Practical Privacy Tips
Once a secret is shared it is no longer private and in your control.
Intro Privacy is one of my favorite topics to write about and discuss. Today I want to talk about what you can control and how. This article is meant to inform anyone who values their privacy. Ideally anyone who works in journalism, consulting, or other sensitive jobs could find this advice useful.
You Don’t Control Everything You do not control every aspect of your own privacy, at least not anymore. You do not control the privacy of the information you give to third parties including, but not limited to, Facebook or your bank. There are three truths I want you to understand. The first truth you need to understand is that you cannot and do not control all things private. The second truth is that it takes some work to control your privacy. The final truth is that your privacy can only be guaranteed to yourself. The moment you share a secret with someone else you have lost control of that secret; that is the final and most fundamental truth of privacy.
Decide What to Control There are some privacy-related items in your control. You can control what you share on social media. You can control who can read your emails and private messages (to the extent of your partner sharing them further). The following subjects discuss methods available to you to allow more control of your privacy.
Email Email is both transported and stored as plain text. As your messages bounce from server to server, copies are made and stored for reliability. Ergo, if you want your emails to remain private you need to encrypt them in some manner. The simplest way to go about this is to sign up for an encrypted email service. ProtonMail, for example, is a well-known encrypted email service. You can also utilize a stand-alone email client and combine it with PGP to encrypt and decrypt emails. I use Thunderbird and Engimail (PGP), for example.
Messaging Text (SMS) messages, Facebook messages, and Twitter direct messages are in no way, shape, or form, secure. Your phone provider and social media service providers can and will share your private messages with the State when requested or served a subpoena. If you want to have private conversations then you need a decentralized messaging app that has encryption on by default. I recommend Signal for this use.
Browsing History Your browser history contains a lot of useful information. I recommend a few techniques to protect this information: Utilize Private or Incognito mode when you want to prevent the history from being recorded, then utilize a VPN or a Tor client to encrypt your network traffic. This prevents your internet service provider (ISP) from monitoring your browsing information (yes, they can and will track and sell this). Be warned: VPN providers will often keep connection logs and can and will cooperate with the State. I use NordVPN for my provider as they have been audited to confirm that they do not keep identifiable log data.
Multi-Factor Authentication The simplest way to protect your privacy? Keep people out of your various accounts by creating strong passphrases and enabling multi-factor authentication for your online service accounts. Private data cannot be disclosed if the bad actors cannot gain access to it.
Full Disk Encryption (FDE) Finally, you should protect your data by ensuring your devices are configured for full disk encryption. Full disk encryption is built into Microsoft, Apple, and Linux operating systems. Mobile devices and tablets should be configured to wipe all data if the unlock process fails too many times.
In closing, protecting your privacy does require some work. Remember that your privacy only extends as far as you are willing to keep it private. Once a secret is shared it is no longer private and in your control. Define what you want to control and find the right tool for the job.
Want to reach me securely? You can find me on Signal or send me an encrypted email.
Signal: 616-745-6914 To send me an encrypted email you need my public key. Make sure you send me your public key at the same time so I can decrypt your message. Send the email to richard [at] maloley.me. You can also reach me on ProtonMail: richard.maloley [at] protonmail.com