Privacy in the Age of AI & Mass Surveillance
This article is much different from anything else I’ve posted on this website. It doesn’t directly relate to the Orthodox faith, so I’ve hesitated to post it here. But I think it’s important.
Here, you’ll find my story about the steps I took to increase my digital privacy and security in this age of AI and mass surveillance. I don’t have an air-tight argument on why everyone should care about privacy as much as I do. Many people naively trust both Big Tech and the government to never do them harm. I’m simply not one of those people.
In the past, I took comfort in the fact that so much data is collected on each of us that it would take too much time for a person to sort through it. However, with advancements in AI, the ability to deeply analyze enormous data sets is quite feasible. No longer do I feel like I can disappear as a faceless person in the crowd.
Along with the rise of AI, we’ve witnessed an increase in totalitarian and authoritarian practices by our governments. Stories like the Twitter Files reveal the close ties between the government and Big Tech. Also, it was only four years ago that governments were shutting down churches (sometimes with armed guards) to keep Christians from worshiping together. It’s not apparent that the governments have regretted their overreaches – I haven’t heard any apologies or acknowledgments of wrongdoing from them.
Since the government has shown totalitarian tendencies, and they are tightly joined to Big Tech, I decided to take some practical steps toward reducing the amount of data collected on me. Hopefully it will inspire a few others to do the same. While it may be impossible to keep highly sophisticated intelligence agencies (like the NSA) out of my devices if they ever decided to target me specifically, I can at least reduce the amount of data collected by hackers, scammers, advertisers, corporations, and government agencies through good privacy practices.
Take it slowly
Becoming privacy-oriented takes time because it involves some lifestyle changes. For me, this has been a multi-year project of removing the largest offenders first. Since our various devices have integrated themselves so deeply into our daily lives, slowly implementing these changes helped me stick to the plan.
Many times we must trade some convenience for privacy. For example, I choose to keep location off on my smartphone by default, which means when I occasionally need it, I have to manually re-enable it.
I’ve broken my story into three stages: Beginning Steps, Intermediate Steps, and Advanced Steps. At the end, I’ve posted websites with links for further reading.
BEGINNER STEPS
These steps are free and don’t require much time or effort. They’re simply good digital hygiene.
Step 1.1: Tuning up my smartphone
I’ve used both Android and iPhone, and in both, the privacy settings need to be checked periodically. Apps ask for various permissions, and these don’t need to be left on all the time. I especially check the camera and microphone settings on my phone since I may intend to temporarily grant an app access but then forget to revoke that permission later. I only leave the camera and microphone on for apps that I want watching and listening to me every moment of every day and night. That means zero apps. Also, I stay aware of which apps can access my photos and files.
A device that isn’t secure isn’t private either. So, I keep my operating system and apps up to date to patch known security flaws. When available, I use apps that are open source due to my privacy and security concerns.
Step 1.2: Getting rid of unnecessary apps
I recently completed a clean-up of my smartphone, getting rid of nearly every app that I don’t use regularly or that doesn’t provide an important and useful function in my life. Every app on my device can create a potential security hole. So, I keep only what’s necessary.
I’ve never had games on my phone, but if I did, those and social media would have been the first to go. News and video apps went next since they are a time-suck for me. Anything that frequently draws my attention to the phone – or creates a desire in me to frequently check it – gets removed.
I try to keep my device “light” and streamlined, with as few apps downloaded as possible. If I need an app temporarily, then I download it, use it, and then delete it when I’m done (e.g., an airline app when I’m traveling). With today’s internet speed, I can easily redownload apps that I don’t need daily.
Additionally, many apps have privacy and security concerns (including religious and mental health apps). Consider carefully what an app is asking for and if you need it.
Step 1.3: PC clean up
No matter what operating system I have installed on my laptop or desktop, I check app permissions in the system settings. I periodically uninstall software that I don’t absolutely need – especially old programs that haven’t received updates in a year or so.
If I need to use older software, then I run it in a virtual machine such as VirtualBox, which is super easy to set up. More on that in the Advanced Steps below.
Step 1.4: Discovering data breaches and privacy leaks
No matter how careful I am, I can’t control website servers getting hacked. I signed up for data breach notifications on the website haveibeenpwned.com, which provides a valuable service. It analyzes the dark web for data breaches so that it can alert people to update their passwords.
