How to be private
Easy steps to increase personal data security
If your social media feeds have become swarmed with posts about protecting your data privacy in light of the recent election and you feel unsure how to begin, here are a few first steps you can take.
I will note, this is not an exhaustive list and I will likely continue editing this post as I learn more. I am not an expert on this topic, however, I am more versed than the average bear as a tech professional. I commit to continue posting on my Substack with more helpful information as I come across it.
Lastly, for the sake of brevity, I am not going to delve deeply into the “why” of each of these steps, and I realize this could make my argument come across as specious. If you are curious about any of these recommendations, please contact me, and I will happily provide additional logos.
Read privacy policies. Yes, this is tedious, I get it. Last month my husband got a new TV with voice control. Before he selected, “I agree” to the use of voice interface, I asked him to let me read LG’s privacy policy. I was looking for information on how our voices would be stored, what other companies would have access to that data, how long the data would be collected, when the TV would be listening to us, and what LG intends to use it for. When I read privacy policies, I am looking for terms that are vague about who has access to it and if the data will be destroyed eventually or kept indefinitely. Anytime you are presented with an option to read privacy policies, take the time to do it. Here are some more tips to know what you’re reading and looking for.
Use technology carefully and skeptically. I get this is a broad recommendation but it’s a broad task. Even now as I was writing this, I realized Grammarly was popping up and offering suggestions. I have not read Grammarly’s privacy policies, therefore I turned it off until I have time to dive in. As you opt in, sign up, and purchase new type of internet-connected digital services, be aware of how they may be collecting your information, and if you are unsure what is happening under the hood, ask yourself if it’s really necessary. You can also reach out to me here on Substack via DMs if you have questions or want clarification on how something may or may not be collecting, storing and dispering your data.
Move to a more private browser like Mozilla Firefox. You can download Firefox here for mobile and desktop. It’s easy to get started with it. Download the app and then go into Firefox’s settings and set your search engine to Duck Duck Go. Here’s more on Firefox’s privacy and security features.
In general, detangle yourself from Google products. This one is tough for many of us because Google is a go-to service for email to maps. At the very least, I highly recommend using Proton mail for your email service. It’s basic level is free and it is incredibly private. When you make a new email address, do not use yourname@newdomain.com. Make up a weird, silly, un-related to your interests name. PeppyDonkey@Proton.Me. Idk, get creative :) You can also use the Proton VPN which of course…leads me to…
Get a VPN. There are many great options for VPNs, as mentioned Proton offers one but Mozilla does too. VPNs are not a failsafe level of privacy protection but they are a great first step. You can use VPNs on mobile devices as well as desktop devices. Most come at a small yearly cost and are easy to sign up for and enroll into.
Keep your social media platforms private or delete them entirely. I could and should write a longer post about how Meta apps, specifically in the US, use public content to train their AI. This makes me incredibly uncomfortable, especially as a mother to a small child who cannot consent to how their digital likeness can be used. I personally do not have Facebook or X/Twitter accounts at all and I’d highly recommend deleting both. If for nothing else, your mental health. If you continue to use Instagram, like I do, I’d recommend privating your account and keeping the personal details you share there to an absolute minimum. Remember that even if you know everyone who follows you, you do not know everything that Meta will be doing with your data.
Be mindful about location services on your phone. Here’s where I don’t want to scootch into conspiracy theory, so I will tread lightly. Should you seek out services, for example healthcare services that are contentious or increasingly illegal in your state, consider turning off location services entirely on your mobile device. Here is how you can do that for and iPhone and Android.
Utilize encrypted messaging apps like Signal which is encrypyed from end-to-end. This means that data is encrypted, think of this like it’s scrambled, on the sender’s device and only unscrambled on the recipient’s device. So any interim services cannot read that data. This may be an unnecessary step for daily conversation however if there is anything you are discussing that is weightier or more consequential…consider fully encrypted messaging app.
Do not use LLMs, which are tools like ChatGPT, Claude, Bard, Gemini, Copilot, etc. to ask questions that give away any private information, thought processes, decisions, etc. I saw someone comment on a TikTok video that they were using ChatGPT to help them find LGBTQ resources. I would advise against this. ChatGPT’s privacy policies in general have been shakey historically and I would not trust them to not either a.) use your data for training their AI models or b.) store the data for other uses. This is not a fact just my hunch, but please use caution. If you really want to use an LLM, I recommend using Venice.ai which follows more stringent privacy guidelines.
