Another Brit here. I went through something like this…
Moved emails from Microsoft and Google to a provider like Proton, Tutanota or Mailbox.org.
Degoogled mobile by moving to LineageOS and replaced apps with FOSS equivalents. Use the likes of Mull, K9 Mail, Aegis, etc.
Started using Signal instead of WhatsApp, SMS and Telegram, etc. Persuading friends and family to install it can be a challenge but stick with it.
Implemented Pihole and unbound to minimise adverts and tracking. Blocked access to the internet for smart home devices (they were in the house when we bought it).
After it came out that MI5 had been working with BT to spy on internet users I started using a VPN almost permanently, then on mobile too (after I discovered EE heavily monitor all mobile data usage). Look at Proton or Mullvad for VPN. I also moved to a small ISP recently after EE took over Plusnet. Maybe look at the likes of Zen and avoid the bigger ISPs.
This isn’t for everyone and I’m not going to be one of those that preach to do it but I got shot of MS Windows and jumped into Linux. I still have a Windows 10 VM for apps I can’t get to run under Linux. Initially though I used the likes of Windows 10 Privacy or O&O Shutup to disable as much of the crap I wasn’t happy with and O&O AppBuster to remove built in apps I didn’t want. I used simplwall to control what app had network access too.
When i eventually got around to changing email addresses for online accounts, I setup temp and burner adddresses (look at Simplelogin or anonaddy). I share my actual email with trusted sources only.
I never use my real personal details for any service, online or otherwise, other than official ones, government, banking, etc.
Bought a little secondhand NAS for the house that I run Jellyfin from to stream music and movies. Cancelled Spotify. Also cancelled Sky and got a freesat box.
Avoid car insurance companies that demand you have a black box. I’ve only been pressure once into having one and I’ve been driving for a while now.
If you want to mimimise your bank or online shops profiling you, shop in physical stores and pay with cash. Extreme maybe but I know people that do this.
Finally whilst not explicitly part of my privacy journey, that journey ended up influencing my decision when it came to changing my car. The previous one was newer with lots of connected services, and as I discovered terrible privacy and data sharing policies. The current one is older with the only connected service being the tracker. Like I say, not part of my privacy journey but once I got into that way of thinking, it influenced my decision.
These are all excellent. Can I add my recommendation: buy a domain name and set up so all emails sent to it are diverted to your real mailbox. Then, when you sign up for services you can give them, say, [email protected], [email protected], [email protected], etc. This makes it easy to tell who is selling your details since the only people who know, say, [email protected] is Amazon, plus it makes it harder for them to associate your identity on one service with that on another service.
Excellent advice to buy a private domain. All I would add to your comment is find a registrar that will allow you to not publicise your personal information - name, address, etc. I’m sure they will charge for this but its a small price to pay.
I think it’s a good idea to buy a private domain but one should also use a privacy respecting email and aliasing service too. Because if your threat model calls for it, one can easily correlate all your aliases that go back to your own personal domain. Using something like SimpleLogin or anonaddy gives you an anonymity set.
Porkbun have easy privacy options for free, and right on the domain management page. CloudFlare too of course. Also, if you go for a random TLD, like .XYZ or something, do a quick check it supports privacy settings before purchasing.
Not a Brit, but still recommend following these. My only problem is involving Signal, as hard as I try I cant get my family to switch from exclusively SMS. Any tips?
It can be difficult. I went cold turkey and if people wanted to contact me they either had to SMS me, email me, or install Signal. Most went with the latter over time apart from some older family members that still use SMS. I’m never going to persuade them to change that behaviour and that’s OK. Overall it wasnt too tricky it just took a bit of time.
I actually ran into more problems with a former employer demanding that I install WhatsApp on my personal phone. That got really messy and stressful.
Morning,
Another Brit here. I went through something like this…
Moved emails from Microsoft and Google to a provider like Proton, Tutanota or Mailbox.org.
Degoogled mobile by moving to LineageOS and replaced apps with FOSS equivalents. Use the likes of Mull, K9 Mail, Aegis, etc.
