Share Your Privacy Journey: When, How, and Why Did You Start?

As the title says, I’m curious to know how everyone started their privacy journey. When did you start it? What major challenges have you overcome or are overcoming? Gradually, did you become more privacy-aware because someone introduced you to it?

I’ll begin first:

I have wasted a lot of time and energy in the beginning because of these two things:

1. Degoogling and anti-big tech nonsense.
2. Not having a proper threat model and instead using the most extreme tools available.

For anyone reading, don’t fall into degoogling, anti-big tech nonsense and have a proper threat model.

I can relate, as I wasted so much time with issues like trying to find a custom ROM for my phone because I thought they were supposedly “private and secure”.

I read lots of bad articles as well, which don’t even take into account the security issues surrounding these ROMs like an unlocked bootloader.

I’m grateful that I found PrivacyGuides which helped significantly, and I cut off lots of insecure FOSS software.

The custom ROM term is incorrect too. GrapheneOS, CalyxOS, LineageOS are OSs, not ROMs.

Technically, yes it is wrongly used. This is what a ROM is.

When, How, Why? Pure chance and boredom during COVID lockdowns.

I started my privacy journey since the start of COVID when contact tracing apps were mandated. I eventually got a YouTube recommendation from a YouTuber called The Hated One and got on a deeper rabbit hole thanks to the Snowden Revelations.

At the start of my privacy journey I made very drastic changes to my setup and user habits. Due to lack of proper threat modeling it gave me mental fatigue. Thankfully, with proper research from multiple sources after taking some rest and recuperation with privacy. I was able to have a setup that I’m satisfied with.

I kinda accidentally fell into it. Back when Brave was still newish, I switched just because I wanted a lighter weight browser with good ad blocking. The privacy features were just a bonus.

A couple years later I got on Signal, mostly because many people I communicated with also used Signal and, at the time, it did SMS so I still only needed one app.

Shortly after that I transitioned to Linux just because I didn’t like the direction Microsoft was taking Windows. In my following a few Linux forums and YouTube channels I eventually heard about GrapheneOS. Which led me down a trail with Naomi Brockwell, Techlore, All Things Secured, etc. I think this was still before the Privacy Tools fiasco that led to the start of Privacy Guides. This is when I started creating my own threat model.

The rest is history. My changes have been slow enough that I haven’t had any real obstacles.

Initially I turned on all the telemetry, analytics, history and everthing for convenience and hoping big techs will add new features due to this. Many months later I paid attention to what is collected and how its used. Turned off everything except needed.

I started my journey here. Months later I suddenly started to admire Firefox which was thrown into trash earlier. Never afraid to try new things - hit or miss. Started to reduce big tech reliance and use privacy tools. Kinda tried pretty much everything from various distros to all of its spins, librewolf, arkenfox, brave, etc.

I had proper threat modeling and chose what to keep and avoid from start. I’m not technical fellow otoh being a perfectionist got good learning but lost track wasted invested months and months which led to huge setback. Pulling things together to make a comeback. Journey goes on.

I started a few years ago

When i was younger, i really didn’t care about tech or the internet, there was a point where i didn’t use it at all, mostly because i preferred traditional/analog formats (i was a bit of a hipster back then and i adored vintage/retro things)

It wasn’t until i was gifted a smartphone that i started using the internet more. I used a lot of Google’s services: email, search, their music player, Chrome; and i continued to use them for a few years

As i was using Google’s apps, i started noticing search results and ads totally unrelated to what i was looking at or searching for, things i’ve never searched for in the past or spoken in public; it was like my device was eavesdropping on me; I found it so unsettling and creepy that i switched to an iPhone as soon i was able to and left the Google ecosystem entirely, i replaced their apps/services with privacy-respecting ones and some from Apple

Later on, i read about surveillance capitalism, and how destructive it is to our human autonomy; for me, reading that really solidified my stance for strong privacy, not just for me personally, but on a societal level

I haven’t used any of Google’s services/apps since then, except for the rare occasion when i use Youtube

I wouldn’t call anything challenging, but more so liberating, and it’s been fascinating learning more about these things. Privacy is no longer a journey for me, it’s something that has become deeply entwined with my life

Gather around kids, let me tell you my story.

From a young age I was always fascinated with computers, the programs, and was always curious how they worked. It was fascinating to me how creative people could be, to write beautiful games which could be stored on floppy disks (like Blue Max for the C64). I always loved PC-s and was always tinkering with something. Like taking apart my hand me down PC, and puting it back together. I remember having the anxiety to reinstall Windows95 just for making it a little more responsive (every 2 years or so), and then being successful. I was an avid Windows user, and though some versions were not my favorite, I always found comfort in the well known system. I was trading CD-s with my friends, sailing the seven seas, having a good time being a teenage. Then came Windows XP, and then 7, which I both loved.

But it was like 8 or so years ago when I was “forced” to upgrade to Windows 10 for work, and later on my personal PC. I was really hesitant to move, because what I read online about the forced telemetry (which I was scared what was being sent, collected… no clarity is what eeked me out), ads and forcefully installed apps (Candy crush, etc). This prospect, that Microsoft can by their will send me software without my consent, was freaky to say the least.
At this time I decided to look for alternatives, and that is when I first installed (okay… distro hopped) multiple Linux distros. I thought that they are the magic bullet, with user choice respecting fundamentals. But I couldn’t stay, I needed my games, I needed my comfortable tools (Lightroom, Office, etc). So I parked the project a bit further.

