The Right to Privacy is enshrined in the constitutions of most functional democracies. To some extent USA, UK, Canada, the EU and India all recognize this as a fundamental human right. But despite what it may seem like to the casual observer, it is rarely presented as an “absolute” right. Simply put, this means that there are terms and conditions attached. Now while the fine print on the Right to Privacy may seem justified, the fact of the matter is that this can often be misused by the government of the country in question, or even by individual malicious actors who are part of the administration, though not necessarily acting on behalf of it.
Governments snooping on their citizens isn’t a new thing. Most countries justify overbearing surveillance on their citizens as necessary for national security (like the USA). Some other countries also talk about how it is necessary to prevent “moral corruption” of their citizens – India, for example has imposed a ban on pornography. While some of these policies are often enacted after tragic events in the face of public outcry – the Patriot Act being signed into law following 9/11 is a prominent example, the long term results can be catastrophic. By their very nature, reactionary responses to tragic events are myopic at best, and ignorant at worst. The result has become a world, specifically, an online world, where privacy is at a premium.
Why Does Privacy Matter?
A common argument that supports government surveillance and violation of privacy is the “Nothing to Hide” argument. It basically states that if you have got nothing to hide, you shouldn’t be afraid. Reality, however, is much more nuanced. A person might simply be uncomfortable with the idea of unknown intelligence officials going through their private data. Alternatively, someone else might be fighting to expose corrupt/illegal activities in a government, where those being investigated might have access to the private information of the investigator. It doesn’t even have to be a nefarious government. It can simply be a private company misusing the data of its users for the purposes of financial gain. The PRISM program proves that even if the company is supposedly morally above board, governments can compel them to turn over private information.
It is difficult to get most people to care about an abstract idea, however, unless it affects them directly. The host of Last Week Tonight on HBO, John Oliver, did an interview with Edward Snowden where he explored a way to get people to care about the idea of privacy. Despite being a comedy show, John Oliver found a way to get people to relate to the importance of privacy – tell them that the government has access to their sexually explicit pictures. Snowden has mentioned multiple times how his colleagues in the US Intelligence Agencies would often look at such private material and treat it like a joke. In an AMA (Ask-Me-Anything) he did on Reddit, Snowden gave the most concise argument against the “Nothing to Hide” statement that is possible –
Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say – Edward Snowden
How to Get Started with Online Privacy
In an ideal world, privacy would be completely guaranteed and its violations wouldn’t be necessary. A slightly less ideal world would be one where we could attain total privacy, if we so desired, with little effort. In the world we live in however, it is very difficult, if not impossible, to attain total privacy. One method is to live in an underground bunker, far away from all human contact and modern technology. But for the vast majority of people who want at least the semblance of a “normal” life with adequate, convenient interactions with other human beings, the best case scenario is to have as much privacy as possible from companies (and by extension, the Government), while still retaining the convenience that comes from the use of modern technology. This guide isn’t aimed at those who are technologically proficient for there are various ways to increase one’s privacy if skill and knowledge is not a factor. For the ordinary person however, those solutions are often difficult to implement and maintain with reasonable effort.
- Operating Systems (OS)
When you buy a laptop/desktop, either someone at the store, or that one “tech-y” friend helps you set it up. Part of the setup process includes the installation of a new OS or the configuration of the pre-installed OS. For the majority of people who use Windows laptops, there is an alternative – a simple, easy to use, free OS – Linux.
Disclaimer – This is where some people may be getting their pitchforks ready with – “Linux isn’t an OS. It’s a kernel.” However, it was explicitly specified earlier that this guide is for those who are novices in the world of tech. Let’s not add more confusion to the fold for them.
So there are a variety of Linux-based OS which one may use. The most beginner-friendly alternatives would be Linux Mint, Ubuntu MATE, Kubuntu. They follow a desktop paradigm similar to Windows 7, which makes it easier for someone to try them out. For those transitioning over from MacOS, ElementaryOS is a great starting point which should feel familiar to them at first sight. All of these will have clearly defined installation procedures on their respective websites. If not, a couple of online searches should yield the desired results. It might look fairly difficult at first glance, but if you follow the instructions and read a couple of articles, it is fairly straight-forward. The reason for using Linux is that it is “free” (as in “free speech”) and “open-source”. Open Source means that the code behind the operating systems is publicly available for anyone who wants to inspect it. This generally ensures that the whole setup is quite transparent and respectful of your data. Unlike Microsoft’s products, it doesn’t have a bunch of telemetry constantly running on your computer. However, if you do need Windows for some specific tasks, you may choose to “dual-boot”. This is basically a way to run both Linux and Windows on the same machine. Most Linux-based OS have helpful forums where you can post your doubts/issues. A major difference from Windows is that most applications are installed from designated “App Stores” much like Android and iOS. Finally, one would be remiss if they didn’t mention that on Linux, updates happen when the user asks for it. It will NEVER shut down your system and update unless you explicitly ask it to do the same. Also, updates take far less time than on Windows.