Step 1.5: Using a password manager
I use a different password for every service and website that I log into, which is a necessity these days due to hackers and data breaches. Keeping track of that many passwords would be impossible without a password manager.
I prefer open source software since the code can be reviewed for both privacy and security reasons. Proton Pass and Bitwarden are good options, and there are many others.
Lastly, I avoid using social media, Apple ID, or a Google account to log into other services due to privacy concerns.
Step 1.6: Closing old accounts
In the above steps, I learned where data breaches have occurred, I set up a password manager, and then I began adding accounts to my password manager. I quickly noticed numerous accounts for websites that I don’t use anymore. So, I closed those accounts. While doing so, I learned there’s a huge difference between closing (deleting) an account and deactivating an account. Sometimes I’ve had to search the web to find out how to delete an account rather than deactivating it.
Before closing an account, I sometimes change the data in it with fictitious information. The reason for taking this step is that some websites will sell off the data that I provided them, even after my account is closed.
INTERMEDIATE STEPS
These steps increased my privacy but also decreased some everyday conveniences. But I found them all to be worthwhile.
Step 2.1: Replacing apps with actual things
We Orthodox Christians should read the Bible and pray every day. As a priest, I highly recommend using physical Bibles and prayer books to all my parishioners. My smartphone is designed to distract me, which is the worst thing when I’m attempting to do something of eternal significance.
For some daily reading, I admit I use a Kindle. However, it’s an old one (4th generation) that doesn’t have a microphone or camera, and it doesn’t have internet access. So, my data is relatively safe and I can’t be easily distracted by it.
For driving directions, I use a GPS. While they admittedly lack features that a smartphone’s map app has, they are much more private and less distracting. Plus, I can listen to my music or podcasts without the map app constantly interrupting.
Smartwatches are popular but mostly unnecessary. How many of us need to know the number of steps we take and our heart rate throughout the day? Because I don’t have a medical necessity, I don’t use one. It’s less data being collected on me.
Step 2.2: De-Googling my life
This was admittedly one of the hardest steps in this article. I’ve not gone all the way – for example, I still have a couple of Google accounts that I occasionally use to upload YouTube videos. However, Google isn’t deeply connected to most of my electronic life.
Like almost everyone, Gmail, Chrome, and Google Search were services I used daily. The easiest substitute in this step was switching to DuckDuckGo for searches and Firefox and Brave for web browsing. Seven or so years ago, I made the mistake of moving everything from Google to Microsoft, assuming the latter would be better. I’ve learned a lot since then.
Proton, which offers private email, calendar, password manager, online storage, etc., is a decent alternative. Again, I took this in steps. I continued using OneDrive until recently, though I backed up sensitive files (financial documents, etc.) with the Cryptomator app (which I highly recommend). My primary calendar app is now Apple Calendar, which syncs well with Mozilla Thunderbird’s calendar.
Additionally, other private email services can be found here. Other replacements for Google products can be found in the resources at the end of this article.
Why did I get rid of Google?
Whenever I use a Google product, I create a permanent record. Every Google search I’ve ever made and all my browsing in Chrome is forever stored by them (even when using Incognito Mode). The content of every email I’ve sent or received is archived. There’s nothing I can do about it. The federal government requires them to keep and store records indefinitely. I can “delete” stuff from my Google account, but they still keep a record of it on their end. I’m merely deleting my access to the data – not their archives.
Sadly, Google has shown flagrant disregard for people’s privacy, from creating malicious apps that bypass iOS privacy settings, to tracking you even when you ask them not to, to collecting data from your home’s wifi when they’re driving by with their Street View cars, to using your data to train AI without your consent, they’ve been consistently evil in their business practices. What they say and what they do are two vastly different things, and the truth usually only surfaces when they’re periodically brought to court.
As a clergyman, I knew I couldn’t use services like Gmail. Every “confidential” email someone sends me through Gmail is no longer confidential. The email content is scanned and utilized by Google for a variety of purposes.
There are many articles and videos on de-Googling one’s life, so feel free to search the web. Also, look at my links below.
Step 2.3: Purging unneeded information
Microsoft had two massive security breaches in recent years (SolarWinds and Azure). From what I understand, the hackers could potentially gain access to all Microsoft accounts and data: all my emails, family photos, files, tax returns, etc. were potentially exposed. Fortunately for us, these were probably state-sponsored hackers who have no interest in little guys like you and me. They were after government intelligence and defense contractors (whose systems largely run on Microsoft).
