In our digital world, we create daily pieces of information that are stored and collected. Those so called digital traces can be visible and intentional (blogs, videos, pictures, posts) but also unintentional and invisible (searches, records, preferences, etc…). Knowing how we produce them and what uses can be done with them should be a concern of everyone.

The mass treatment of your data, can easily generate a “version of you” which would go way beyond the barriers that exist between the usual public and private life of individuals. This not only by generating wanted content, but also by generating metadata unknowingly which makes it easy for specialized algorithms to recognise patterns and draw conclusions about any aspect of your life which is in the interest of the people behind the algorithm.

This article will focus on different aspects of technologies that surround us daily and on what can be done to reduce significantly the flux on information that we generate. Even if written in the interest of the common alpha citizen and in a format similar to a “guide”, we will also address the question of how political and economic interests are shaping the way in which technological tools are developed.

Encryption seems to be nowadays a word that pops up frequently in debates over cybersecurity and confidentiality. The technique in itself is really complex if you are not an expert in the matter, but we can try to give you a brought idea on how it functions. The information sent is encoded in such a manner that it becomes unreadable and only authorized parties are able to access it using a “key”. This key decodes the content being encrypted, from cipher text back to plain text. It is important to add that two different types of encryption exist; symmetric encryption and asymmetric encryption.

The first, also known as private-key cryptography, uses the same key to encrypt and decrypt the data. The weakness of such cryptographic schemes lies in the necessary initial exchange of the key between the sender and the recipient but on the other hand encryption/decryption operations are very fast.

The second type, also known as public-key cryptography, is a bit more complex. It involves a set of two keys which are mathematically linked: one can be communicated publicly (it is called the public key) whereas the other has to be kept secret (it is called the private key). If the public key is used by the sender to encrypt the data, only the private key will be able to decrypt the data, removing thus the need to share the original key between the sender and the authorized recipient. Unfortunately, encryption/decryption are far slower than their symmetric counterpart. Asymmetric cryptography is widely used for the initial exchange of a symmetric key between the sender and the recipient, the subsequent communications then use this symmetric key.

Different types of encryption algorithms are used today in cyber-security world, the most known being RSA for asymmetric-key cryptography and AES for symmetric-key cryptography.

For practical reasons, only the “real” data itself (the payload) is usually encrypted but not the metadata associated to the message, and this can be an issue from a privacy standpoint. It is also important to understand that encryption prevents any third-party from eavesdropping the content of the messages exchanged between a sender and a recipient but it does not offer any guarantee in terms of anonymity.

Having laid out the technological basis, we will now try to analyse the different stands points that commercial companies, individuals and public institutions have in regards of encryption. The main question in our democracies today is to ascertain how legally a citizen should be “treated” between the individual, and all of the democratic rights associated to it, and the data subject he is becoming, with all the economic and political assumptions that go with it. Terrorism is definitely the best example in the current situation. How can we mix the growing will of privacy of individuals on one hand, with the needs of national authorities to closely supervise citizens in a society where communication strongly relies on technological gadgets? Adding to this the fact that phones, laptops and all the applications we use are developed by private companies having as sole purpose benefit and marketing optimization, we can quickly understand that the political debate is often frozen by all the different interests that each of these actors defends. Making encryption legally mandatory for all messaging apps and emails wouldn’t be too complicated to implement, but how would we then define the boarders granting governmental institutions the right to access citizens data by directly unlocking phones in situations where national defence is at stake? Where to stand between the legitimate public and private control over citizens data, and the need to revise the principle of privacy with all the newly created potentially intrusive technologies becomes a serious question.

Starting with encryption as an example of technological feature that already creates important debates over fundamental rights and more in general over the relationship that individuals, private companies and public institutions should have, it seems quite evident that all the uses and possibilities that our connected gadgets grant us are discussable.

