A pragmatist’s guide
A friend of mine who works in cybersecurity told me there’s no such thing as privacy on the web. You’re on it and not private. Or you stay off it. As simple and as binary as that!
The issue of web privacy has been gnawing away at me for some time. I guess, as you’re reading this, it’s probably been taking up some room in your consciousness, too.
My life is my own
Now, I don’t want the Cambridge Analyticas of this world doing their nefarious stuff with my life. Neither do I want Google building up a complete picture of me — oh god, did they buy Fitbit so they can get health data, too?
I like keeping parts of my life to myself. Is that so peculiar?
Before you go any further, though, I’ll say what should be blindingly obvious. I’m not a cybersecurity expert. This is my story, and while I hope you find my journey so far interesting, there may be some howling mistakes and gaping holes in my knowledge (I know there are some of those).
For those who need experts, there are plenty here on Medium. Oh, and I’m very open to suggestions — practical ones that don’t involve giving up on the Net and/or spending the next five years gaining qualifications I really would not want to study for. Foil hats are also unwelcome.
The reality of modern life
Now, as a digital marketing consultant, I don’t have the opportunity to unplug from the net. I’m connected all day and every day. My activities are scooped up into the maws of the internet giants. While my wife has the attitude that lack of privacy is something we have to live with, I’m not convinced.
And, I actually love the internet and technology. It’s just what the nasties are doing with it that threatens to ruin everything for me.
Business or personal?
This may amuse you. For my business, I use Google GSuite. I pay for it, so there may be a little less Google data scooping going on, but I have to be suspicious. GSuite is a familiar set of apps that people know and trust and it does what I need it to within my business context.
My feeling is that I can’t control what the rest of the world is doing online. I can only mitigate what I’m in control of. What’s not shared with others. Which comes to my own personal information. It’s a different set of apps.
A realisation about all the private information I’d stashed in Evernote over ten or more years when the stories about the company’s reported carelessness about their customers’ data shook me a bit. Some ten years ago, when I opened my account, I naievely assumed that I was paying the company to keep my private data safe.
Over time, I scanned drawerfuls of personal and business documents into my account. Even the really confidential ones. I bought into the universal bucket concept and filled it with web page captures, pdfs, forwarded emails, bank statements, business contracts, and so on and so on.
Maybe a little paranoid? I don’t know
The bigger the bucket and more comprehensive its contents, the more valuable it seemed to me. Yes. And to anyone who got hold of the contents. Shudder.
Now, I have no evidence anyone has got hold of my information, nor have I that Evernote has been rifling through it. But it is possible, and how would I know?
Reading stories about Cambridge Analytica, Facebook, Google, Evernote, voice assistants and many others, I felt increasingly unhappy and uncomfortable with what I was seeing of the online world. Very unhappy and uncomfortable. My conclusion was (is) that I want to keep my private data under my wing.
But how was I going to do it?
Encrypt what you can
We all expect encryption when we connect to our banks and Google encourages website owners to install SSL certificates by flagging websites that do not use https as Not Secure. Still, we somehow don’t expect the same standards for the rest of our data. We let it slosh around the internet unsupervised and open to anyone who cares to take a peek.
If you think you need a tame chap with a tinfoil hat on hand or an advanced degree in computer tweakery to keep your data safe, you’ll be happy to know you don’t. A little bit of knowledge or a friend to set things up for you the first time, and things can be remarkably easy.
Keeping my thoughts to myself
I’m an inveterate note-taker. I generally have so much going on in my personal and professional life that I can’t keep it nicely in order between my ears. I also write to work things out. Some would call it journalling, but I’m not as structured and disciplined with my personal writings as that.
Somewhere along the way, I blundered into Standard Notes. I consume a lot of RSS feeds. That’s my excuse. Its vision for a note app focused on privacy and longevity struck an immediate chord. **Standard Notes is a safe place for your notes, thoughts, and life’s work,** is its pitch.
In a very short time, I dropped the feature-heavy Evernote for the feature-light Standard Notes. I have a tool that encrypts all my thoughts and writings I want to keep to myself on the fly and syncs fast between iMac, iPhone and laptops.
I signed up for the paid version and got some more bells and whistles — I’ll leave it up to you to read about them if you’re interested. Really, it’s more to do with supporting the project than needing the additional features.
I love the absolute freedom of being able to keep my thoughts to myself until I’m ready to share them.
The final drop-kick for Evernote
Standard Notes doesn’t do everything I want it to. While I could have imported my Evernote data, Standard Notes isn’t the tool to handle thousands and thousands of records. But Joplin has stepped in there. Another Open Source project, Joplin set out to replace Evernote for those who have become tired of the old green elephant.
I’ve imported all my Evernote information straight into it. Record by record, it’s not 100% the same, but it’s good enough. And Joplin has the option to encrypt its information, so that you can confidently synchronise using public cloud storage such as Dropbox.
I’ve actually been experimenting with the open source Nextcloud to sync between computers and mobile devices. That’s a work in progress, though.
Why am I still using Standard Notes?
Joplin is more powerful and feature-laden than Standard Notes, but it doesn’t have that something that makes SN such a joy to use every day. There’s a friction to the interface that SN just doesn’t have.
I have SN’s app sitting bottom right on my iPhone’s dock and I dump thoughts into it all day. And it’s always open on my desktop.
Standard Notes is my notebook, while Joplin is my filing cabinet.
Then there’s email
I can’t remember which came first for me. Standard Notes or Protonmail. I have a feeling it was Protonmail, but it hasn’t been such a success for me. Don’t get me wrong. I love Protonmail and use it every day. I even think from time to time that I’ll ditch Gmail for it.
The problem is the old fax machine problem — yes, I do remember the world before the internet. Protonmail may be fantastic at sending and receiving encrypted email simply but not one of my friends, clients or collaborators has a Protonmail account or is geeky enough to have set up PGP (Pretty Good Privacy) for their email.
So I carry on emailing in the clear, but with an awareness that email is not in the slightest bit secure and whatever I send and receive can be read by I don’t know who. But, even with plain old email, Protonmail keeps everything encrypted on its servers so hackers can’t read my emails once they’ve arrived at my end,
Incidentally, I’ve been slightly more successful with messaging. Some of my friends must have been listening to Edward Snowden. And have been happier to converse with me over Signal as they question WhatsApp and other messaging systems. Maybe they’ll see the light over email in time.
There’s still some more to do
As I said towards the start. This is a work in progress. I have a couple of other ideas underway that I haven’t yet fully adopted. I’ve managed to ringfence parts of my digital life that I have complete control over. The problem is that the rest of the world isn’t yet bothered. My digital privates remain shockingly on display for the world to see — as are yours.