, not your IP address.

If you’re travelling and connecting to random hotel and airport networks, you can be sure that there are malicious actors trying to intercept your web traffic and using a VPN will greatly help keep you from prying eyes. Also, since a VPN changes where your connection comes from, you can change your IP address to use streaming services that are only available in certain countries.

Which VPN to use?

I’ve been a happy PureVPN customer for many years now. They support iPhone, Android, PC and Mac devices and offer excellent support when you’re experiencing issues. There are many other ones, just do some research.

Use a password manager

Not necessarily a way to keep things more private, but definitely a way to keep things more secure. LastPass integrates nicely with both desktop and mobile browsers, where you can use a unique and strong password for each and every website you access.

The idea is simple: you have a single LastPass username and password you need to remember, and you use that account to generate and store all other passwords. Sure, they can be compromised, but I’d rather take my chances with a company that specialises in online security than my own ability to remember or store a bunch of passwords.

Use two-factor authentication (2FA)

Most online services are secured with a username and password (the first “factor”, something you know). This works well enough, until the next hack, which seems to happen all the time. You see, unless you’re using a password manager with a unique, strong password on every website and app, it’s pretty easy to gain access to your online accounts. If you are using “yourusername” and “Password1” on your online banking, email platform and say, that latest sketchy website you signed up on, you’ve just given away some very valuable information to the sketchy website owner. Even if you only sign up for reputable online services, most banks, mail providers and major social media platforms have been compromised at some stage in the past.

Other than using a password manager to generate and store secure and unique passwords, you should use two-factor authentication. This second factor is a unique code that gets generated on an app (something you have) that is required in addition to your username/password factor (something you know).

The odds of someone getting access to something that you both know and getting access to your 2FA device – usually your smartphone–  is almost. There are even more steps you can take to secure your 2FA device, but just installing Authy is a good first step.

#DeleteFacebook(App)

It’s unrealistic for me to try to completely get rid of Facebook. Despite their privacy scandals, business model and the insane trove of personal information they sit on, it’s a very useful and valuable way for me to keep in touch with my family and friends around the globe. I can however –until they come up with a paid monthly plan instead of advertising to me– limit what information they collect.

Here are some useful steps to take:

  1. Delete the mobile app, since it can technically track many things (like your location, microphone audio and the like) and you can’t control what information it presents to you (like ads).
  2. Access Facebook at www.facebook.com through a browser with ad blocking and anti-tracking extensions (now available for both desktop and mobile browsers – more on that below).
  3. Tighten your privacy settings by going through this Facebook privacy checklist by Mozilla.

Ad blockers

I’ve tried most of the big-name ad blockers, both the free and paid ones, and I’ve settled on AdGuard. Other than just blocking ads, they monitor for all suspicious traffic and have advanced features like warning you when websites or apps use your device to mine cryptocurrencies.

Oh, here’s a neat little trick to get a lifetime license for only $8.50.

Ad blocking and increased privacy on your iPhone browser

Despite Firefox being my browser of choice on my Mac, I don’t currently use it on my iPhone. This is because Apple restricts the features and abilities of third-party (as in non-Safari) mobile browsers. This might change in future, but for now, this is what you need to do:

  1. Install AdGuard for iOS
  2. Reinstall Safari (if you’ve deleted it)
  3. Go to Settings > Safari make sure you check/uncheck the relevant settings below. Note that I’ve enabled Adguard under content blockers. I tried blocking all cookies for a while, but too many websites didn’t work anymore and I had to change it back.
    Safari settings

 

📖 Further reading

 

About the author

Werner van Rooyen

Formerly Business Development and Marketing at the fast-moving Bitcoin Exchange, Luno (South Africa, Nigeria, Malaysia, Indonesia, Singapore and Europe). Currently travelling and doing research on a round-the-world trip.

4 comments

  • Nice article dude :)
    You should check out Privacy Badger if you’re using Firefox too, or take a look at Brave Browser. I’m trying to move over from Chrome but it’s still a little buggy. It’s a great browser with privacy and no advertising built in.

    • Ah, yeah, thanks Jeff! I’ll add Privacy Badger to the list (I’m also using it). Brave was a bit buggy and didn’t support enough extensions initially when I tested it, but might be worth another try, they’ve really come a long way.

  • Nice Post, also consider:
    – FireFox Containers: https://support.mozilla.org/en-US/kb/containers (a way to split your accounts and keep Google/Facebook out of the rest of your business)
    – FireFox Focus: A privacy focused mobile browser (I use it as my default, when I want advanced features I switch back to FireFox)
    – LastPass, if you are really wary of your passwords being stored centrally you can always add a short common string to all your generated passwords (that you don’t save in LastPass) – so even if your account gets compromised there is still another small piece that needs to be added manually (not fool proof but it might buy you time if nothing else)
    – Boxcryptor, (I have not used it yet) – looks like a promising way to make sure those cloud providers don’t read your stored files (without encrypting a big blob that needs to be uploaded in its entirety every time a small file changes)

By Werner van Rooyen

About me

Werner van Rooyen

Formerly Business Development and Marketing at the fast-moving Bitcoin Exchange, Luno (South Africa, Nigeria, Malaysia, Indonesia, Singapore and Europe). Currently travelling and doing research on a round-the-world trip.