Then after a while I found on Youtube the following channels: TheLinuxExperiment, Techlore, Michael Horn, Jeff Geerling, LTT, Louis Rossmann. And some others, that won’t come to my mind right now…
But that is when the rabbit hole opened, and I started freaking out over the whole current state of the Internet. I returned to the distro hop, and finally settled to Linux Mint for daily tasks on my laptop. Windows 10 stays for my gaming PC, but with a Steam Deck in my hand, I think that will change next year to Linux too…

And without a threat model ready, I started to move away from Google products, running scripts to shut up Windows 10 telemetry (Chris Titus… That’s the one) and in the process bricking my PC some times… I was making some bad and some good decisions on the way. For example I was trying to force myself out of Google Maps… Now I know that it is an essential and good tool for me, and I don’t see any issue with it. Google calendar was another thing which was a pain to find an alternative to… My family is not really with me in the change to another service, so Google Calendar invites, and organization is a bit of a pain. Also I started tinkering with self hosting my Nextcloud server, but I was stuck, because I couldn’t figure out correct data storage for redundancy.
But I also deleted my social media profiles, and couldn’t be happier. The fake lives, unreliable news stories, depressing clickbaits was no more, and I was after a few years - happy. Some say now, that I live under a rock, for not following every crisis, every bad news, not subscribing back to X, Facebook, etc just to be in the know… I don’t care.

I sometimes felt it overwhelming to protect myself and those I love, and like 2 years ago I stopped for a few months on the optimization, and privacy content consumption and started thinking about what I was really doing. I still don’t have a threat model, but I really thought what could be a threat, and what is simply something that I should just let go of my fears. I think my next step is an exact threat model building.

Anyone suggest a tool/questionaire where I could start? I read the one on the Privacyguides.net, but I am thinking of some kind of questionaire, which then points me to the softwares, best practices to fortify my privacy stance.

Thanks for reading my post. Cheers!

I watched a movie called Unfriended: Dark Web and I found it fascinating what you can do with a computer. Later learned about Linux and from this moment on, I was in a rabbit hole.

I’m surprised no one mentioned Snowden yet.

So I’ll be the first: Snowden.

When: 2021 02 13 The Urban Pepper had a guest, some guy named TheHatedOne. At first I thought THO was a nutcase but I decided to look into what he was saying.

How: I joined several subreddits, including PG’s subreddit, and watched many different Youtubers to get advice from as many sources as I could.

Why: I don’t like my data being used or sold without my consent. Protecting myself from identity theft and facial recognition.

1. When? Some 2-3 years back
2. How? By gradually moving out of Google/dependent services;
3. Why? Because I was fedup with being constanty lied to by big tech.

I also constantluy monitor network traffic on router, every packet that comes from/goes to everything related to/Google is blocked. Same thing with telemetry.

My concern about personal privacy began in 2017. I was working in law enforcement at the time and began to grow concerned about being found by people I interacted with on social media. I deleted all my accounts and remade them in an alternate name. I locked down my profile with the max privacy settings. I made a new gmail account. Ignorantly I thought I was a personal privacy guru by doing that.

Fast forward to 2020, I saw the Netflix documentary The Social Dilemma. It really opened my eyes to how you, simply put, can be brainwashed and get a distorted world view because of social media algorithms. I did not like that. I deleted all my social media within 6 months of viewing that documentary and have been social media free ever since.

Right around that time, I began researching more about personal privacy. I was wanting to avoid tracking from the “big tech” algorithms. I came across Michael Bazzell’s now defunct Privacy, Security, and OSINT Show. At first it felt like he was speaking a foreign language with all the things he talked about. It was like trying to take a sip from a firehose. I made myself a protonmail account and got myself set up with a VPN. Despite the material feeling way above my level, I kept listening because I enjoyed his presentation style (Michael if you’re reading this, you really could be an audio book narrator). Around late 2022, I bought his Extreme Privacy book and began to implement its techniques in my life.

Today, I have my home in a trust. My drivers license (and all applicable state databases) show my work address as my home address, a perk of working in law enforcement where I reside. All my vehicles are registered to my work address as well. I use a Pixel phone with GrapheneOS as my daily driver. I’ve wiped almost all existence of myself from the internet.

I’m far from perfect though. I don’t use a VOIP service for my messaging and calls. Just the default GOS calling and texting apps. I do have Signal but I’d say that only accounts for 20% of my communications. I don’t use an alias name often enough. My utilities are registered in my name at my home address. I haven’t gotten around to setting up a VPN protected home network. These are all things I’d like to one day do but aren’t high up on my priority list.

My desire for privacy has to do with a need for physical safety. My job has caused me to cross paths with high level members of criminal enterprises (ie: Drug cartels, biker gangs, etc). While it is rare, these organizations have targeted the families of law enforcement before and my goal is to make that as difficult as possible for them if they ever try. If all else fails and my location is discovered by someone with ill intent; my home has been hardened and my spouse and I are both well equipped to protect ourselves at home or in public - but those details are a topic for another thread/forum.

I remember when the Snowdon leaks happened, and I had always been into IT and tech as well-being a Google fan. It was quite an eye-opener for the fact that putting all one’s eggs in one basket is not a good idea. Throw in the fact that online content and media can vanish at any time and that’s where I am today

Honestly if it geniunely wasnt from @louis_rossmann who exposed the google data collection they do and all that bs. I would’ve been very neglectent of my privacy. Now because of this I take steps where I feel comfortable with and have watched other resources who have corroborated the problem.
But as @Lukas once pointed out , it’s like that but I was initially going all out not realizing that threat modeling is important soo nowadays my approach is just being privacy conscious making sure to limit information where it is very much possible and using open source/private alternatives where it still remains convenient for me. (and yes that includes using GrapheneOS because while it has some issues like lack of Google Wallet, Broken RCS and revolut slapping us in the face, it is enough that I am not forced to use the stock os)