🛡️ Privacy · CAPYBARANET

🎯

Why privacy matters

Privacy is not about having something to hide. It is about having something to protect.

Every time you use the internet, data is collected about you — what you search, what you read, where you are, who you talk to, what you buy, how long you look at something. This data is aggregated, sold, and used to build detailed profiles that can be used to target you with advertising, manipulate your behavior, influence your political views, or be exposed in data breaches.

Privacy is not paranoia. It is a basic human right recognized by the UN Declaration of Human Rights, the European Convention on Human Rights, and the constitutions of most democracies. Digital privacy is an extension of that right into the modern world.

The goal is not perfect invisibility — it is reducing unnecessary exposure and making informed choices about what you share and with whom.

💬

Secure communications

Who can read your messages?

Signal

Recommended

End-to-end encrypted messaging and calls. Open source, nonprofit, funded by donations — not advertising. The gold standard for private communication. Used by journalists, lawyers, activists, and security researchers worldwide. Free for iOS and Android.

Proton Mail

Recommended

End-to-end encrypted email based in Switzerland. Cannot be read by Proton employees or handed to third parties in readable form. Free tier available. Use for sensitive communications — not as a replacement for Signal, which is more secure for real-time messaging.

Why not WhatsApp?

Caution

WhatsApp uses end-to-end encryption for message content, but is owned by Meta (Facebook) and collects extensive metadata — who you talk to, when, how often, your device information, and location. The encryption protects the content; it does not protect the pattern of your communications.

Why not standard SMS/text?

Avoid for sensitive topics

Standard SMS messages are not encrypted. They can be read by your carrier, obtained by law enforcement without a warrant in many jurisdictions, and intercepted using commercially available tools. Do not send sensitive information over standard text messages.

Matrix / Element

Advanced

Decentralized, open-source encrypted messaging protocol. More technically complex than Signal but allows you to run your own server. Good for organizations wanting full control over their communications infrastructure.

🔑

Password security

One weak password can expose everything connected to it.

Bitwarden

Recommended — Free

Open-source password manager. Stores all your passwords encrypted in a vault you control. Generates strong unique passwords for every site. Free tier covers all essential features. Available on all platforms and browsers.

1Password

Paid — excellent UX

Commercial password manager with an exceptionally polished interface. Paid subscription. Strong security model and good family/team sharing features. A solid choice if you prefer a commercial product with dedicated support.

Two-factor authentication (2FA)

Use on every account

Adds a second verification step when logging in. Even if your password is stolen, an attacker cannot access your account without the second factor. Use an authenticator app (Authy or Microsoft Authenticator) rather than SMS codes where possible.

Have I Been Pwned

Check now

Free service run by security researcher Troy Hunt. Enter your email address to see if it has appeared in any known data breaches. If it has, change your password on those services immediately. You can also set up alerts for future breaches.

📌The single most important rule: never reuse passwords. If one account is breached and you use the same password elsewhere, attackers will try it on every other service automatically. A password manager makes unique passwords for every site effortless.

🌐

Browser privacy

Your browser is the window through which almost everything you do online passes.

Firefox

Recommended

Open-source browser from the nonprofit Mozilla Foundation. Strong privacy defaults with extensive customization. Supports uBlock Origin (the best ad blocker). Not funded by advertising. A good default choice for most people.

Brave

Privacy-first

Chromium-based browser with aggressive tracking and ad blocking built in by default. No setup required — it blocks trackers out of the box. Good alternative if you find Firefox's configuration intimidating.

uBlock Origin

Install immediately

The most effective ad and tracker blocker available. Free, open-source, and lightweight. Blocks ads, tracking scripts, malware domains, and surveillance infrastructure. Install this in Firefox before doing anything else. Note: not available in Chrome as of 2024 due to Manifest V3 restrictions.

Privacy Badger (EFF)

Complementary

Browser extension from the Electronic Frontier Foundation. Learns which trackers to block based on behavior rather than a fixed list. Good complement to uBlock Origin. Made by one of the most trusted digital rights organizations.