For most average users who just use the browser, read books, watch movies and listen to music on their laptop/desktop, Linux-based operating systems are a much better alternative to Windows or MacOS. It’s free, usually more stable (especially considering the various issues Windows has with updates), secure and doesn’t violate the user’s privacy. It is also significantly lighter on resources and consequently, “feels faster”.
- Browsers and Add-Ons
There are various privacy focused browsers which may not necessarily be the most convenient for day to day tasks. In the world of browsers, privacy and security are often at odds with one another. The recommended browser would be Mozilla Firefox, which is a mainstream browser with far superior privacy to Google Chrome (or Opera, Vivaldi, Microsoft Edge), while still having a large army of developers behind it that maintains security. There are a few settings that one may change in Firefox to increase privacy. The linked article also mentions a lot of changes and add-ons, not all of which are required for beginners, and some of which may cause issues which actively hinder their usage of Firefox. The add-ons that are important, and which one may install and leave untouched without fear of hindering functionality are – uBlock Origin (an ad-blocker), Privacy Badger, Facebook Container and Multi-Account Containers. One may use uBlock to white-list certain sites (which basically allows them to show ads), if they like the content of that site and want to support the creator. Facebook Container helps to isolate Facebook in the browser and prevent them from tracking a user. In the light of all the data-breach and privacy-violating scandals at Facebook, this is a severely important add-on. Multi-Account Containers allows you to create containers for any specific site or set of sites thereby isolating them from the rest of your browser activities. It comes with a few default containers for work, banking, e-commerce etc.
- Email Providers
Gmail is the most popular email provider in the world, but Google earns most of its income through personalized advertising by using its users’ data. They were also implicated in PRISM, and as a result, aren’t very trustworthy when it comes to matters of user privacy. Microsoft, Apple and Yahoo are pretty much in the same boat. It is a good idea to use the email services of providers who offer End-to-End Encryption and Zero-Access Encryption. The recommended email services are – Protonmail and Tutanota. They both have their strengths and weaknesses, although it is the opinion of this author that from a purely privacy based standpoint, Tutanota is superior. However, Protonmail might feel more familiar to those used to a Gmail based workflow and who spend many hours a week in their inbox.
- Cloud Service Providers
Google Drive, iCloud, Dropbox, OneDrive are among the most well-known cloud service providers. By some distance, the most popular alternative to these major companies is Nextcloud. It can be run as a self-hosted instance or by using one of many providers that offer Nextcloud based products. Nextcloud is quite feature rich, open-source and respectful of their users’ privacy.
- Search Engines
Google is far and away the most commonly used search engine in the world, to the extent that “googling” is used interchangeably with “searching something online”. There are several alternatives which do a pretty good job – StartPage, DuckDuckGo, Searx. They all have strong commitments to privacy and don’t collect personally identifiable information on their users.
- Communication Apps and Services
Encrypted Messaging, Voice and Video Calling is of utmost importance in today’s world. Signal is possibly the most robust, privacy focused app out their which offers all these features – for both desktops and mobiles. There are a few open-source Slack alternatives as well, however, since this author has never used them, they can’t be recommended in good conscience.
- Password Managers and 2FA
Most people create passwords that contain words and numbers familiar to them so that they can be easily retained in their memory. These passwords are often re-used from service to service. This is an extremely insecure system and opens users up to “dictionary-based” or “social engineering” attacks. A password manager offers a way to generate and use passwords for all your services. The generated passwords are a combination of arbitrary alphanumeric and special characters, which makes it harder to simply guess for any potential attackers. The only password the user has to remember is that of the password manager itself. There are 2 major recommendations here – KeePass (or its fork, KeePassXC) and Bitwarden. The use of 2-Factor-Authentication is also important. Most major services offer a 2FA option. It ensures that even if someone gets access to your passwords somehow, they need a specific code to be able to log in. While it makes logins slightly more tedious, it offers a lot more security than the hassle it causes. After all, everyone thinks their data can’t be compromised, until it is.
- Free and Open-Source Software
Finally, a word on Free and Open-Source Software (FOSS). A general guide on selecting good quality, privacy respecting software is to see if it is FOSS. FOSS refers to software that is “free” as in speech. You may inspect it, use it and modify it to suit your own purposes, all free of charge. Most closed source software, free or otherwise, have FOSS alternatives. While FOSS is no guarantee of privacy, it is far more likely to respect your privacy than a corresponding closed-source alternative.
At the end of the day, functionality is of prime importance to users and this article tries to explain why privacy is also of paramount significance. It strives to give a guide that the everyday user may follow in an effort to maintain convenience, while also preserving the fundamental human right to privacy.