Chapter 40½ - Your Guide to Privacy #
" Arguing that you don’t care about the right to privacy because you have nothing to hide is no different from saying you don’t care about free speech because you have nothing to say. "
- Edward Snowden, in his Reddit AMA
Privacy online is a joke. No matter what you do, you’re still going to be tracked so much that advertisers and the big tech companies (Facebook, Google, Microsoft, etc.) all know way more about you than you’d like. Data brokers will find out more about you than you can imagine. Technically, most of these companies will provide various opt-outs. Realistically, you shouldn’t expect these to stop anyone. You can be 110% your data is being sold. So, what can you do?
Acknowledge you can not win, but you can still fight back.
Don’t buy smart-XYZ devices. No smart bulbs, toasters, fridges, ovens, thermostats, TVs, or doorbells. And, look, I get it. Each offers a pretty legitimate convenience. But between the ability for companies to change a one time payment into a subscription after purchase, devices phoning home even if you don’t connect them to your Wi-Fi, and IOT cameras letting police in without a warrant I think it’s pretty clear they don’t respect you as a user. Where you draw the line is a personal choice. Obviously, it’s hard to function without having a
Internet connected camera, microphone, and GPSsmartphone in your pocket. But what about a smartwatch? Do advertisers need to know your heart rate, how hard you’ve been trying to work out, or how many steps you got in each day? What can be derived from all this data combined? Can they see if you’re on your period or currently sick to advertise pads or drugs directly at you?
For the love of fuck, don’t buy a smart speaker or anything Alexa enabled. I honestly can not believe I have to say this.
Block as much shit as you can. Ads and trackers and cookies may not all be malicious, but enough are that the ad industry dug its own grave: block their dumb asses. You won’t ever get full coverage, some things will slip though, BUT setting up a Pi-hole, using uBlock Origin (or adnauseam), and DuckDuckGo (until you need Google, but defaulting to DDG helps) makes for a good start. You can also prevent your ISP from collecting your traffic by using a VPN or TOR, though that may result in some sites not working and you’re really only adding yet another middle man. Do make sure everything uses HTTPS though, and, if you’re feeling extra nerdy, consider setting up DNSCrypt too.
Delete, Opt-Out, or Lie - Much like reduce, reuse, recycle, this order matters. Delete anything you don’t need, don’t use, or don’t trust. If you don’t use Facebook for anything other than talking to people you don’t like and seeing when someone you haven’t talked to in a decade has a kid, delete it. If you trust a service’s Opt-out functionality, do so! Yeah, it’s bullshit that you have to opt-out instead of opt-in in the first place, but for now that is what it is. Dig through settings on everything you can and turn off all that tracking, spying, bullshit. Go into your browser settings and turn on ‘Do Not Track’ for the approximately 0% of site’s that respect it. Go into your Google settings and turn off and clear location history. Do all of this about once a year, as this shit will re-enable itself. It’s really only about an hour of diving into settings to stop like 75% of the bullshit.
From here, the “This is a pain in the ass” levels starts to surpass what most people will deal with. This is by design. But, if you really care about your privacy, this will make a significant improvement and might result in you getting less spam calls and physical junk mail as a side effect.
Unfortunately, Opting out requires both that you know who your data is being collected in the first place and that the offending asshats even offer an opt-out in the first place.
A great example of the latter being Clearview.ai, which from Wikipedia is “an American facial recognition company, providing software to companies, law enforcement, universities, and individuals. The company’s algorithm matches faces to a database of more than three billion images indexed from the Internet, including social media applications”- Basically, they stole your face from Facebook, Twitter, and everywhere else, and sell the ability to have a computer recognize you to law enforcement. They’re assholes, selling to a huge list of other assholes. Want to opt out? Hah, no. Not unless you live in Illinois or California, the only states to pass legislation telling them to fuck off.
So… What can you do? Well, if you’re serious about it, you can plow though this “Big Ass Data Broker Opt-Out List”, and This list, and this opt-out tool, try to Opt-Out of as much as you can. Or you could pay out the ass for a service like DeleteMe or PrivacyDuck to do this shit for you, not that I really trust them to be all that through, and there’s some they can’t really remove you from in the first place. But ultimately, you really can’t stop it and you’ll just be opt’d back in when these companies change hands or restructure or just feel like it. If you want to use the internet as normal- using YouTube and Twitter and Reddit - you’ll just have to acknowledge to some extent you’re stuck with it.
Some of the optouts are also a massive pain in the ass, for example, to opt out of letting Google use your Wi-Fi name for determining location, you have to change your Wi-Fi’s name to end in
_nomap, and to make matters worse, you need to put
_optoutin the name to get out of Microsoft’s Wi-Fi tracking garbage, but,
_nomapneeds to be at the end, so that means your SSID has to be something like
MyCoolWiFiName_optout_nomapwhich means that making the choice to opt-out means you don’t get to choose your Wi-Fi name.🤦♂️
That brings us to Lie. If you can’t Delete and you can’t opt-out then you can still lie. To lie, you must first try to delete the truth. Search how to reset your advertising ID on as much as you can(1), log out of everything, delete all your cookies, then use tools like ‘Track This.’ to ‘seed’ your new identity, and add something like Noiszy (or this python based web crawler) on top to keep the history polluted. Unfortunately, this still isn’t enough because as soon as you log back into Facebook, Twitter, Google, YouTube, etc. your identity will be re-associated. The best way around this is to use a separate browser strictly for social media. Firefox works particularly well, as you can throw Facebook into its own little jail.
Keep in mind, you’re probably used to a pretty tailored experience from The Almighty Algorithm such that most YouTube, Google News, etc. recommendations are probably things you’ll be interested in and agree with (or strongly disagree with, as hate still gets you to read things). If you pollute this ID, you’ll likely get complete shit, as it’s kinda creepy how much the algorithm can figure out the things you like and who you are. If not complete random shit, The Algorithm might just see you as something else entirely, and this can seriously impact what you get exposed to- check out TheirTube for an idea of how bad it gets.
There’s also an ironic point where going to overkill with privacy makes you stand out more. If you don’t get 100% anonymization, you’re going to stand out as one hell of a weird data point. If you don’t get banned from the service for looking weird, you’ll sure as hell be flagged and watched. If you go from Russia to Canada to Mexico in the three page visits, your reported OS and screen resolution change on each, and you block all trackers and ads you can be sure as shit you show up as a red flag. See “The Fantasy of Opting Out” from The MIT Press Reader.
- Or just make a new account dedicated to this false identity. Just make sure to log out of everything first (or use a different browser) otherwise the old account and new account will still be linked, defeating the purpose.
- Or using TOR, a DIY VPN, DNSCrypt, E2E chats, etc. I deemed these a bit to technical for this page for now. I might make a 'for the nerds' section latter, feel free to submit a PR if you think otherwise.
There’s also the point of not being spied on by the government, but at least for now there’s really jack shit you can do about that outside of what’s listed above if you still want to even exist on the internet and not join the Amish in how you use technology.
The Awesome Privacy list on GitHub may prove useful to find alternative tools that aren’t creepy, unlike M$ Office which is starting to detect “employees colluding” even.