DuckDuckGo

Private search

Search engine that does not track your searches, build a profile, or personalize results based on your history. Results are less personalized than Google — which is both the point and a tradeoff. Good default search engine for privacy-conscious use.

Why not Chrome?

Caution

Google Chrome is made by a company whose primary business is advertising. It collects extensive data about your browsing. Recent Manifest V3 changes restrict the effectiveness of ad blockers in Chrome. If you use Chrome, you are the product being optimized for advertiser reach.

🔒

VPNs — what they do and don't do

A VPN is one tool — not a complete privacy solution.

A VPN (Virtual Private Network) encrypts your internet traffic and routes it through a server in another location, hiding your IP address from the websites you visit and your browsing from your internet provider. What a VPN does not do: it does not make you anonymous, it does not prevent tracking by cookies or fingerprinting, and it does not protect you if the VPN provider itself logs and sells your data.

Free VPNs are almost always the product, not the service. If you are not paying for a VPN, your traffic data likely is.

Mullvad VPN

Recommended

Swedish VPN with an exceptional no-logs policy — independently audited. Does not require an email address to sign up. Accepts cash and cryptocurrency. Flat rate of €5/month. Considered the gold standard for privacy-focused VPN use by the security community.

Proton VPN

Recommended — free tier

From the same team as Proton Mail. Swiss-based, independently audited, open-source. Has a genuinely free tier with no data limits (unusual for VPNs). Slower on the free tier. Paid plans unlock faster speeds and more server locations.

Tor Browser

High anonymity — slower

Routes your traffic through three layers of encrypted relays operated by volunteers worldwide. Much stronger anonymity than a VPN but significantly slower. Used by journalists, whistleblowers, and activists in high-risk situations. Not suitable for everyday streaming but excellent for sensitive research.

🗂️

Data brokers — the industry selling your life

Hundreds of companies collect and sell your personal information. Most people have never heard of them.

Data brokers are companies that aggregate personal information from public records, loyalty programs, social media, app data, purchase histories, and other sources — then sell it to advertisers, employers, landlords, insurance companies, law enforcement, and anyone willing to pay. Your name, address, phone number, relatives, income estimate, political affiliation, health conditions, and daily routines may all be in their databases.

DeleteMe

Paid removal service

Subscription service that sends opt-out requests to hundreds of data brokers on your behalf and monitors for your data reappearing. Saves significant time compared to doing it manually. Paid service — roughly $129/year.

Privacy Rights Clearinghouse

Free opt-out guide

Nonprofit resource listing opt-out procedures for major data brokers. Time-consuming to do manually but free. Each broker has its own process — many require you to submit ID, which itself feels counterintuitive but is required to verify your identity for removal.

Michael Bazzell's Opt-Out Workbook

OSINT practitioner resource

Detailed manual guide from a former FBI agent and privacy consultant. Covers opt-out procedures for the most important data brokers with step-by-step instructions. Regularly updated. Recommended if you want to do thorough manual removal.

📱

Device & account security basics

The fundamentals that most people skip.

🔒

Lock your devices

Use a strong PIN (6+ digits), password, or biometric lock on every device. Enable full-disk encryption — on by default on modern iPhones; enable it on Android in Settings → Security.

🔄

Keep software updated

Most successful attacks exploit known vulnerabilities in outdated software. Enable automatic updates on your OS, browser, and apps. This is the single highest-impact security action most people can take.

📍

Audit app permissions

Review which apps have access to your location, camera, microphone, and contacts. Remove permissions that apps don't need to function. On iPhone: Settings → Privacy. On Android: Settings → Apps → Permissions.

📧

Recognize phishing

Most breaches start with a phishing email. Check the actual sender address (not just the display name), hover over links before clicking, and never enter credentials from an email link — go directly to the site instead.

📶

Public WiFi caution

Public WiFi networks can be monitored or spoofed. Use a VPN on public networks for any sensitive activity. Avoid accessing banking or sensitive accounts on public WiFi without one.

🖥️

Separate devices for sensitive work

Journalists, activists, and researchers handling sensitive information should consider using a dedicated device for that work — one that isn't used for social media, gaming, or general browsing. Reduces the attack surface significantly.

📖