Security is not equal to privacy. Even if you do use 2FA and change your passwords all the time. You don’t gain any additional privacy.
Changing your google password and adding 2FA to your google account does nothing to make your life more private because google still can read all your emails, and sell your data regardless of 2FA.
The best habits to maintain privacy are to avoid using the services of companies that’s business model is violating your privacy.
Some pro privacy habits might be:
Avoid any google products or services.
Avoid and Meta products or services.
Don’t use any free software or services that are not community run / non profit. They make money from selling your data.
In a positive light these habits might be reflected as:
Using a google free phone. (i.e. GraphineOS or CalyxOS or /e/OS or even an iPhone as a last resort.)
Use Lemmy, mastodon and other alternatives to big social media corps.
Pay for reputable e-mail hosting with a reputable provider, (Ie Microsoft365 Business Account, Tutanota, or Proton Mail) or host your own.
Privacy isn’t all or nothing. Small steps are still improvements. Microsoft respects their business client’s privacy because that is what is demanded and Microsoft makes money by providing B2B services. Apple is in the business of selling expensive hardware and iCloud services so they don’t need to violate your privacy as much. These products while not perfect are leaps and bounds better then using any google or meta product.
Small steps are good steps.
If I had to choose one thing to do I would say to drop any phone that has the play store pre installed.
One addition. People say to use a VPN but I would argue that this is virtually pointless if you continue to use privacy violating services from privacy violating companies.
If your connect to what’s app or Snapchat or gmail over a https collection inside a secure VPN you are still sending them your data. Just with an extra lawyer of encryption. Google doesn’t need your IP if you give them your complete email inbox.
One thing a VPN does is prevent your ISP from selling your browsing data to third parties. If you have Comcast or Xfinity it’s worth it just to deny them even a penny.
This is true, but you also gotta consider most people do browse and go to other websites than just ones they log-in to or social medias. I think using a VPN generally makes it harder for other websites (like news articles as an example) to track you across the web. (For instance, if I visit Website A with unique IP Address Y, and also visit Website B with unique IP Address Y, even without logging in or directly giving them any data, they could correlate those 2 things. That’s where I think a VPN can really help things because it gives you a large pool of users in this case without using your unique IP).
Even besides this, you’re missing another point. I’d argue the largest benefit to VPNs is just preventing your ISP from collecting and selling the websites you visit and metadata around them. That’s a huge and undeniable benefit to using VPNs for privacy if you use a trustworthy and reputable one, just being able to prevent your ISP from seeing what you’re doing, when you’re doing it, etc, which is especially important with how dodgy ISPs are and how most collect and sell user data.
Security is not equal to privacy, but security is absolutely a means of protecting privacy. They asked how to protect privacy which absolutely is in the realm of security.
You don’t gain additional privacy from using 2FA, but your personal info is less likely to be stolen versus person info protected by less secure authentication methods.
Privacy uses security to protect itself. Security doesn’t increase privacy. It increases privacy protection, which is what they asked about.
Edit: shout out to proton mail though. It has some quirks that might turn off some people (mainly not being readily compatible with IMAP clients without the use of the Proton Bridge. But it’s there for a reason and works. And honestly, most of the other stuff you said is pretty good too. The Microsoft/iPhone stuff is obviously arguable (I fall on your side of it) but in the end the best practices is to limit exposure. The less your data is accessible by others, the better. Using email masks (I use Firefox Relay) to minimize email leaks is another good idea.
Security is not equal to privacy. Even if you do use 2FA and change your passwords all the time. You don’t gain any additional privacy.
Changing your google password and adding 2FA to your google account does nothing to make your life more private because google still can read all your emails, and sell your data regardless of 2FA.
The best habits to maintain privacy are to avoid using the services of companies that’s business model is violating your privacy.
Some pro privacy habits might be:
In a positive light these habits might be reflected as:
Privacy isn’t all or nothing. Small steps are still improvements. Microsoft respects their business client’s privacy because that is what is demanded and Microsoft makes money by providing B2B services. Apple is in the business of selling expensive hardware and iCloud services so they don’t need to violate your privacy as much. These products while not perfect are leaps and bounds better then using any google or meta product.
Small steps are good steps.
If I had to choose one thing to do I would say to drop any phone that has the play store pre installed.
One addition. People say to use a VPN but I would argue that this is virtually pointless if you continue to use privacy violating services from privacy violating companies.
If your connect to what’s app or Snapchat or gmail over a https collection inside a secure VPN you are still sending them your data. Just with an extra lawyer of encryption. Google doesn’t need your IP if you give them your complete email inbox.
One thing a VPN does is prevent your ISP from selling your browsing data to third parties. If you have Comcast or Xfinity it’s worth it just to deny them even a penny.
This is true, but you also gotta consider most people do browse and go to other websites than just ones they log-in to or social medias. I think using a VPN generally makes it harder for other websites (like news articles as an example) to track you across the web. (For instance, if I visit Website A with unique IP Address Y, and also visit Website B with unique IP Address Y, even without logging in or directly giving them any data, they could correlate those 2 things. That’s where I think a VPN can really help things because it gives you a large pool of users in this case without using your unique IP).
Even besides this, you’re missing another point. I’d argue the largest benefit to VPNs is just preventing your ISP from collecting and selling the websites you visit and metadata around them. That’s a huge and undeniable benefit to using VPNs for privacy if you use a trustworthy and reputable one, just being able to prevent your ISP from seeing what you’re doing, when you’re doing it, etc, which is especially important with how dodgy ISPs are and how most collect and sell user data.
VPN is only about security against folks outside the two endpoints (ISPs, some governments, etc)
Security is not equal to privacy, but security is absolutely a means of protecting privacy. They asked how to protect privacy which absolutely is in the realm of security.
You don’t gain additional privacy from using 2FA, but your personal info is less likely to be stolen versus person info protected by less secure authentication methods.
Privacy uses security to protect itself. Security doesn’t increase privacy. It increases privacy protection, which is what they asked about.
Edit: shout out to proton mail though. It has some quirks that might turn off some people (mainly not being readily compatible with IMAP clients without the use of the Proton Bridge. But it’s there for a reason and works. And honestly, most of the other stuff you said is pretty good too. The Microsoft/iPhone stuff is obviously arguable (I fall on your side of it) but in the end the best practices is to limit exposure. The less your data is accessible by others, the better. Using email masks (I use Firefox Relay) to minimize email leaks is another good idea.