My favourite digital privacy tools for 2020
February 17, 2020 · Return to blog
At Fathom, we obviously know a thing or two about privacy-focused analytics. And having a focus on digital privacy means that I consider it for all the digital products I buy and use.
Privacy is a fundamental human right, or at least it should be. Luckily even governments are agreeing here, and putting privacy laws like GDPR, CCPA and PECR compliance into effect. Not because we have something to hide but because, as the news cycle constantly shows us, big tech companies that track our every move and purchase are both awful at keeping that data safe and worse at knowingly renting it out to any other big companies who want access to it.
The following is a list of tools I’ve used and enjoy using to keep me as private as possible online. While in the past there’s been a “data-free-for-all” with big software companies, there’s also a growing trend towards charging fair prices for software, so data doesn’t have to be sold for a company to be profitable. This is why Fathom Analytics costs money and Google Analytics doesn’t - the data Fathom collects is never sold or used for other commercial purposes, and we protect it with great seriousness (plus Fathom doesn’t violate the digital privacy of website visitors).
My favourite privacy-focused password manager is 1Password
Passwords. We all have them, use them, and need them to get around online. Our digital identities, and how we store information, are based on our ability to both associate with an account of some kind and prevent others from gaining access to said account. And they all require passwords.
The problem with passwords is that they need to be long and complicated to be secure. We’re only human, and cursed with memories that make it nearly impossible to remember things like
tLFXh9Nr*R-XVGH!LP93. Even if we could remember that one super random and complex password, it’s really only good for one account online. So if we had an email and a social media account, we’d need to remember two equally random and complex passwords…or more likely a few hundred of them (as we all have so many online accounts).
If we reuse passwords, they’re only as strong as the weakest website we use them on. If we use the same password for Gmail as we did on a certain hotel rewards website years ago the hotel has a data breach, then our Gmail password is no longer secure. There are reports of people having the passwords from old, useless accounts breached, and hackers gaining access to critical accounts like email, healthcare, and banking because they used the same password everywhere.
Password managers exist to solve the problem of having different, and complex, passwords for every online service we use. A password manager is a virtual “vault” that creates and stores passwords, and remembers them so you don’t have to. All you have to remember is your master password and private key to access your password manager, and then let it auto-fill your login details on sites you’ve saved into it.
What should we look for in a password manager?
- End-to-end-encryption (E2EE) of our personal data, meaning our passwords are hidden from everyone except us, even the company that makes the software. So even if they’re hacked, our passwords are safe.
- Easy 2-factor authentication through the password manager (using a text message is potentially hackable via things like SIM-jacking).
- Alerts if any passwords or sites we use have been hacked or breached in any way.
1Password does all of this, and does it well. We’ve both been using 1Password for years. Having a password manager, any password manager, is a must have in 2020.
My favourite privacy-focused browser is Firefox
The first thing I look for in a browser is that it’s not from Google. Secondly, I don’t want my browser to help advertisers and other big companies follow me around the internet when I browse.
Firefox focuses on privacy and gives me the ability to easily see how many data-collecting trackers I’ve blocked with their Enhanced Tracking Protection. Their browser blocks over 2000 unethical trackers automatically.
Since I use multiple devices (a desktop, laptop and phone), I can sync all my tabs by using Firefox Sync. I can even send tabs from one device to another—say I find a long article on my phone, but it’s too small to read much on, so I send it to my desktop to read it later.
My favourite privacy-focused VPN is ProtonVPN
Without a VPN, your ISP (and whomever they potentially sell your data to, which has come under fire) knows all of your browsing history. And worse, if you’re on a public WIFI, there are ways for others to see things like your passwords and data. Ad services can also use your IP address to track your behaviour across the web.
A VPN (Virtual Private Network) encrypts your internet connection so no one can spy on what you’re doing or browsing, and you can’t be tracked because you are using a new IP address from the VPN provider. The reason this is secure is because the IP address that you’re given is shared by, in ProtonVPN’s case, over 20 million people. Safety in numbers.
When you turn a VPN on, all incoming and outgoing data gets routed through it to make it totally private. That means if your ISP, a hacker or an advertiser tries to see your data or browsing activity, all they see is unreadable garbage.
What should we look for in a VPN service?
- A strict no-log policy. The reason to use a VPN in the first place is because, without one, your ISP or network owner could see everything you do because they keep logs of it. So any good VPN company shouldn’t log any activity, ever. Fortunately, nowadays most popular websites use SSL, meaning your data is encrypted end to end, but your ISP or network owner can still see the website you visit and your location
- Strong encryption, for the data between your device and the VPN server. This keeps your data protected.
- Fast. A VPN shouldn’t make it seem like your normally fast internet connection has molasses in its wires. If you’re paying for a VPN you should have access to lots of connection points and have unlimited high bandwidth at your disposal.
- It should work on all your devices. Macs, mobile phones, routers, whatever you connect to the internet with, should be able to connect your VPN.
ProtonVPN is built by the same company as ProtonMail, a Swiss-based, privacy-focused company. I’ve used their service for a couple years, and it’s been reliable, fast and easy to set up.
My favourite privacy-focused email service is FastMail
Gmail is as ubiquitous as Google Analytics, and just as focused on data harvesting as the rest of Google. Years ago they modified their terms of service to state that ‘automated systems analyse your content’ - meaning they read your emails so they can serve you targeted ads. Google uses this data from Gmail alongside what they collect about us from search results, map requests, Youtube views and everything else in order to send us targeted ads.
This is why I use FastMail for most of my email needs. They charge money for their service, so they don’t have to sell your data. There’s zero tracking in their software and no ads, ever. They also allow users to have 2-factor authentication.
Like their name says, it’s also FAST. Very fast. I never felt that Gmail was slow, but it’s noticeable how much faster FastMail is when clicking around their interface.
They’re also affordable at $5/month/user (less than Google Enterprise) and let you use your own custom domain(s).
Note: I know ProtonMail offers end-to-end-encryption for email, but that only works if both parties are using ProtonMail (and not everyone I know uses it). If I need complete privacy and security in communications, I’ll use secret chats on Telegram or Signal, and not email.
None of these tools are very expensive, and I gladly pay for them because I understand the business model: selling software as a business model is very different from selling data as a business model. So the paid products above are worthy monthly expenses for me to have the peace of mind I get from being a little more private online.
All of this said, I recommend that you do your own research and come to your own conclusions as to what software will work best, based on your needs.