This is a paraphrasing of an actual question that I got a few weeks ago.
Online privacy is a challenging subject for practitioners. On the one hand most people are so unaware of the data that they give away to others and what impacts this could have to them; on the other there are paranoids who may eschew a variety of technologies and the benefits they bring due to the concern that their information be held by the companies behind those technologies and governments prodding those companies to give up that data. This article is for the in-betweens: you’re concerned about privacy but you’re not willing to give up your favourite online tools: search, social media, etc.
There will always be the question of how much you can trust a company with your data. The obvious and safe choice is to not give them data that is sensitive to you. However, this does not provide you with the optimal experience. A person who is experiencing alarming disease symptoms may want to search those symptoms to understand more about them. If they stop themselves from doing so out of concern that the search provider gets information about them, this may not be in their best interests.
Privacy focus of technology providers
Technology providers may clarify their commitment to customers’ privacy. In fact there are companies whose solutions are born primarily out of a desire to provide a privacy-focused version of a solution that normally does not focus on privacy. Search provider DuckDuckGo, phone maker Blackphone, messaging service Signal, etc. are examples of this trend. However, the fact that a company/solution describes privacy as its goal does not mean that it actually meets that stated goal. In some cases, the focus on privacy may result in a degraded user experience. In some cases, the positive privacy impact may only be superficial or worse, it gives the user a false sense of privacy.
Telegram, a messaging app, famously claimed to provide end to end encryption. However in order to benefit from the privacy feature, a user had to start a “secret chat” in order to have their chats encrypted end to end. Once one party started a secret chat, the other had to accept the secret chat request, and only then would they be able to send end to end encrypted messages. Most chats were not end to end encrypted, as Telegram has unnecessarily introduced this element of friction into the process. However, because Telegram made this feature so visible to the user, it gave the user the impression that it generally was better at privacy than the “average” messaging app.
Signal made the better design choice by rolling out end to end encryption for all chats by default, i.e. the user did not need to do anything to get end to end encrypted chat. The interface hid the implementation from the non-technical user. Signal is often considered the gold standard for messaging privacy, but privacy-focused design choices mean that the occasional message goes undelivered (as opposed to delivered to an unverified phone or phone number) and one is not aware of the fact for a while. WhatsApp added in Signal’s technology for end to end encryption on all chats by default with one slightly different design choice – it focused on ensuring that messages got delivered – making it the most user friendly of the three messaging apps. People with serious privacy concerns (e.g. reporters reporting on hostile governments that may want to spy on their communications) may eschew WhatsApp due to the above-mentioned design choice.
“I completely stay off social media”
This is a legitimate option for many people as social media is not as much a necessity as is search and messaging. However, I admit that social media has positively impacted my life by making it simpler to connect to a wider group of people than I would have without it. This includes close relatives or friends whom I may not telephone on a regular basis; sharing / viewing information about our activities on social media is an easy way to stay in touch as I haven’t lived in the country of my birth for a long time. Another group is people whom I have met on my travels; we may have shared a few hours or days of travel and adventure and still be in touch and able to pick up on the relationship easily when we meet again in person years later.
I do not endorse the sharing of every aspect of one’s life on social media and am very selective about what I post. My point is that it does bring us some value and we need to weigh it against its various negatives, including its impact to our privacy. I generally avoid putting information such as dates of birth and information that suggests I will not be at home or will be at a particular location for an extended period in a manner that is publicly accessible. Any information that your bank will use to authenticate you should stay off social media. You may want to reconsider tagging the exact location that you’re at at any particular time. Your mileage will vary on what information exactly you want to put in there.
“Should I use a privacy focused / special phone?”
No (unless by “special” you mean “throwaway”/”burner”).
My personal take (may not be generally endorsed by security professionals) is that the phones where there is no additional layer over the operating system generally provide better security. E.g. Samsung and Sony build their own user interface over the Android OS on their phones. They stop providing updates (including security updates) to their phones after a year or two; operating system manufacturers like Google (Android) and Apple (iOS) generally provide updates to their operating systems for years. A Google Pixel phone may therefore be better for security than a Galaxy series. However, security is not the same as privacy; it is only a part of it.
Do these manufacturers spy on their customers? Certainly they all collect varying amounts of data from the phones. In most cases they provide opt-outs from various types of data collection, but not to all. My understanding is that the opt outs for current Android and iOS phones are comparable in terms of ease of use.
Note that a phone is necessarily a tracking device. In order to make a call on your mobile, it needs to receive signals from nearby cell towers. If you’re in a car or train, it automatically connects to other cell towers nearby so that you get the best reception as you get closer to those towers. This information may be collected by the mobile service provider, often in compliance with legal requirements in order that the government may have access to that information if they should ever want it. Usually (across the globe, including most “liberal democracies”) various emergency regulations are used to pull such data without the provider being permitted to disclose this fact to the client.
Short of using burner phones that are never tied to your identity, privacy against this sort of stuff is impossible. The adversary does not have to be a government. Criminals too could try to collect this sort of information by attacking weakly protected data at the mobile service provider. Is this likely to be something that really matters to you about which you need to do something? Odds are that most of my audience will not have such a serious concern. But I would suggest that you minimise use of SMS which is easily readable and stored by your mobile service provider in clear text (most likely) and use an end to end encrypted messaging app instead.
Technology providers do give you choices
There is a fair amount of cynicism these days regarding how much technology solution providers actually care about the wants and needs of the customers. In any case, many of them do give their users some options. Google recently emailed me to do a “Privacy Check-Up”. The check up allowed me to review whether my activities on specific Google Apps and websites (Maps, Search and Play were the listed examples) were being saved. It had similar options for location history and YouTube History. You can turn many of these things off; an obvious consequence will be that your Google Experience will be degraded to some extent. Maps do not bring up your favourite locations as quickly; YouTube does not recommend you the videos that are likely to most interest you; your Google search experience is also not that great. But at least Google does not record everything that you enter and map it to yourself.
Exactly how much do I trust Google to remove everything? I don’t; it is never 100% clear that Google will remove all your information. The language is generally specific enough to clarify that particular items will not be collected while vague enough about the stuff that will be kept. But this is an option that Google provides and it is useful for you to remove what you don’t want Google to have (and Google is OK with not having if you insist).
Likewise Facebook, Microsoft and other major providers have options to manage your privacy. Many of these organisations comply with the European General Data Protection Regulation (GDPR) and give users a way to automatically download the data that they have on you. Look up their respective privacy pages and see if anything that they have shocks you. They may genuinely need some of this data to provide you with their services, while the rest is a bonus for them to use for providing you targeted advertising, or something else. Make use of the tools that they give you and tune your privacy settings to the level that suits you.
This article that I wrote a few years ago will interest you. I wrote about certain measures that one can take to secure themselves. Some out of date items have been struck out.