Dobbs v. Jackson Women’s Health
Following the Supreme Court decision on Dobbs v. Jackson Women’s Health Organization, digital privacy is becoming increasingly important. First, abortion under many circumstances is now illegal across a large number of states, meaning that prosecutors will be looking take action against people that seek such procedures. There have already been cases of women being charged under anti-abortion laws due to incriminating text messages and search results. The ACLU wrote an article covering many of these concerns. Second, the constitutional right to privacy is starting to be challenged at an alarming rate. Although the Supreme Court has historically ruled that there is a right to privacy embedded within the liberty granted to us in the 14th amendment, the petitioners in the case of Dobbs argued that the 14th amendment doesn’t actually grant us such a right. Similar sentiments have been echoed in the concurring opinion of Justice Thomas, where he brought up the possibility of revisiting major court cases dealing with contraception use and same-sex marriage. These attacks on our right to privacy have the chance of being expanded even further in coming years, allowing for even more of our civil liberties to be stripped away by the US government. Because of this, I’d encourage everyone to start caring more about their digital privacy, especially if they are dealing with potentially punishable actions such as getting an abortion. Here I’ve compiled a list of digital tools that you should look into. The goal of using these is to limit the amount of logging that’s done with your personal data such that governmental bodies and corporations have a harder time identifying you by your online presence. If you have any questions, suggestions, or want any help getting set up with any of these tools feel free to reach out to me.
If you are talking about any remotely sensitive information that could later be used against you, text messaging and social media messages are very insecure. For these situations, you need an encrypted messenger.
I would recommend using Session. It is decentralized, and doesn’t require any personal information to sign up meaning that it is completely anonymous unless you leak your ID code. Another popular choice that many people have started to recommend is Signal, which is miles better than texting, but is still less secure than Session because it is centralized and requires a phone number to sign up.
For search engines, there are two main ways that you search history could be uncovered. First, your history and cookies could be found if your computer gets seized by the government. This will be addressed through the browser section. Second, the company behind the search engine could track you and hand over your search logs to the government. Google is a nightmare in this regard, especially with their web of control through Google accounts, analytics, etc. I prefer Startpage, Qwant, or DuckDuckGo. Although DuckDuckGo is the most popular and most user-friendly privacy-centered search engine, there is a slight downside in that they are based in the United States which makes it more likely that they could be forced into handing over data to the government. This generally shouldn’t be a problem since their logging practices seem to be much more secure than Google, but it is something to consider based on your circumstances. Startpage is based in Netherlands and Qwant is based in France. I would recommend Startpage because it doesn’t save your searches into your browsing history by default. You will need to find out how to set one of them as your default browser based on whatever device and browser you’re using, but if you’re having any trouble feel free to let me know.
VPNs are some of the most misunderstood privacy tools, but they still have some good uses. They are often advertised by companies like Nord VPN as all-in-one privacy tools that can protect you from bad guys, but that isn’t quite true. VPNs essentially work by routing your internet traffic through the servers of a VPN company before it reaches you. Essentially, they work as a middle-man between you and others that are receiving your internet traffic. That being said, they are useful for two reasons. First, they mask your outgoing traffic from your ISP (Internet Service Provider) meaning that whoever owns the WiFi network will have a hard time figuring out what sites and services you’re connecting to. Second, they mask your true IP address from the sites you visit. IP addresses can often be traced to your home address and home network.
If you want to use a VPN, do not use a free one. Free VPNs make their money by logging your data. Furthermore, the only VPN that I could reasonably recommend for privacy purposes is Mullvad VPN. Companies like Nord know who you are and can therefore know everything that you do on the internet (you’re essentially transferring that knowledge from an ISP to a different company). Mullvad VPN is unique in that instead of making you create an account with an email address/username, they let you generate a unique code with no personal identifiers. They also allow for more secure payment methods such as cryptocurrency and even sending cash through the mail.
For similar reasons to the search engine section, Gmail is bad for privacy. If you need to send secure emails, Disroot or Mailbox.org both seem to be good contenders (although I haven’t personally used either of them). ProtonMail is another common choice, by I would lean against using them because they were found to have been logging the IP address of a French activist in 2021 due to orders from the Swiss government.
Passwords get stolen and leaked all of the time, so using insecure passwords and/or the same password on multiple sites is bad practice. Although there are many password managers out there, I recommend Bitwarden because it is open-source (meaning that anyone can audit the code to make sure they aren’t vulnerable to attackesr) and free to use. I would recommend protecting your password vault using a passphase rather than a passcode. A passphrase is a string of words such as “erupt-exhume-trodden-upon-pulse” or “Monstrous_Applause_Scribing_Discover_Gusty” that has no personal connection to you or your personal information. These are generally just as if not more secure than typical passwords, and are easy to remember meaning that you shouldn’t need to write it down anywhere insecure. I would recommend writing it down on a slip of paper and keeping it somewhere physically secure until you have it memorized. Then, you should replace all of your online passwords with randomly generated strings of lowercase and capital letters, symbols, and numbers (which can be generated automatically). Bitwarden has apps for computers, browsers, and smartphones that will let you automatically fill in the passwords on sites for you without needing to store them directly on your browser.
Modern websites are home to various cookies and fingerprinting technologies that can follow you everywhere as you browse. While it’s nearly impossible to completely avoid them, there are steps you can take to minimize these trackers.
For an everyday web browser, I would recommend Firefox with a secure profile from ffprofile. If you really want to use a Chrome-based browser, Brave is also a good option as it is completely compatible with all of your settings, extensions, bookmarks, etc. I would recommend using the extensions UBlock Origin to block ads and trackers, and Local CDN and CanvasBlocker to block many fingerprinting mechanisms. Some sites might break with these extensions, in which case you could temporarily disable them or use a different browser for that one site.
For situations where privacy is more necessary use the Tor browser, which routes your traffic through a series of nodes rather than a centralized network. It also lets you access the deep web, but doing much on there is pointless unless you are using a more secure operating system (such as the one detailed below)
On both your computer and your mobile devices, you should turn on settings to limit the access that apps have to your location. If you are protesting or doing something similar, you should completely turn off your location services along with biometric IDs like face and fingerprint scanners (although the easiest and most secure route is to leave your phone at home).
Additionally, if you need to do something that requires maximum security you should install Tails OS onto a flash drive and boot onto it from a computer that you do not use for anything personal. It is built on Linux and uses Tor networking along with a technology that causes it to erase all usage data after each use, meaning that it is great for getting around surveillance and censorship.