Beyond VPN: Strategies for maximizing online privacy

VPNs are sometimes marketed by their vendors as the ultimate solution for online privacy. However, this perception overlooks the complexity of modern online tracking and the myriad ways in which personal information can be collected. While VPNs play a critical role in encrypting Internet traffic and masking IP addresses, they are only one piece of the larger puzzle. Below, we look at additional privacy-focused tools and habits that, when combined with a VPN, can truly strengthen your privacy.

Know your enemy: The ways they can track you

Websites, applications, ISPs, and even governments, which can demand data from all of the above, each have their own ways of tracking users for different purposes, ranging from personalized advertising to analytics to surveillance and beyond.

Cookies

Websites use cookies, a mechanism in browsers that allows websites to store data to remember your logins and preferences. While convenient and often necessary, cookies can track your activities within the site and sometimes even across sites to create detailed profiles of your interests and behavior.

Browser Fingerprinting

Modern browsers have many built-in APIs that allow websites to collect information about your environment, such as your browser type, settings, screen resolution, and even hardware. None of this may be unique on its own, but in combination they can be surprisingly unique and used to identify and track you without the need for cookies.

IP Address

Your IP address is, needless to say, visible to every website you visit and reveals your location. And your IP is provided by your Internet Service Provider, which is tied to your real identity, which can be shared with advertisers or turned over to authorities as evidence in certain circumstances. Of course, this is automatically covered by our service.

Mobile Apps

Mobile apps enable a much wider range of data collection than websites, as apps can request permissions to access various data and sensors on your device, such as your device ID, contacts, camera, microphone, location.

Email and Chat

A common misconception is that email and chat apps offer privacy because they are meant for private conversations. But many popular services do not provide end-to-end encryption, so your messages are kept in plain text on their servers. Your communications can be easily analyzed for monetization purposes, or even shared with government agencies as part of mass surveillance programs.

Deep Packet Inspection (DPI)

ISPs and some organizations (such as schools or businesses) use DPI on their networks to monitor and analyze all data that passes through, allowing them to see the full content of unencrypted traffic. Even for encrypted traffic, more and more advanced techniques are being developed to identify traffic patterns and provide at least some insight into what's in those connections.

Privacy-Focused Software

Privacy-Centric Browsers

Browsers like Tor and Mullvad Browser are designed with privacy at their core. Besides the well-known IP anonymization capabilities, Tor (and Mullvad Browser, which is based on the former) is built to resist fingerprinting, and has built-in protections against tracking cookies and scripts.

It's worth noting that, recent bad PR aside, the incognito or private browsing modes available in mainstream browsers like Chrome and Firefox do provide some level of privacy enhancement, albeit more limited. These modes work by creating a temporary browsing session that's isolated from the main session, separating the cookies, etc. that are the main tracking method for most websites. Just keep in mind that incognito mode does not hide your activity from websites, your Internet service provider, or network admins. Your IP address will still be visible, and all interactions with websites may still be recorded by those sites themselves.

Encrypted Messaging Apps

Choose messaging services that offer robust end-to-end encryption, such as Signal, Matrix (Element), or Telegram. These ensure that your conversations are encrypted using keys that only exist at the two ends of the conversation, and that not even the service providers themselves can decrypt the messages.

Secure Email Providers

Services like ProtonMail and Tutanota offer end-to-end encrypted email, similar to the encrypted messaging apps above. Just be aware that even though your inbox is encrypted, the email protocol itself doesn't support end-to-end encryption, so if the other end of a conversation doesn't use these services, your conversation will still be stored in plain text on the other end's servers.

Encrypted Cloud Storage

To secure your files in cloud storage (such as Google Drive), consider using apps like Cryptomator. It adds an extra layer of local encryption to your data before it is uploaded to storage providers, making it unreadable to anyone without the decryption key.

Usage Habits

Minimize Active Data Sharing

Be careful about how much personal information you share online. Think twice before posting sensitive information on social media. And if you do, double-check to make sure it's not more than you intended to share. For example, the EXIF data in photos contains a wealth of information, including the camera model, date and time, and even the exact GPS location. Use tools to strip this information before uploading.

Wi-Fi Discipline

Avoid using public Wi-Fi networks, especially those without a password, as your packets can be eavesdropped on; if necessary, make sure you are connected to a VPN.

Regular Software Updates

Make sure your apps and operating systems are up to date. Software updates often include features and security patches that protect against new vulnerabilities.

Review App Permissions

Regularly review the permissions granted to applications on your devices and limit access to only what is necessary for the application to function. Also, you often have the ability to grant permissions "once only" rather than allowing persistent access.