Started using Signal instead of WhatsApp, SMS and Telegram, etc. Persuading friends and family to install it can be a challenge but stick with it.
Implemented Pihole and unbound to minimise adverts and tracking. Blocked access to the internet for smart home devices (they were in the house when we bought it).
After it came out that MI5 had been working with BT to spy on internet users I started using a VPN almost permanently, then on mobile too (after I discovered EE heavily monitor all mobile data usage). Look at Proton or Mullvad for VPN. I also moved to a small ISP recently after EE took over Plusnet. Maybe look at the likes of Zen and avoid the bigger ISPs.
This isn’t for everyone and I’m not going to be one of those that preach to do it but I got shot of MS Windows and jumped into Linux. I still have a Windows 10 VM for apps I can’t get to run under Linux. Initially though I used the likes of Windows 10 Privacy or O&O Shutup to disable as much of the crap I wasn’t happy with and O&O AppBuster to remove built in apps I didn’t want. I used simplwall to control what app had network access too.
When i eventually got around to changing email addresses for online accounts, I setup temp and burner adddresses (look at Simplelogin or anonaddy). I share my actual email with trusted sources only.
I never use my real personal details for any service, online or otherwise, other than official ones, government, banking, etc.
Bought a little secondhand NAS for the house that I run Jellyfin from to stream music and movies. Cancelled Spotify. Also cancelled Sky and got a freesat box.
Avoid car insurance companies that demand you have a black box. I’ve only been pressure once into having one and I’ve been driving for a while now.
If you want to mimimise your bank or online shops profiling you, shop in physical stores and pay with cash. Extreme maybe but I know people that do this.
Finally whilst not explicitly part of my privacy journey, that journey ended up influencing my decision when it came to changing my car. The previous one was newer with lots of connected services, and as I discovered terrible privacy and data sharing policies. The current one is older with the only connected service being the tracker. Like I say, not part of my privacy journey but once I got into that way of thinking, it influenced my decision.
These are all excellent. Can I add my recommendation: buy a domain name and set up so all emails sent to it are diverted to your real mailbox. Then, when you sign up for services you can give them, say, [email protected], [email protected], [email protected], etc. This makes it easy to tell who is selling your details since the only people who know, say, [email protected] is Amazon, plus it makes it harder for them to associate your identity on one service with that on another service.
Excellent advice to buy a private domain. All I would add to your comment is find a registrar that will allow you to not publicise your personal information - name, address, etc. I’m sure they will charge for this but its a small price to pay.
I think it’s a good idea to buy a private domain but one should also use a privacy respecting email and aliasing service too. Because if your threat model calls for it, one can easily correlate all your aliases that go back to your own personal domain. Using something like SimpleLogin or anonaddy gives you an anonymity set.
Porkbun have easy privacy options for free, and right on the domain management page. CloudFlare too of course. Also, if you go for a random TLD, like .XYZ or something, do a quick check it supports privacy settings before purchasing.
Not a Brit, but still recommend following these. My only problem is involving Signal, as hard as I try I cant get my family to switch from exclusively SMS. Any tips?
It can be difficult. I went cold turkey and if people wanted to contact me they either had to SMS me, email me, or install Signal. Most went with the latter over time apart from some older family members that still use SMS. I’m never going to persuade them to change that behaviour and that’s OK. Overall it wasnt too tricky it just took a bit of time.
I actually ran into more problems with a former employer demanding that I install WhatsApp on my personal phone. That got really messy and stressful.
Red flag go no contact
Jk but telling them you won’t discuss anything important over sms was how I got mine to switch
Then all they would say is “Welp, guess we’re not texting then” . this goes for basically everyone I know except tech-geek friends.
“k cya”
I had the same problem, then one day a scary privacy news article hit one of their radar, and they all switched overnight.
Nice. I think I do most of these. Have you looked into CalyxOS & GrapheneOS as alternative Android substitutes?
Looked into Graphene and its definitely appealing, but until i get a Pixel I’ll need to stick with Lineage.