Similarly, I would stop using voice-enabled electronics like Alexa and Google Home both of which record and store users’ voice utterances. Again, this may be edging on conspiratorial, but especially for queiries around any potentially contentious topic, do not use these tools. Apple will not store user input to Siri unless you opt in to “Improve Siri and Dictation” which you can find in your Siri settings. I did find some articles on how turn off Alexa’s ability to listen all the time, but I couldn’t find anything more recent than 2021. In general, I am hopping off the Bezos train and I’d recommend you do the same.
Be cautious about engaging on online discourses. Even if you feel the account you made was ultra-secretive and you’re using other privacy measures, do not comment, like, engage with media sources that could in anyway incriminate you because of viewpoint or shed light on your identity. It’s easier to get doxxed than you can believe. Comment cautiously.
Don’t use period tracking apps. Transparently, I am a big believe in Apple’s privacy policies and their committment to storing sensitive data locally (on your device) versus in the cloud. However, when it comes to reproductive data, I would strongly stray away from using any type of app. Clue and Stardust have made claims that they will never share any identifiying information about their users. In the case of Clue, (I have not explored Stardust), you still have to make a profile. You could in theory use a Proton email address but, it still asks for a subscription which is connected to your iCloud account (for iPhone users). And if you share any type of banking with a partner who you may not want knowing you are utilizing an app like this, you’re inadvertently punching a hole in your privacy. Track your period. Use pen and paper, make up a special code, hide if it you need to, but be incredibly careful with entering that information into an app. Check out the Digital Defense Fund and The Electronic Frontier Foundation for additional information on protecting your reproductive data.
An update on Clue: I have learned they do have a free option that offers basic tracking capabilities. Remember, the app itself can be fully private, but if you share a device, billing information, iCloud details with someone you feel is unsafe or should not have access to this data, then the app is not private for you. Think of your use of tools like these within your personal, digital ecosystem. 11/14
Educate yourself about your rights related to online tracking and surveillance. This is a tough topic and it will undoubtedly be swifly changing. I will continue sharing and posting here about this topic but there are many other great resources out on the topic. Also learning about privacy and ethics related to AI will be increasingly important.
I recommend checking out these articles for more information on why data security and privacy may be an important safeguard during our next administration.
Keep the Trump Administration’s Hands Off our Data - the ACLU
What a New Trump Mandate Could Mean for Data Privacy Rights - TechRadar
All Eyes on Trump’s Plans for AI Deepfakes - Charting Gen AI
Five Things You Can Do Right Now - Jessica Valentia, Abortion Everyday
Here are a few more ad hoc resources worth sharing:
A great TikTok video by user dreamtwist. Another great TikTok video by user ameliar523 on other great 2025 preparedness measures.
Additional information about Apple’s privacy policies.
Shameless plug, but you can continue following me here on this Substack for issues relating to data privacy and AI, or follow my new Substack the Resistance Bookclub for reading recommendations for educating ourselves on this current climate and what the future holds.
Updates as of 11/14
As promised, here are a few updates.
First off, someone asked me if Safari alone is sufficient. Safari out of the box does offer more anonymity, especially in terms of ad tracking, than say Chrome. However, to bolster your security with Safari, there are some plug-ins. The first, small step you can do as well is change the default search engine in Safari to Duck Duck Go. I didn’t focus on Safari since it is an Apple product and therefore not universally available.
And more on Apple…look, I’m terribly biased. I really do think Apple makes great efforts to preserve user privacy, especially considering they are such a big corporation. Full disclosure, I have worked for Apple Inc.…twice. You can learn more about Apple’s privacy policies here and I do recommend reading through them, things vary a big product to service.
Another thing I wanted to add is an urging to delete or privatize your DNA-related data that you may have shared to companies like 23 and Me, Ancestory.com, etc. You can request that 23 and Me deletes your digital data and your DNA sample itself. I would highly recommend this in particular for 23 and Me customers since they are experiencing massive issues and there is a lot of talk of data concerns.
Lastly (for today), X/Twitter has changed their privacy policies and they are effective tomorrow 11/15. This update allows for X to “analyze text and other information” to “promote and improve services.”
I really appreciate this. I'm just dipping my toes into securing my online identity. About to create an email with proton but I did want to create a more professional sounding name for real life things (my kids' schools, doctors, etc). Is that still safe as long as it's not linked to things like social media?
An informative and well-written post! Lily provides a wealth of tips and resources for protecting one's data privacy in the current climate. From reading privacy policies to utilizing encrypted messaging apps, the post covers a wide range of important topics that are often overlooked. And hey, I know you know you need to do these things. For many of us, we've been told before. My gut sense now is the time to actually do them.