GAFAM companies are certainly the actors developing the user-friendliest tools and resources that are out on the market. Their budget never really being an issue. Nevertheless, it is important to understand that well designed platforms appearing on your phone or on your PC are just the tip of the iceberg. As mentioned in the introduction, the types of data that are collected, and the way they are treated afterwards, go way beyond the basic user’s intuition. Long and unread terms and conditions are today legally sufficient to justify the uses that are done with the collected data, but is this mechanism efficient in matters of user’s understanding of what using those tools imply? This does not really concern intentional data that we post, but rather all the metadata and traces we leave behind us unwantedly. In the latter part of this article we will lay out some ways in which a basic individual can significantly reduce the number of those traces, but should it really mean that we have to get rid of our thousand-dollar phones or stop using popular social medias?

No right answer exists and its up to each one of us to decide where we want to stand. But there are some common grounds we could all agree upon. Transparency on how citizens data are created, collected, stored, treated or even sold seems to be the first must have for instance in Europe. The implementation of the GDPR is a clear sign of our legal systems trying to create a strong basis for digital European market; meaning a legal structure that takes into consideration evolving fundamental principles on one hand (to protect individuals), and businesses needs to operate on an open market on the other.

What is certain today, is that times are changing. Our societies do not evolve as quickly as our technologies, but different believes and needs are generating a great number of alternatives for each tool there is a demand for. We thus have the choice, and it’s fundamental, but citizens should be more informed on all the technicalities in order to make a rational choice. The part of the article that follows is slightly more technical, but is written with the intention of giving curious readers an opportunity to understand what using certain tools indirectly implies, and to give them a variety of means or solutions to reduce the flux of data he or she generates daily.

Your browser represents one of the main source of all the digital traces you leave on the web. As changing to less user-friendly platforms is not always in the interest of everyone, it is important nevertheless to be aware of all the methods that are applicable on your default platforms to reduce the data you generate. By default, Google chrome and Firefox are downloaded on your computers with predefined rules, that often allow third parties to collect some of your information. A standard research on Google Search is much more that just a interaction between an individual and one simple company. In fact, through practices such as the use of cookies for marketing purposes, companies can today easily create a virtual profile of who you are and generate profit out of the information we feed them with as “data subjects”.

Generally, changing some core elements of the privacy settings and managing manually the preferences of the online service you use is already sufficient to regain more control over who can access your data and what treatments can be done with your data. Nevertheless, we strongly recommend you install add-ons on your default browser, as it will do all the work without you having to worry too much about what is actually going on.

a) Changing your privacy settings:

Beside main stream tips like for instance cleaning your history regularly when browsing on the net, you should pay particular attention to two aspects when using Firefox or Chrome.

Firstly, you should make sure that you select the option “Do not track” in the settings of your default browser. This will force your browser to send a request to all the website you visit for them not to track you. It is sufficient in some cases but as many of them ignore the request anyhow, add-ons mentioned later in the article will help you to deal with those bad guys. Secondly you should make sure that you define the rules concerning third parties’ cookies. Even if blocking them all seems like a good idea, do not forget that some websites functionalities will be affected, and you might not be able to fully exploit them. Under those circumstances we recommend you to manually allow cookies on defined websites. Beside th

ose two main aspects you will find various other options that you can uncheck in the settings of your browser that will block automatic plugins, sites from accessing your microphone and your camera or even block sites to download multiple files automatically.

Note that such manipulations are applicable with technically all off the existing social medias and even if their effect is generally limited they can still help you to reduce some of the data of being created and treated in unwanted ways.

b) Specific add-ons:

Add-ons are simple software’s that can be added to your browser in order to apply new functionalities.

There are a multitude of free add-ons that have been created in order for you to regain some of your privacy. We will mention some of the most known but keep in mind that other solutions exist and will keep on being created as the functionalities of the net grow exponentially.

You might think that “Adblock” would be at the top of the list, but in reality, some of those add-ons have found interesting business models offering to some advertisers the opportunity to pay to bypass their software. We rather propose for the same purposes “Ublock origin” which prevents ads to be displayed on your screen and significantly reduces the amounts of specific trackers such as cookies or social media buttons.

To avoid non-consensual tracking, you also have the option of installing Privacy Badger which is used to block spying ads and invisible trackers.

“Noscript” and “Scriptsafe” are as well-known add-ons which help you to block specific trackers such as pop-up advertisement, JavaScript and all other potential harmful functionalities of some. Nevertheless, they have serious limitations as they do not provide a pre-established list of harmful and non-harmful trackers leaving you with the responsibilities of granting specific authorizations per website.

