Remember to Forget
In a time when every company is trying to collect as much of your private data as possible and either opaquely or overtly use it to drain your bank account for their own gain, we can’t do a whole lot to maintain privacy. Governments are not only complicit, but generally speaking those in power love to reduce your access to privacy because mass surveillance is inevitable for any late stage empire.
These days we can’t do a whole lot to have real privacy without going entirely off-grid and not participating in capitalism, but there are some steps we can take to get slightly more privacy when possible.
One strategy we can reasonably employ is the deletion strategy, which works because lucky for us GDPR and the California Consumer Privacy Act mandate a right to have your data deleted. We can leverage this for a little extra privacy.
Here are some of the things I do to at least get a (false) sense of privacy:
- On iOS/macOS, change your iMessage and SMS settings to delete all messages after 30 days.
- Use an email service like Fastmail with your own domain, and generate a masked email address for separate websites/logins.
- Avoid giving a phone number whenever possible. This one is tricky, but you can often put in a fake number and unless the website requires validation it should be fine.
- Regarding the previous, never use SMS based 2FA. Use a Yubikey (preferred) or OTP (one-time password).
- Use a password manager like 1Password for managing logins and passwords as mentioned above.
- Generally avoid ad company products: Google, Facebook, etc. If you do use Google (search, for example), never sign in, always use it anonymously.
- Use a privacy-preserving web browser like Firefox. On iOS you have no choice to use Safari (or a Safari shell), so just avoid using iOS.
- Set up a Matrix/Element server for friend group chats. It’s crappy, but you’ll never have to worry about the FBI, Tim Apple, or Mark Zuckerberg deleting your life because you shared some photos your kids.
- Periodically delete your accounts if you can. Many companies have hidden deletion tools which can be used to purge all your account data. You can simply say you live in California or the EU, and most of them won’t verify this. Some of them will make you upload ID to prove you live in those places, but most of them don’t check.
- Better yet, don’t use any kind of advertising software (Facebook, Instagram, Twitter, Reddit, etc).
- Freeze your credit with all the various credit bureaus. This is hard to do because there are many of them, but here are a few you should freeze (there’s a more detailed list from the CFPB here):
- Equifax (you have to separately freeze your normal credit and their “work number” product)
- TransUnion
- Experian
- Accurate
- ADP
- Asurint
- ChexSystems
- Avoid all kinds of loyalty programs.
- Never give your phone/email for retail stuff, they will always ask and offer you “discounts” but they collect this data strictly to spam you and trick you into buying more of their shit.
The list above is not exhaustive, but these are things you should keep in mind. As an individual, you have very little control or say over how you engage with corporations these days, sadly. In spite of this, it’s good to know what’s required or not required, and often when dealing with companies you simply have to be assertive and say “no” unless you’re legally required to provide information, which is rarely. It’s also not illegaly to provide fake information, except in specific cases such as opening a bank account thanks to the Patriot Act (which has nothing to do with being a “patriot” or preventing crime and everything to do with mass surveillance).