I would like to share with you
this article I wrote last year to guide privacy beginners and more advanced alike towards improving privacy online using easy, accessible, and slowly incremental steps.
I tried to build it so
it would be encouraging and easy to follow in a casual way. In incremental order or not.
No prior knowledge required! πβ
I hope you find it helpful :awesome:β
You can't be respecting people's privacy if you are using, retaining, or sharing their data without their explicit consent. And true consent needs to be a true choice. Keep this in mind βοΈββ¨
Tiny Privacy Tip About Compartmentalization ππ¦π¦ββ¨
In privacy, we hear a lot about hiding identities
but we less often hear about separating identities.
Sometimes, it's not always possible or even useful to hide all of your data. Sometimes, you need to be public.
For example,
you might have to share your name and face publicly on LinkedIn for work πΌβ
Separating this professional identity from your personal one can be greatly beneficial to your privacy (and security and safety).
Here are a few simple
things you can do:
Use different pseudonyms or even just different spellings for your "professional name" and your "personal name" ποΈβ ποΈ
Use different email addresses for profesionnal and personal βοΈβ βοΈ
Use different social media accounts that uses different profile pictures (ideally with very different styles) :mastodon:β :mastodon:β
Use different cloud services for your personal data and your professional data βοΈβ βοΈ
Try to be as consistent as possible about how you present yourself online with each identity :blobcatpenguin:β :blobfoxtotallyablobcat:β
How much you want to link or separate these identities depends on the time and resources you are willing to invest. The greater the separation, the more your privacy will benefit. But even a little is better than none :blob_raccoon_peek:β
As end-to-end encryption becomes more popular (yay! :rainbowdance:β),
Celebrate yes,
But also remain skeptical about how this word is used and if this claim warrants your trust.
Do not trust blindly.
End-to-end encryption is a wonderful protection when well implemented. But not all apps that use end-to-end encryption are equals.
Verify that:
The provider is trustworthy :blobcatthinkingglare:ββ
Trustworthy third-parties have verified and confirmed the provider's claims πβ
Metadata is also encrypted and/or that, ideally, its collection is minimized :blobcatpeekaboo:β
Solid security measures protect the data as well (For example, if your data is end-to-end encrypted from your password but your password is vulnerable then your data is vulnerable as well) π‘οΈβ
Encryption is truly end-to-end, meaning only the sender and the receiver can access the data and nobody else β:ablobcatpeek:β
Finally keep in mind that even if a service uses minimal encryption (for example one that still collects a lot of unencrypted metadata) it is still better than the same service using no content encryption at all,
BUT there are almost always much better services that offer truly complete and well implemented end-to-end encryption for their services.
Always favor the latter when you have a choice πβ¨
The number of people for whom #encryption and #privacy will be a matter of life or death is increasing and this trend will only continue to intensify.
For the sake of your #safety and that of your loved ones, please prepare now.
This needs to be a pervasive conversation people keep hearing from every direction so they realise this is real and not some paranoid nerds just being weird.
Start refusing to discuss sensitive topics through insecure means. Don't allow people to endanger themselves.
And honestly, out of all these tools, probably the best is that there are communities of incredibly knowledgeable and skilled people researching, developing and advocating for better security and privacy, and lots of people who are happy to have conversations and answer questions.
Sometimes, people in the privacy field spend a lot of time debating what is the best privacy-respectful product for this or that.
This is all good and important, but itβs even more important to not forget that we all fight in the same direction. Every improvement from the current data-greedy ecosystem is to be celebrated.
Leave the competition fights to Big Techsβ’οΈβ
Right now we all need to fight together not each others.
Privacy is about the right to choose what to share with whom, where, and for how long.
For example, one might be comfortable sharing photos of their face on the public internet, but not photos of their body, or vice-versa.
Privacy also has modularity πβπβ
For example, one might be comfortable sharing their face on a locked Mastodon account, but not on Instagram. What they feel comfortable sharing might vary from one context to another.
It should never be assumed that because someone shared some information on a certain platform or at a certain time, that there is consent to share it elsewhere or at a later time without prior explicit consent.
Privacy levels may vary per individual, per place, and per time π€ :mastodon:β πβ
Privacy is about Consent,
and Consent, in this context, is about control over one's personal data.
Consent to share should always be revocable at any time. Data deletion and the Right to Erasure should be universal.
Privacy is a Human Right, and by integrating these concepts in our values and technologies, we will all benefit πβ¨
Saturday is a wonderful day to start decentralizing your social media!
If you are new to this,
and wondering what the hell Iβm talking about, reading this short section can be a good way to start learning about the Fediverse!
If you are ready to step up your communicationβs privacy, I wrote a comparative review of 4 instant messaging services offering end-to-end encryption:
Signal, Threema, iMessage, and WhatsApp
For each I describe what data they disclose collecting, what data is encrypted, and what data is not: