Privacy Plus+

Privacy, Technology and Perspective

How to Go Quasi-Dark – Email and Messaging Edition.  This is a post on how to communicate over the Internet as privately and securely as possible:

  1.  Use a VPN.  A “virtual private network” (VPN) protects your information by hiding your device’s IP address and encrypting your data as it is transmitted over the Internet. When you use a VPN, you conceal your identity and protect the information you are communicating while it is in transit.  For more about VPNs, including some caveats about their use and recommendations related to VPN providers, click on the following link to a Wired article on the subject:

  2. Use a separate, privacy-sensitive browser and privacy plug-ins (along with the VPN) to sign up for and access your email service.  A privacy-sensitive web browser helps minimize the risks associated with online tracking. Websites, advertisers, ISPs, government agencies, and others persistently track you across the Internet.  Google Chrome is a popular browser, and Gmail is a popular email service. Still, both are notorious for user data collection and tracking (If you haven’t recently read Google’s Privacy Policy, check out the “Information Google Collects” section of the Privacy Policy for a jaw-dropping experience – a link follows:  As an alternative to Google Chrome, consider using Firefox, Brave, or Tor Brower – all are generally favored by privacy-oriented users.  You can learn more about the pros and cons of those browsers and others, by clicking on the following link:

    Whatever browser you choose, you should also consider privacy plug-ins for your browser that block trackers, keep your search history clean, and/or block scripts. Popular privacy plug-ins include Ghostery (to block trackers), DuckDuckGo privacy essentials (for more private searching and browsing), or Privacy Badger (that uses AI to block trackers).

  3. Use an anonymous email service to send a secure email.  When it comes to communicating over email, especially about sensitive topics, consider creating an email account using an anonymous email service and only sending emails that are encrypted. Right now, one of the most popular anonymous email services is ProtonMail, which is based in Switzerland, runs on open-source software, and offers PGP encryption integrated into its software. When an email is encrypted, only authorized recipients can read it. Users of Protonmail are afforded the additional benefit of encryption-by-default when emails are exchanged between them.  A link to the Protonmail sign-up page follows:

  4. Use a burner email account for additional privacy.  Consider creating an entirely new email account if extra privacy and security are needed (e.g. communicating with journalists, lawyers, etc.).  When only the sender and recipient of an email know of the existence of the email account, you’ll have extra protection.

  5. Use a burner phone, if needed.  Burner phones aren’t just for criminals.  Today, cell phone numbers, just like IP addresses, are unique identifiers that constitute identifying personal information under various privacy laws. And there are situations in which one would want to hide his or her identity, even when doing perfectly lawful things.  Just remember, a burner phone’s location can still be tracked (customer proprietary network information (“CPNI”) and location information collected by device operating systems, GPS and other sensors, applications, and connections to WiFi hotspots or Bluetooth-enabled devices are all part of the location-tracking ecosystem).

  6. Use an encrypted messaging app.  Recognize that the contents of your text messages can be read by your service provider (and subpoenaed by authorities).  To minimize that risk and communicate via text or phone securely, use an encrypted messaging app.  Signal is currently considered to be the best end-to-end encrypted messaging app.  You can learn more about Signal and its security features by reading the following article in the most recent edition of Wired:

  7. Configure your settings for maximum privacy. Finally, in setting up your accounts, follow the steps listed above, then be sure to review and adjust the privacy and security settings on your devices, apps and accounts.  You will want to disable location-tracking, enable and use multi-factor authentication, where it is available, and also configure your emails and messages to auto-delete, especially if the information contained in them is sensitive.

“Quasi” dark?  It’s very hard to live in a digital world without leaving a digital trace that can be subpoenaed, analyzed, and acted upon.  But you may not need to leave a blank slate, or at least not as much as you suppose. Remember that state and federal laws against wiretapping and other aural interceptions are among the oldest and strictest on the books; and also sometimes, the best privacy protection of all is silence.

Hosch & Morris, PLLC is a boutique law firm dedicated to data privacy and protection, cybersecurity, the Internet and technology. Open the Future℠.