One of the most common questions I get from people who are starting to realize the need for personal privacy is, “Where do I start?”
To better answer that question for yourself, it can be helpful to build out a simple threat model by considering what data you want to protect, whom you want to protect it from, and how much trouble you’re willing to go through to protect it.
Seth For Privacy is a privacy educator who hosts the “Opt Out” podcast. He also contributes to the Monero project, an open-source and privacy preserving cryptocurrency. This article is part of CoinDesk’s Privacy Week series.
While this question is not one I can answer for you, here is how I would do it if starting from scratch in my privacy journey today.
Please remember that not all threats are equal, and not all people have the same priorities – so be sure to take what is below (especially the order!) with a grain of salt and try to assess the best path for you.
1. Find a privacy-loving community
This is not a technical solution but is by far the most important step you can take. Having a group of people around you to support you, give solid feedback and bounce ideas off of is an essential aspect of a successful journey towards privacy.
A community of like-minded peers concerned about privacy can help with the psychological burdens – nihilism, loneliness, hopelessness – that can come with falling down the privacy “rabbit hole.”
Before you go any further, this should be your first priority regardless of your own personal threat model and needs.
Techlore’s Discord server, the “Opt Out” podcast and “TheNewOil” blog have all been invaluable resources. They also all have “rooms” on the social platform Matrix (here, here and here, respectively), which is a tool you should familiarize yourself with. The Bitcoin Freedom and Tech Matrix room also deserves a special plug, and is broader in scope than just the intricacies of Bitcoin.
2. Use a privacy-preserving browser
This step might appear daunting if you’re used to the conveniences of Google Chrome, for instance, but in the data economy, convenience comes with privacy trade-offs.
Thankfully there are excellent browser alternatives. As we spend more and more of our lives online, a browser that is more privacy-preserving by default or being able to “tune” (configure) a browser you already use can be a huge win in decreasing the amount of data that third parties collect about you. A few choice browsers:
Firefox is one of the most popular browsers. The “Yet Another Firefox Hardening Guide” will walk you through the process of tuning your browser. It’s very straightforward, and only needs to be done once per computer.
Brave Browser has some excellent defaults but takes some odd approaches (like cryptocurrency ads all over the place and built-in cryptocurrency wallets which aren’t helpful to most people). The Anonymousplanet.org guide shows you how to make it a bit more privacy and secure.
Ungoogled Chromium takes the best of Chrome Browser and strips Google from it, making a very compelling and very fast browser. It can be a bit tricky to get and keep updated on some operating systems, and extension installation and updates are a bit of a pain, but it’s a great option for those who are hardcore but still like the Chrome web engine.
There are also a series of extensions that bring privacy with the convenience of a download.
uBlock Origin is available for all of the browsers mentioned above. It goes far beyond just blocking ads, and handles a wide swath of ad, tracker and script blocking in a way that is very rarely detrimental to the browsing experience. It’s an absolute must install, no matter which browser you choose.
LocalCDN helps to improve privacy by replacing potentially dangerous pieces of websites with vetted and safe local ones, reducing network calls and the risk of compromised assets being delivered by web pages. It’s similar to Decentraleyes.
The password manager extension you download will depend on the password manager you choose in the next step, but I highly recommend installing one, where available, for simpler autofill and password management when browsing.
3. Use a password manager
While this step isn’t technically privacy related, properly securing your passwords will lead to much better privacy by reducing the amount of data leaks and hacks you experience as a result of stolen or leaked credentials. Password managers make it extremely simple to manage usernames and passwords across all of the sites and apps you use without needing to reuse these credentials.
Migrating to a password manager is also a great chance to think twice about which accounts you actually need, and close those you don’t.
Bitwarden is what my wife and I use. It works very well, is open-source, cross-platform and can be self-hosted if desired.
KeepassXC is a well-respected FOSS (free and open software) password manager. It does not sync across devices natively but works well and has a solid history.
4. Use a privacy-preserving email service
The process of switching email providers is a long and quite involved process, so should preferably be done after improving your browser. Having a password manager handy will help in migrating email and passwords.
Privacy-preserving email providers generally use native forms of end-to-end encryption (E2EE) whenever possible, and prevent them from reading your mail. They’re vital in reducing the data available about your communication, shopping, job hunting, etc. to invasive companies like Google and Microsoft.
ProtonMail is probably the most well-known name in the privacy-preserving email space, and for good reason. It has many solid features out of the box, a usable free tier and great cross-platform clients to go with a long history of supporting user privacy.
CTemplar: I personally prefer and use CTemplar, as I appreciate their pricing, approach to privacy, mobile app (in F-Droid) and their acceptance of Monero directly for payments.
While I haven’t used Tutanota, many people I trust do. They also provide steep discounts to FOSS and non-profit organizations, so it’s well worth a look if you happen to be a part of either of those.
See also: Monero: The Privacy Coin Explained
5. Use a privacy-preserving search engine
This step can seem quite annoying at first as none of the privacy-preserving search engines are quite as fast or complete as simply using Google, but the data you provide to a search engine tells a lot about you and removing that is a key step towards reducing your digital footprint.
Each of the alternatives have some key pros and cons and are really up to personal choice. I recommend trying them each for a day or more as your default and see what solution fits you best.
DuckDuckGo uses Bing results on the back end and is one of the more polished and faster user experiences in the space. They’re one of the easiest to switch to, for sure.
I host a public instance of Whoogle and really appreciate the ability to get Google search results without revealing my IP address and the extra bloat of Google searches. It’s quite easy to self-host, if desired.
