BEWARE! "Privacy" 👻
Your privacy journey shouldn’t be about becoming Edward Snowden, when it can be about making informed choices that fit your life. My only ask - is that you don't lie to yourself. Here's what I have:
"Privacy fatigue" a sense of exhaustion from constantly worrying about online privacy.
The desire for perfect online privacy, like the desire for perfect anything, while understandable, can often lead to counterproductive outcomes. This pursuit of an unattainable ideal can create significant anxiety. For instance, some individuals described feeling like they had to treat themselves like criminals or secret agents, obsessed with keeping a very low profile both online and in real life, which ultimately led to frustration, conflicts and a decision to abandon many privacy efforts. Spoiler alert: for the majority of people this behavior is not necessary! No kidding!
Privacy fatigue is a completely understandable psychological response to the constant stream of privacy concerns on the internet. Research shows that privacy fatigue has two key dimensions: emotional exhaustion from continuously worrying about privacy issues, and skepticism about whether protective measures actually work. Studies demonstrate that this fatigue can actually become more influential than privacy concerns themselves, ultimately affecting health.
If you feel you have it, then take a break and try to focus a bit on the legal reassurances I’ll present below, as well as the practical, non-extreme steps, that are easy to implement. You're not alone in this fight, and there are powerful systems designed to protect you.
Here’s the thing, for the majority of you out there, the law is often on your side. As a lawyer, I want to bring a dose of reassurance. While the digital landscape can feel like the Wild Wild West, it’s not entirely lawless. Many of the anxieties that fuel privacy fatigue stem from a feeling of powerlessness against giant tech corporations. You might already know this, but consider the European Union example. The General Data Protection Regulation (GDPR) is a landmark piece of legislation that has sent ripples across the globe, no matter the region, forcing companies to be more transparent and accountable for how they handle our personal data. We've seen the EU actively take on tech giants, levying significant fines and mandating changes to their data practices. This isn't some shadowy conspiracy theory, it's a tangible demonstration that regulatory bodies are working to protect consumer rights. The existence and enforcement of laws like GDPR prove that we're on a path, however challenging, towards a better balance. This isn't just happening in the EU, many countries and regions are adopting or strengthening their own data protection laws.
The images of extreme privacy advocates, like Edward Snowden, living lives of intense operational security – are powerful. What he did was undeniably impactful and came at immense personal risk. HOWEVER, for the majority of us, that level of extreme privacy isn't necessary, and frankly, striving for it can be a direct route to burnout and that very privacy fatigue we're trying to understand.
Before diving down the rabbit hole of every conceivable privacy measure, it's crucial to come back to your personal threat model. Ask yourself, HONESTLY: what are the actual threats I face? Are you an investigative journalist working on sensitive stories in an oppressive regime? Or are you primarily concerned about advertisers tracking your online shopping habits, or perhaps preventing common cybercrime like phishing or identity theft? Personal threat modeling offers a structured and rational alternative to all-or-nothing approaches. It is a process of identifying potential threats to one's digital assets and prioritizing protective measures based on individual circumstances, values, and resources. The core idea is to focus energy and effort on mitigating the most probable threats that are relevant to you, rather than attempting to defend against every hypothetical danger. The aim of personal threat modeling is not to induce fear but to empower, providing a framework for making conscious trade-offs and focus efforts where they are most meaningful.
Not all of us can, or need to, implement every point on the "Extreme Privacy" checklist. Lying to ourselves about the threats we genuinely face leads to adopting unsustainable practices, which we eventually abandon, feeling defeated and guilty. For most people, reclaiming a significant degree of digital privacy doesn't require becoming a cybersecurity expert or living off the grid. It can start with a few key changes:
Your Browser: This is your main window to the internet. Switching to a privacy-respecting browser like Brave (which blocks trackers by default) can make a huge difference. Resources like PrivacyTests.org (which I’ve mentioned before) can help you compare options.
Your Messaging App: How you communicate sensitive information matters. Opting for end-to-end encrypted messengers like Signal ensures that only you and the intended recipient can read your messages. Check out SecureMessagingApps.com for detailed comparisons.
Your Email: Consider using an email provider that prioritizes privacy and encryption, such as Proton Mail. This helps protect the content of your communications from prying eyes.
If you're feeling up to it, tackling your device's Operating System (OS) can be the cherry on top – perhaps exploring Linux or de-Googled versions of Android. But if that feels too daunting, don't let it stop you from implementing the first three. Switching your browser, messaging app, and email provider is already an amazing leap forward in reinforcing your online presence. These steps are manageable, sustainable, and highly effective.
When you're feeling worn down by privacy concerns, remember this: there are people and institutions actively fighting for your rights:
Many dedicated NGOs work tirelessly to advocate for stronger privacy protections, challenge intrusive practices, and provide resources to the public. Organizations like the Electronic Frontier Foundation (EFF), Access Now, and Privacy International are at the forefront of legal battles, policy advocacy, and public education campaigns globally. In Europe, European Digital Rights (EDRi) plays a role in shaping digital rights policies. These groups are your powerful allies.
Most countries have consumer rights agencies that can advocate on your behalf if a company mishandles your data or violates your rights.
Many governments appoint an Ombudsman specifically tasked with identifying and addressing breaches of citizens' rights, including privacy rights.
And yes, even The Police or other law enforcement agencies are there to help if you're targeted by specific digital crimes like sextortion, online harassment, threats of violence, or financial fraud.
This isn’t legal advise, this is common sense. This isn't to say the system is perfect, but these avenues of recourse exist. The fight for better privacy laws and their enforcement is ongoing, waged by activists, academics, engineers, programmers, lawyers, and policymakers around the world.
So, when you feel that wave of privacy fatigue, take a breath, not everything under the sun is a conspiracy theory. Remember the laws in place, the advocates working for you, and the practical, achievable steps you can take. You don't have to do everything, but doing something is powerful.
I hope you're reading this before your digital privacy journey, or perhaps you could send it to a friend that is only thinking of starting it.