But it reveals the importance of not keeping every email, text, and photo in the cloud. If I don’t want something to show up on the dark web, then I delete it from non-encrypted email and storage providers. While I can’t delete the archived data that companies are required to retain, I can mitigate further damage when a future data breach occurs.
Step 2.4: Cutting way back on social media
Like many Millennials, I greatly decreased my Facebook usage post-pandemic. Not only because people are sometimes prone to arguing too much on it, but because I think social media is creepy. Why would I want the Meta Corporation to know all the intimate details of my life? I removed most of my pictures and many of my old posts. I don’t upload pictures of my child’s face on there either. If I want to share family news or photos, I text. While that’s not 100% private, it’s better than social media.
Additionally, social media is designed to be addictive. I’m far more productive, I feel way happier, and I’m more present for my family and friends when I cut out or drastically reduce media consumption.
ADVANCED STEPS
These steps don’t necessarily cost anything, but they involve time investment.
Step 3.1: Switching to Linux
My excitement about Linux was the main reason I started writing this article. I’ve been using Windows since Windows 95, so switching to Linux was challenging at times. In the old days, Windows was an operating system that helped you run the software you needed. Nowadays, it also collects a large amount of data and shows ads. But what ultimately drove my decision was my lack of trust in Microsoft and disliking Windows 11.
Because Apple has a better reputation for protecting consumer privacy, I considered a Mac. But they’re expensive and Apple’s planned obsolescence means that I would have to frequently buy an expensive, new computer. Compare that to Linux, which will make a good laptop run very well for 10-15 years before it might need to be replaced.
I eased my way into using Linux by buying a five-year old laptop to use as a test drive (less than $100 on eBay). I set aside my newer Windows laptop unless I got stuck and couldn’t complete a particular task in Linux (which rarely happened). Once my test drive was complete, I removed the hard drive from my Linux laptop and installed it in my newer laptop. Surprisingly, the hard drive swap was flawless after Linux automatically downloaded some additional drivers.
If you’re open to switching from Windows to Linux, I want to save you some time with the lessons that I learned. But to make this article shorter, I’ve moved my discussion on switching to Linux into a separate page, which you can find by clicking/tapping here. In that article, I cover:
- Seven reasons to switch to Linux
- Three reasons you may not want to switch
- How to prepare for the switch
- Which distribution to choose
- How to install Linux
- Some further thoughts on Apple and macOS
Step 3.2: Switching to a Different Phone
By default, all cell phones constantly report your approximate location to your service provider. Since I care mostly about privacy and not secrecy, I’m willing to compromise in this area (at least for now). There’s a significant difference between Verizon knowing my approximate location throughout the day and an app on my phone watching me through my camera or listening to my conversations. Some phones are better geared toward privacy than others. Here, I’ll give my opinion on various smartphones.
LIGHT PHONE: I thought about getting a Light Phone. They’re a cool concept, and I know some people who own one and like it. But I decided against Light Phone because both iPhone and Android can be simplified. Since I live off of a busy interstate that occasionally gets shut down due to accidents, I need to be able to check traffic in real-time, which requires either Google Maps or Apple Maps. Otherwise, a 30-minute trip can end up taking an hour or two. Also, I love listening to podcasts while I’m driving. Not being able to do either of those things is a deal breaker for me.
ANDROID: Stock Android (the version that comes with nearly every Android phone) is, by default, problematic from a privacy perspective. That said, a de-Googled Android system (such as GrapheneOS) can be both more private and secure than any other mobile operating system (including iOS). There are other options as well such as /e/OS, CalyxOS, and LineageOS.
iPHONE: By using iOS, I am entrusting my data to a company that claims they will keep it private but doesn’t prove they are doing so. Since Apple’s software isn’t open source, there’s no way to audit their claims. I have to take them at their word. Even worse, privacy policies can change with little notification, and any tech company could theoretically change their policies to allow them to retroactively use any of my data they’ve ever possessed in any way they wish. It’s a bit disheartening. But this is a compromise I’ve chosen to allow myself various conveniences, especially since they now offer end-to-end encryption with iCloud. My next phone may be a de-Googled Android (which would work much better with Linux anyway), but I haven’t made the switch yet.