6. Switch yourself and your friends/family to a more private messaging service/app
Getting the people you chat with most to switch messaging platforms is difficult. However, to get the most benefit, you’ll have to try your hardest to get them to jump ship with you. This is made all the more difficult in that there are so many options – an experience of decision paralysis often made worse by the “messaging wars.”
Thankfully, I was able to get all of my friends and family to switch to Signal, but I know that’s not always possible.
Introducing a private-by-default and E2EE messaging app into your workflow helps prevent self-censorship, surveillance and state censorship in private chats, and is an essential tool to liberty and freedom over the long run.
Signal has the brand recognition it does for a reason: It’s extremely easy to use, easy to onboard new people and has a similar core feature set as most other default messaging apps. It’s not perfect. But it is an incredible tool and has been a huge boon for the privacy and free speech movements.
Note that Signal does require a phone number to use. That comes with the important ability to handle SMS natively in Signal, making it an extremely capable iMessage replacement and a much easier sell in the U.S. where SMS is still quite popular for some reason. While linking a phone number can be detrimental if pseudonymity or anonymity, this does not harm or reduce the encrypted privacy provided by Signal.
See also: Signal Messaging App Launches MobileCoin
Threema takes WhatsApp’s template and orients the app around preserving user privacy, including end-to-end encrypted chats, voice messages and other features by default. It also drops Signal’s phone number requirement, which is a big win for pseudonymity.
I tend to use Signal with people I know personally, and Threema for chats with people I do not know.
7. Use a more privacy-preserving form of money
While cryptocurrencies like bitcoin are commonly considered private or anonymous, this is a misnomer. Most cryptocurrencies are not privacy preserving by default, and merely enable fragile pseudonymity at best. With this in mind, here are a couple recommendations for using cryptocurrencies while staying private.
Use Monero. Monero is a privacy-preserving cryptocurrency that shields information about senders, receivers and amounts by default. If interested, these two videos (here and here) helped me get started while “Monero Outreach” provides a feature-by-feature breakdown.
Use Samourai Wallet for Bitcoin. Samourai Wallet is by far the best way to use Bitcoin, in my opinion, and enables fairly easy-to-use and approachable privacy on Bitcoin. While privacy on Bitcoin can be extremely fragile and difficult to achieve, Samourai Wallet makes it as simple as possible, keeps fees down and has a long track record. BitcoinQnA’s in-depth guide to bitcoin mixing, EconoAlchemist’s guide to wallet use and “Opt Out” podcast’s breezy walkthrough are fine places to start. You might also want to check Samourai’s code.
8. Use a non-logging and trustworthy VPN provider
VPNs (virtual private networks), often get a bad rap as there are so many malicious and predatory providers out there and even more that force cheesy advertisements on YouTube videos. VPNs as a tool, however, can be invaluable.
Using a VPN that does not log user traffic is a great way to shift the trust from your network provider (home ISP, mobile carrier, etc.) to a trusted third party that doesn’t have your personal information or home address.
When selecting a VPN it’s extremely important that you do your own research and come to your own conclusions. You might start by asking the question, “Do I need a VPN?” Then ask what’s Tor, and how does it compare to a VPN? At some point, you may even ask, “what’s a second realm?”.
Here’s a handy VPN toolkit, but I will recommend two VPNs as starting points:
IVPN has a trustworthy team, incredible cross-platform clients and a strong reputation that has survived external audits. They’ve been extremely honest about the shortcomings of VPNs generally – and in the spirit of full disclosure, sponsor my podcast.
Mullvad is a VPN I have long recommended and used, is well trusted by many in the privacy community and has a long track record of caring deeply about user privacy and not logging user traffic.
9. Use a privacy-preserving mobile operating system
This section is a bit more drastic than the others, but switching to an operating system that is designed around protecting user privacy gives you a strong foundation for all of the other steps to live on top of and enhances their effect – and often makes them easier!
I’ve run it for almost a year and found it to be an incredibly powerful tool. It takes the open-source Android operating system created by Google and strips the tracking scripts out of it, then builds it back up with a focus on user privacy and FOSS app stores (like F-Droid). For more on CalyxOS and my experience/recommendations, see my blog post “Switching to CalyxOS”.
Depending on your threat model, an iPhone can also be a solid approach to gaining strong third-party privacy due to Apple’s long-standing commitment to consumer privacy. That said, you may be protected from third-party data collection on an iPhone, but not from Apple’s prying eyes.
10. Use a more privacy-conscious desktop operating system
For Linux to seem attractive, you’ll likely have to be a bit deeper down the privacy and self-sovereignty rabbit hole. Things are getting better each year, but switching operating systems still requires some extra know-how and dedication.
However, the switch is well worth it. I switched entirely to running Linux on both my desktop and laptop without serious issues. I use the Pop_OS! Linux distribution (distro) on all my computers. It’s based on Ubuntu and provides sane defaults, a powerful app store and consistent and stable updates.
System76, the company behind Pop_OS!, also sells their own laptops and desktops that are custom-built for their software. The best thing about Linux is it’s almost infinitely configurable.
While I haven’t used ZorinOS personally, it’s “easy to switch” approach makes it quite attractive. I’ve heard from trusted sources it really is the easiest jump away from Windows or macOS. And, if you’re willing to pay, you can get a lot of extra features, support and bundled apps.
While the above list is certainly not the be-all and end-all of privacy, I hope it shows how straightforward a privacy-conscious journey can be. The first step is just to start thinking about why or how you might want to improve your privacy – taking an account of what you value and perhaps ditching the so-called conveniences of modern life that you pay for with your most trusted information.
It’s a deep rabbit hole – but if you ever have questions on your journey (or about this post) you can reach out via Twitter, Matrix, Threema or email.