Apps for the privacy paranoid, and how to protect your personal data
Our privacy is under attack. Both states and companies are reaching out to get your data. The former want to restrict your right to privacy in the name of security. The latter use our trust to create economically interesting profiles with the collected data and market them at a high cost. Both players are increasingly encroaching further. In order to make their work more difficult and to reclaim private shelters for us, we present you with some legal methods and mobile apps around data privacy.
Shortcuts:
- Privacy on social media
- Privacy when surfing on the move
- Private Messenger: anonymous chatting
- Privacy for photos and documents
- Private, encrypted e-mails
- Private hardware
- Conclusion
Privacy on social media
Facebook uses your data for advertising. Friends see what you like or where you've been and the social network makes it look like you're personally behind a certain product. Maybe you don't like the fact that you are being instrumentalized in this way.
To clean up Facebook's privacy settings particularly quickly, you can use the wizard of the third-party app, Jumbo. This tool is a kind of privacy scanner. You log in to Facebook from within the app (Jumbo tells you not to send any data about your social media log-ins to its own servers), then the integrated wizard confronts you with your previous privacy settings in Facebook, explains the individual points like the ones mentioned above, and sets the recommended settings at the push of a button. You can even archive and download your old wall posts.
Jumbo has mastered...
- Facebook (Messenger)
- Google (YouTube, Maps, Chrome)
- Amazon Alexa
Mobile Surfing Privacy
When surfing on the go - whether with a mobile browser or within an app - there are two ways to improve the protection of your privacy. Browser apps themselves offer many options for better privacy. Often you will see the following functions...
Advertising blockers have undergone an evolution. Many modern mobile browsers advertise with an integrated adblocker. However, this only blocks particularly annoying or even malicious advertising banners. Thomas Konrad from Cliqz GmbH, the company behind the browser of the same name, explains this to us:
"The strong blocking technology [from Cliqz], which is also used in the sister brand Ghostery, protects against advertising that is not "only" annoying, but also blocks dangerous ads that spread malware. And it also blocks cryptojacking, which protects against the misuse of your devices by crypto-miners."
The advantage of this form of ad blocking is that websites can continue to counter-finance their content with advertising revenue. For readers, this means more real contributions that are made available to them for free and fewer sponsored contributions.
Phishing protection also remains an important but often overlooked issue. It is not uncommon for users to be asked - sometimes specifically - in emails to log on to an online service and solve an urgent problem (e.g. PayPal, eBay, Amazon, etc. demanding money). The link contained in the email takes the user to a fake log-in page. Correspondingly protected mobile browsers recognize such pages and warn the user that someone here wants to steal the password, identity, or possibly money.
You can implement anti-tracking with a browser app, but it is more extensive with VPN services. But what is tracking? There are now several advertising networks on the Internet that track you from page to page and thus get a comprehensive picture of your habits. Browsers such as Cliqz, Aloha or Firefox promise immediate free relief.
However, the protection becomes more comprehensive with a separate VPN service. This will route all your Internet connections through the servers of a third-party provider. This can then block connections to certain tracker networks or feed them with false information. The VPN app from Disconnect is particularly easy to use. It costs $50 per year, similar to most competitors.
The highlight of Disconnect is that the VPN service provider focuses on the large tracker networks Facebook, Google, and Twitter. You can specifically exclude these three networks from your data connections via a switch. This is also useful in mobile apps, as they are often unnoticed by third-party trackers (usually the three mentioned above).
You can go one step further with TOR. This peer-to-peer system routes your connection over a decentralized network of several users around the world, jumping back and forth between different nodes. Not even the individual participants of the network can trace the complete path of the connection. TOR provides access to highly anonymous websites, including news services and email clients. You can access these sites using a Tor Browser.
Private Messenger: chat anonymously
Somewhat powerless as we are to the popular messengers WhatsApp, Telegram, and Co., we still have to trust that they handle our chats, metadata (who is chatting with whom) and our mobile contacts with care. Ideally, you should switch to an anonymous messenger like Session, Threema or Surespot in tricky situations.
In certain situations, even the operator should not know with whom you exchanged data at what time. This is because jurisdictions in some countries can force operators to release this data. This way you could also be accused of aiding and abetting illegal activities in an innocent manner. Remember, for example, that WhatsApp allows any user to add you to groups by default.
Privacy for photos and documents
Many Android users take advantage of Google's tempting offer to copy unlimited photos and videos to the cloud storage for free. This is extremely convenient and (from a pure back-up perspective) safe, because your photos are also secured after a smartphone theft or defect. Plus, you can access your photos from all your devices. The same applies to documents. Many companies and schools use Google Docs and Sheets to collaborate on documents.
But here too, caution is called for. Google openly admits that it scans your photos and documents to optimize algorithms for faces, objects or character recognition. If you don't like the scanning process or the resulting monitoring algorithms, you should consider an alternative to Google Photos and Google Drive.
Similar convenience is offered by OnlyOffice and/or NextCloud. These - meanwhile merging - open source products can be installed free of charge on your own servers. You can also use one of the many hosting services that take care of the installation and maintenance effort.
Private, encrypted e-mails
Email services are also coming under increasing pressure to 'make money' with their operators. Especially free services such as Google mail (Gmail) are using obvious methods to do so. The Gmail app often displays advertising e-mails in your inbox, although at least they are marked as promotions. Furthermore, Google openly admits to reading your emails by machine and passing on the analysis to third parties in an anonymous form. I don't know if al ofl your contacts would agree to this.
A comprehensive breakdown of less and more trusted email services can be found in the restore privacy blog. Top candidates are characterized by tracker freedom, complete anonymity, and encryption. The author recommends among other things...
- Tutanota
- ProtonMail
- Mailbox.org
- Posteo
- Mailfence
Private Hardware
Another problem case of mobile anonymity is the smartphone itself. Even if you observe all the rules of data protection in the software, the hardware can still become a problem child. The US company Purism - actually known for privacy optimized Linux laptops - is developing and optimizing a privacy optimized smartphone together with the German engineer Nicole Faerber.
The first attempt of the project is plagued by bitter findings. Hardly any manufacturer of embedded hardware wants to reveal the circuit diagrams of its chipsets or modems. Occasionally, even the regulatory authorities are opposed, arguing that certain information should not be made public for security reasons.
However, after thirty years of Windows we should know that "Security by Obscurity" does not work. If secrecy were effective protection, there would be no malware for the closed source operating system.
Thus, large parts of the mainstream hardware remain a black box for us. We don't know what the modem in the lower smartphone reads (thanks to unlimited access to the RAM) and with whom it shares the data. And since most of these components are developed in the USA or China, any suspicion is well-founded.
Conclusion
Even if your control over your data is limited, you can still make it as difficult as possible for curious third parties. Encrypt and filter data streams, cut off trackers, cover your tracks. If you have "nothing to hide", as so many people say, think of your responsibility to your contacts and friends. Because their profile will also be sharpened by the data around them.
The most private data leaking part of your life is your phone. Your location is constantly recorded by Google or Apple.
Your emails and contacts are on their servers. Every app you have ever used is known by the same companies.
With the OS from e.foundation I got rid of all of this. I can still run Android apps, but Google knows nothing about me.
All these anonymized applications that offer to protect your personal data, such as Tor, are potentially dangerous because there is a high risk of clicking on an insecure link or downloading a malicious application.
It is much more convenient to use the latest generation decentralized application Utopia p2p.