Final Thoughts & Resources
There’s a lot more that I wanted to share, such as switching to open source software whenever possible, using Signal for private messaging, musings on VPNs, building a private AI, and trying out Mozilla Monitor. But I’ve hit 3,000 words, and this is a site dedicated to the Orthodox faith, not tech. So, I’ll provide some links below that can help you wander down the privacy rabbit hole:
- RestorePrivacy – A wonderful site that is a great place to get started. They review most of the privacy-focused services, whether email, online storage, password managers, etc. They also have a news section that is interesting to follow.
- Privacy Not Included – It’s like Consumer Reports but for privacy. It’s run by Mozilla and reviews everything from cars to electronics and apps.
- PrivacyGuides – A website dedicated to both security and privacy. Tons of in-depth articles, but they’re geared more toward advanced users.
- Proton Blog – Granted, this exists to promote their services, but it’s good reading for those who are new to the goal of restoring their privacy.
- Privacy Subreddit – I hesitate to link to anything on Reddit because so many comments appear to be made by trolling teenagers. But, there are some interesting discussions in this subreddit. Venture in at your own risk.
- Data Brokers Are a Threat to Democracy – An article on the $240 billion industry of selling your data, and how it could undermine the United States.
- /e/OS Review: This Operating System Is Better Than Android. You Should Try It – A Wired article about switching to a de-googled Android system.
- How to Create a Distraction-Free Phone – Podcast episode. I include it because the less we’re on our phones, the less data Big Tech collects on us.
Lastly, someone might notice that some of these services aren’t free. Google, Microsoft, and others can provide you with free services because they’re using your private data to subsidize the cost of creating and maintaining their software offerings. In other words, we pay for the services we use in one of two ways: either with our wallet or our private data. What’s your privacy worth to you?
Images in this article were generated with AI by Rev. Jeremy McKemy (yes, I used the devilish technology to illustrate my article about the evils of tech).
Great article, Father! I loved the little thematic illuminations on the side.
One comment about the Light Phone: I recently started using it and I love it. At the time of writing this article you may have been unaware of the Light Phone having additional tools like Directions, Music, or Podcasts. However, I do not recommend the Directions tool as a daily source of GPS navigation. I do not think the Light Phone’s hardware was originally designed with that in mind and it shows with a bit of a slow response. However, in a pinch, the Directions tool works just fine, especially in a public transportation situation. On the other hand, the Podcasts tool is simple and very functional, I use it every time I drive. I have not tested the Music tool but, presumably, it is just as simple as the Podcasts tool, you just need your own MP3 files.
Thank you, Alexei, for the info on the Light Phone. It has more features than I realized.
That is great stuff, Fr. Jeremy! I’m tracking 100% with you. When it comes to email privacy, I switched my personal and church email accounts (from Microsoft) to a paid service at hey.com
A couple of years ago, I went “de-googled” to use the e/os system and purchased my phone from Murena.io (Teracube 2E) I’ve downloaded all my stuff on Dropbox, OneDrive, and G-Drive to an external drive and deleted all my online files. Murena.io offers an office suite similar to Google and the others. For those who like to use voice-to-text, I just found some free open-source software that does the trick called FUTO Voice Input and there is a FUTO Keyboard as well.
I’m ready now to convert my cheap little HP laptop from Windows 11 to Linux. Any help on finding the right tool to wipe the harddrive and install a Linux distro (probably Mint) would be appreciated.
Hello Mark, how do you like e/os? I considered that but ultimately went with CalyxOS. I’ll have to look into FUTO. I’ve been using Sayboard, which works ok. I plan to write an article on switching to a de-googled phone sometime in the next several months.
In my opinion, switching from iOS to de-googled Android was harder than the desktop/laptop switch to Linux. So, you’ve already done a lot of the hard work.
To install Mint from Windows, you’ll need a flashdrive and a program that can make the Mint iso bootable. Rufus does that extremely well.
Once everything is backed up (including bookmarks), installing Mint over Windows will wipe the hard drive.
I love e/OS but that is only because I have used Android and iOS. I don’t know the differences between e/OS and CalyxOS. I went with the company that offered it in a phone with a removeable battery. If you’re after fewer notification distractions, you might try the OLauncher for a minimalistic application. My laptop is currently being transitioned to Linux by one of the tech guys in my parish.