A lot of people are worried about their level of online privacy and safety lately, for reasons that shouldn't be too hard to understand. The big thing here is that US companies collect data, and the US government can grab hold of that data if they feel there's a need; if you are now under a government that you distrust, it makes sense to reduce the amount of data that you hand over to US-based companies.
Here's a list of things you can do. Some are easy and some are hard, but every one of them can help. Even if you can only do one of these things, it's worth doing.
- Here's the hardest one, for many of you: Get off of Facebook. Facebook collects a LOT of data, even when you're not on it. It's not just what you post on Facebook, it's also about your surfing habits on other sites, and a lot more. All this data is under the control of a man who called his users 'dumb fucks' for trusting him. If that offends you, good! It should. If you feel you cannot do without Facebook, consider abandoning your account and setting up a new one, using an altered version of your name, and reconnecting with your friends on that. Changes like that help obfuscate your digital trail.
- Get away from Google. I will post in more details about this later, because Google is an ecosystem that consists of a lot of services. Most of them have good replacements! The very fact that Google has all these services is also why it's so potentially dangerous: they collect a LOT of different data from all those sources and combine it all into a very detailed profile. Need a good search engine? Try StartPage.
- Get your e-mail off of US soil. Use an e-mail provider that's hosted in Europe and offers encryption. There are plenty of them and some of the good ones are free. More information on that is now posted here.
- Compartimentalize. Use different browsers for different purposes. Use different providers for different services, so that your data is split up and therefore less meaningful. Keep your profiles on social media and other websites separate. (I know, I don't always do that either. But I do have a few online hangouts that you probably don't know about.)
- Here's another hard one. Don't use a smartphone. If you must, be very wary of the apps you install. Review and think about the permissions your apps ask to use. Can they also operate with less? Switch it off when it's not in use. If you can make do with a nonsmart cellphone, or use that for phone calls and use your smartphone for data only, do that. That's compartimentalizing too.
- Here's some easy stuff! Use adblockers and other browser add-ons that improve privacy. Your surfing experience will be safer and faster and the sites you visit will look nicer! This is another good topic for a separate post, but for now I'll throw out some names: UBlock Origin, Ghostery, BetterPrivacy, PrivacyBadger, DecentralEyes, SelfDestructing Cookies. If you use Ghostery, be sure to check the settings carefully, as the default is not great.
- Also easy: if a service you are using offers two-factor authentication, set that up. It makes your accounts a lot harder to break into. This is especially important for webmail accounts, since they are often the key to a lot of other things, because many services use email to reset passwords.
- Another fairly easy one, and we should all be doing this already: use good, strong passwords and be smart about using them. Read more on that here.
- Learn to use an e-mail client that supports encryption. You may not need it now, but it's a good option to have. Thunderbird is just fine for this; with the add-ons Enigmail and GPG installed, it works well. It's also an all-around good e-mail program. And if more people use encryption, those who use it won't stand out anymore. Remember when mail used to be private? E-mail should be private, too.
- If you haven't yet, consider getting away from Apple and Microsoft. Linux isn't just for geeks anymore. There are several good looking, easy to use Linux based OSses nowadays, they can run on most of the hardware that you are using, and they are free. Ask your friendly local nerd or cybersmart cousin to show you Linux Mint. Bonus: your computer will probably run faster, and will not need to be replaced as rapidly!
- One of the best things you could do would be to attend a cryptoparty: an interactive workshop about cybersecurity, often aimed at beginners. Find out here when and where they are happening. A good place to ask about this would also be your local hackerspace; hackerspaces are physical spaces (as in, buildings/rooms) where people get together to tinker and to share knowledge about many things, cybersecurity being one of them. Don't worry about the bad reputations of hackers; there are good reasons why malicious hackers generally stay away from hackerspaces (they don't need them, they aren't welcome, and they don't want the extra visibility).