Many of you may not be aware of this That One Privacy Site’s origin. For those who aren’t: a few years ago I got serious about my privacy and while moving away from proprietary software and services, I started moving towards using FOSS ones (VPNs being a large and trouble-infested corner of this realm). Through my own search for answers where privacy was concerned, I did a lot of research, specifically in the realm of VPNs. I decided to share my results to help others, and what resulted was the start of a snowball.
I was recently thinking about that experience and I believe people may be interested in how that went and in some general lessons learned from it. While I’ve shared many of these thoughts piecemeal in private messages and online – I really should share these thoughts more formally here as I’m sure others often have the same experience and could benefit.
Don’t Get Overwhelmed
You may have started your journey already, and been scared off. The world of privacy is complicated and there’s enough there to spend years becoming an expert. Understanding many of the tools and services that you will encounter isn’t easy. (So much so, the process of learning what a VPN is and which one is the best for you can turn into its own research project!). Take a breath and understand that you may get frustrated and intimidated, but don’t let that discourage you from taking steps towards reclaiming your rights. Much of the legwork has been done and there are some great people and resources, you just have to know where to look and be willing to sacrifice some comforts you may be used to.
Choosing to get started is important. Baby steps are critical. I started thinking I was going to pull the plug on my old habits immediately, and start just using FOSS replacements for absolutely everything from day one – my heart was in the right place, but really this was naive. The whole process is STILL ongoing years later. You may find that there are tools you use that just can’t be functionally replaced, or even ones that you wouldn’t normally think about (something as simple as which keyboard app you use on your phone). Take it one step at a time. Make a list, update it as needed – But the important thing is to do SOMEthing to progress towards greater privacy.
When I was looking for suitable software, I started my search on a handful of sites (including the excellent privacytools.io and prism-break.org). I made a list of just about everything I used that I probably shouldn’t have been, and then next to it, I wrote down good software to replace it. alternativeto.net is another good site for this, that will allow you to find a candidate for a specific tool that you want to replace. it lets you specify the platform you’re using and that you want something FOSS as well. On average, I probably tried 3-5+ different tools/services for each one I was replacing. (VPNs being an exception – between reviews and my own experimenting, I’ve used somewhere between 50-100 at this point, but you don’t have to go that far)
While privacy started off as a chore, it soon turned into a hobby. My eyes were opened during my initial research, and continue to be as time goes on. When I am around coworkers and family members, I find myself speaking up more. Sometimes this involves mentioning privacy / security breaches in the news – of services they never thought twice about entrusting their data to. I especially cringe when I hear talk about buying gifts that spy on the recipient or somehow compromise their privacy. I find that most people never even think about this stuff, and it’s the first step to getting them to care about their own privacy. Not everyone is going to listen but I feel like making people aware is important.
Understand the Landscape
People who care about their rights are rightfully protective of those rights, and are likewise suspicious of perceived attempts to quash them. Sometimes this goes too far, and people get overly conspiratorial and may be prone to overreact – this was the main reason I even decided to not play my April Fools Joke (link – https://thatoneprivacysite.net/2018/04/02/simps-for-safety/) last year, obvious as I thought it was. Sometimes it doesn’t go far enough and people can’t discern the true intentions of a company or “expert”. In the case of the latter, consider their track record and whether their interests are truly aligned with yours.
Example: A tech blog posts an article talking about a privacy service. Are they endorsing the product because they discovered it’s just the best tool for the job and everyone needs to know about it? Or does the company in question want to have their cake and eat it too, by disguising an ad as real content. This is probably one of the biggest pitfalls I see. People trust big and popular tech blogs and many if not most make their money from the companies they write about.
Another example: A big tech company that has historically been non-transparent, and locks their users into a proprietary ecosystem, starts talking about privacy and how their competitors don’t offer it. Are they really being privacy conscious? Or are they trying to leverage a topic that has recently turned up in the news to get free press?
Keep Up On It
Staying aware of what is happening in the world of privacy is an important part to being knowledgeable – the solutions you find today may go stale in time. I found that subscribing to a handful of subreddits and paying attention to developments there every day gave me a leg-up on my own education. Subs like /r/privacy, /r/privacytoolsio, and so forth are well moderated and in my experience have been good for this. They often feature information regarding anti-privacy laws to be aware of, how some types of technology are potentially a threat, etc.
It Takes Time
In the end, the thing to remember through it all: This journey takes time. Like anything else, to get “good” at it, you must practice – there’s so much you COULD do, but for most people, the above steps are a good place to get started.