When it comes to automatically erasing cookies every time you close a tab, “Self-destructing cookies” is a pretty decent solution. Simply add a solution like “Click&Clean” and your browsing history will be fully cleared.

Don’t hesitate to have a look at websites such as “Panopticlick” which are pre built tools giving you the opportunity to see how well protected you are and what kind of tracking techniques are still affecting you beyond the add-ons you may have installed.

Those are just some of the most known add-ons that you can install on your browser in order to significantly reduce the amount of data you generate, but bear in mind that other free solutions exist.

For those of you which are less reluctant of changing their daily habits, the best solution when it comes to privacy and security, remains changing the tools you use. This going from your fancy messaging apps, to the default browser you use. Even if those alternatives are not as well designed and functional, they generally differentiate themselves from grand public applications by their transparency and their engagement in providing private and secure tools.

To start off do not forget that private internet connections are always much safer solutions; avoid public hotspots as much as possible. You can also use VPNs to surf on the web to try and gain some more anonymity and security, but alternative solutions are generally built to destroy the “commercial” and to focus on what really matters.

The principle of open source is generally what is reliant to all the alternatives that are out there to Google. The differences are quite simple to understand as commercial platforms have strong business models which without your consent (or semi-consent laid out in the famous terms and conditions) make of every search monetizable data. Say goodbye thus to your privacy and security, as personal data is a revolutionary business in our capitalist economy.

When it comes to alternative browsers, Firefox is already a better solution to Google. Not by default, but as several performant add-ons have been developed for the platform to become more protected. Nevertheless, when it comes to anonymity Tor seems to remain the best “user friendly” solution that is out there. It comes with several advantages as your IP address is hidden, no tracking is performed, and no monetization of data is applied. Be aware though as Tor is not 100% secure and data can still be found and extracted if you deal with a techy.

To lay out some existing open source search engines we could start off with two alternatives that are similar in their functionalities: “Duck Duck Go” and “Searx”. Both do not use cookies by default, they do not track, they do not store personal information and have HTTPS encryption. All of this for free of course. “Startpage” is the following alternative we will mention as it adds one more layer of security by providing a free proxy to increase your online browsing anonymity. It goes without saying that the content you will find on those search engines will be less in quantity with regards to Google, but it seems quite a good price to pay.

When it comes to emails, the concerns when using a commercial solution are still the same. Tracking and profiling. Solutions have been created for you to find more confidentiality not simply on the content itself but also on the metadata you generate. There are two main free services which are “Riseup” and “Espiv”. Both have encryption and do not log digital traces, but they are strongly associated to political groups, which can be an issue for some of you.

Bear in mind that technically, even when encrypted, the content of your emails is still accessible for your service providers if they really want too. From that assumption, opting for newly created content encryption solutions or hosting your own email can grant your more liberty and trust.

The last group of applications we will mention are messaging apps. Using “WhatsApp” as an example we want to stress out the fact that encryption is not always sufficient to regain confidentiality. Only the content is “encrypted”, not the metadata around a message. Which makes you still easy locatable and identifiable. Adding to this the storing and analysing of your data, you don’t need to be a specialist to understand the use that can be done by commercial closed-source platforms such as “Facebook Messanger”, “Google Talk”, “SnapChat”, “Line” and so forth.

One of the best alternatives that exist today remains probably “Signal”. It is extremely user friendly, is encrypted but the app is still linked to your phone and has access to your contacts. In the category of instant messengers “Surespot” also does a great job. Otherwise encryption extensions can also be installed to pre-existing chat accounts, but it generally requires more technical knowledge and a little bit of “bricolage”.

As we have seen, confidentiality, anonymity and privacy are daily issues that can easily be tackled. Not in their integrity for non-specialized users, but several solutions as mentioned above, can be used as a starting point to regain control of your data. Adopting simple reflexes when browsing on the net or when using your preferred platforms, will consequently help you to strengthen your anonymity. In a world where individuals are being transformed in economic assets through well designed commercial tools, it is still up to you to decide where you want to stand. You most certainly think that you have nothing to hide, but it is no valid reason to forget your intimacy.