My new approach to online privacy
4th July 2019I have for the last few yeas had a online privacy approach in the style of “Do not put all eggs in the same basket” or exemplified in the style of “If I use Google for email I won’t use it for browsing the web”.
Now after a few years of empirical learning I have decided to change this approach. It’s clear that the owner of “my” online data (the irony) is seldom static nor does it keep the data within its own walls.
My new approach is to create as little online data as possible. Below are some actual examples of things that has lead me towards this decision.
- Recruiting firms aggregating online data about me. Although I’m not a software developer by profession I get a lot of spam from recruiting firms. I have found that these firms often has aggregated public information about me from sources such as Github and Twitter.
- Recently I discovered that two sites my employer (a government agency) hosts had been relaying on a third party service that fingerprinted our users for years and sold the data.
- Opera going from being a Oslo based company to being bought a random Chinese company. As an user I was never informed that “my” data changed owner.
There are probably plenty of cases were these types of issues have been combined and exposed information about me to third parties unknown to me.
What I’m doing to limit online data about me
- Switching from Opera to Firefox while applying extensions such as uBlock Origin. Although Firefox do not have all the nice features that Opera has (tab preview, popup video and a built in RSS reader) it should be a quite effortless switch.
- I will be creating a online presence inventory. A list of sites that I know have some non-anonymous data about me such as a user account because the first step towards action is awareness. This first step is not much of an effort but once I start to delete accounts and other information it will likely take up plenty of time.
- I will host my own DNS server and apply a whitelist. I will block every single domain that I have not looked into myself. This will break the web for me and take quite some effort to get right but it will be worth it.
- I will intercept common CDN services with one hosted on my own network. This should be a rather easy task and I’m sure there are some good solutions out there already in use.
One might see me as paranoid or a privacy geek but these actions comes from actual concerns and real world examples.