I am quite a private person really. Even though I have a YouTube channel and this newsletter that I write every week, I rarely talk about my personal life.
I recently shut down a lot of my social media channels as well as I just wasn’t posting there much. Even on my personal Facebook I haven’t posted anything since 2018.
Even though many of you are a lot more open with sharing your personal lives on the internet, many are unaware of just how much data all of these companies have on you.
Maybe you trust the likes of Facebook and Google not to misuse your data (you really shouldn’t) but what if all that data got into the hands of someone else with even more nefarious intentions.
Last year the wildly used password manager LastPass got hacked and all of their customers password vaults were stolen. Yes they maybe encrypted, but the encryption is only as strong as your master password.
If you were using LastPass then the advice is simple. Choose a new password manager and change every single password that was stored on LastPass.
The problem is who can you trust? Any online password manager is going to be a target for hackers. Keep reading for how I am tackling this problem.
The LastPass breach woke me up a bit to the risks of storing all of your data in the cloud. The issue is not so much on the data that you supply to these companies willingly, but on the data they collect without your knowledge.
So let’s have a look at what information these companies are collecting on you:
Google is one of the worst offenders when it comes to privacy. It shouldn’t really be surprising considering they started their business by scrapping all the websites on the internet.
Google tracks the following:
So why does Google store all of this data on you? Google makes its money by selling advertising. This is how they are able to offer so many products and services for free.
If you’re not paying for the product, then you are the product.
The more personalisation that Google can add to their advertising platform the more useful it is to advertisers.
Let’s say for example you are selling electronic scooters, and you want to do an ad campaign to try and sell more of them.
In the past, this would have been done by putting an advert in newspapers as well as a short TV advert. Your advert would have been shown to millions of people but only a fraction of those would be interested in buying a scooter.
What Google has done is allowed advertisers to target only those people that are interested in scooters.
How does Google know that you are interested in scooters?
Up until 2017 Google also used to scan your emails and target advertising based on their contents. Apparently they don’t do that any more, but it doesn’t mean they can’t use your email data for other things.
If you have a Google Home I wouldn’t be surprised if they were using data collected from these devices to target you as well.
It isn’t just for advertising. Google also use all of your data to help train its AI offering Google Bard.
If you are on Facebook, Instagram, Threads, WhatsApp or have a Meta Quest device then Meta knows an awful lot about you too.
Meta also relies on advertising to make money and therefore most of your data is going to be used for targeting advertising as well.
You only need to take one look at the Data section on the App Store for Instagram to see the extent of the privacy invasion: ![[instagram-data.jpg]] Even if you don’t care too much about companies having access to your data, this level of snooping is pretty shocking. It is not clear whether this is only data that you personal share on the app or whether Meta somehow has access to the data on your device.
Due to the surge in interest in AI lots of companies are updating their privacy policies to include the right to use your data to train AI models as well.
You might think that if you don’t use any of these platforms you would be safe from this sort of privacy invasion but unfortunately not.
Even driving your car is a privacy nightmare.
The Mozilla Foundation did a review of the privacy policies for car manufactures. You can read it here: It’s Official: Cars Are the Worst Product Category We Have Ever Reviewed for Privacy
It is pretty shocking the information they collect. This includes information about your sex life, audio recordings of vehicle occupants, your location as well as your “genetic information”!
If that wasn’t bad enough 84% share or sell your data to third parties.
It is OK though because you can opt out of this privacy invasion by not using their services (e.g. your car) as a driver or passenger. Great…
The best way to protect your data is to not give it to these companies in the first place. That means finding alternatives to the platforms that you use that actually care about your privacy or at least have no interest in your data.
If you have the knowledge then obviously the best approach is to self-host your own services. If they hold particularly sensitive data then this is obviously the preferred route.
I am in the process of slowly moving all my services over to more privacy conscious alternatives. Yes it is a bit of pain to do, but it is worth it for piece of mind.
These are the services that I am using, or I am in the process of moving to.
After the LastPass breach I decided not to host my passwords in the cloud again.
I have now switched to using the BitWarden app with the self-hosted VaultWarden server. I have set it up, so my passwords are only accessible when connected to my home network either physically or with a VPN (I am using tailscale for this).
I also tried out KeePass for a little bit but prefer the BitWarden apps. The key thing here is don’t store your passwords in the cloud as they are massive target for hackers.
Most of the big social media applications are using your posts, who you follow and interact with for targeted advertising.
As I mentioned in a previous issue I have moved over to Mastodon on a self-hosted instance. I have been enjoying Mastodon so far, but there are certain creators I do miss hearing from. Hopefully they will move over in time.
I do post many pictures, but I am tempted to self-host Pixelfed as well as an Instagram alternative.
I still have my other social media accounts but no longer have the apps installed on my phone. I will probably will delete them soon though. My only concern is someone taking over my old handle and impersonating me. Especially considering my old YouTube videos point to these handles.
Email is definitely one of the more sensitive areas that I don’t particularly want someone scanning all my emails.
I have now moved my personal email over to Proton. Proton has zero access encryption which means that even Proton can’t read your emails. They get decrypted when you view them on your device.
I am still waiting for Proton to update their iOS calendar app, so it has a proper month view like Google Calendar does. Their Android version already does this, so hopefully it won’t be too long.
Migrating all my emails across was pretty painless using their migration tool.
If you wanted to sign up for Proton you can use my friends and family link which will give you a month free of Mail Plus which is what I am using.
I am still using some cloud hosting such as Dropbox and iCloud. This is mainly because I don’t have enough disk space on my home server to store all of my files.
My plan is to set up a NAS using Unraid and combine the storage from all the hard drives I have lying around. Unraid has a great option where you can combine the storage of multiple drives of different sizes provided that you have a parity drive that is at least as big as your biggest drive.
After Google announced they are going to use Google Chrome to spy on all your web browsing for advertising purposes I have switched over to using Firefox on all my devices.
Firefox is a lot more privacy conscious especially when you set it up correctly.
Friends don’t let friends use Google Chrome.
Those are the main things that I have changed, but I have started looking into more services that I can self-host so that I have complete control over my data.
These are some of the other services I have self-hosted, or I plan to host in the future.
If anyone has any recommendations for self-hosted services that they use then let me know.
This newsletter is free for everyone, but if you would like to support my work and my YouTube channel you can do so by becoming a patron on Patreon.
❤️ My supporters also get the following benefits:
📝 Article - Asking 60 LLMs a set of 20 questions. It is interesting to see how the current generation of AI respond to different questions. I must admit I didn’t think some of them were capable of this type of logical “thinking”.
📝 Article - ‘Privacy Nightmare on Wheels’: Every Car Brand Reviewed By Mozilla — Including Ford, Volkswagen and Toyota. As mentioned in this week’s issue this is quite eye-opening.
🛠️ Tool - Procreate Dreams. I have been using Procreate on my iPad for a while now for drawings. This looks really cool if you are into animation.
📝 Article - How Query Engines Work. Ever wondered how query engines work when querying data? This is quite an extensive guide into how engines like that work.
⌨ Font - B612 – The font family. Airbus have released the font they use for Airbus cockpits as open source. Quite cool if you decide to build anything that needs that industrial look.
🛠️ Tool - HackYourNews. If you read a lot of HackerNews you might find this interesting. This tool uses AI to summarise the top stories as well as the comments so that you can quickly look through to see if there is anything interesting. As with all things AI related it does lack a bit of character but useful to narrow down interesting topics.
If you want more in your life, you may have to accept less. Accepting less means less clutter and less meaningless stuff.
Want to add a comment? Comments can be added to the article on Substack.