# Everyday Privacy
by Seth Kenlon

Privacy, especially online privacy, is hard to define. It's a term
that means something slightly different to each person, and each
person has a different tolerance level for what's acceptable and
what's unacceptable. One thing can generally be said of it, though: in
a free society, people ought to be in control of their own privacy. If
someone wants to give up a little privacy because it means additional
conveniences, that ought to be permitted, but it shouldn't, then, be
required for someone else to do the same. In this way, when we ponder
matters of online privacy, we're usually not actually talking about
privacy. We're talking about independence.

A lot is said about Facebook, Amazon, and Google, and how they
assault individual privacy on a daily basis. For the most part,
though, people using those kinds of services do so voluntarily. If you
sign up for Facebook, you're presumably at peace with becoming the
marketable asset of Facebook, in exchange for the convenience of
gaining access to what you consider an audiecne of critical mass. If
you sign up for Google, you're presumably happy to have Google's bots
read all of your email and track your online habits. For those of us
interested in avoiding such services, the solution is simple: don't
sign up for them.

These are the big, obvious targets. They might get in the way
sometimes when your favourite local band uses only Facebook to alert
fans of upcoming gigs, or if your new employer forces you a Google
Business account on you, but generally, in your personal life, you
*can* avoid them if you really want to.

Until you can't.

So what can you do, between now and cancelling your internet
altogether to stay in control of what you reveal about yourself to the
machinations of the Internet?


## Browse Bravely

Many browsers have inbuilt features now to block tracking
requests. This means that sites attempting to log where you are going
and how you got to them, and more, are told explicitly that you opt
out. If your browser has such a feature, use it.


Of course, telling sites not to track you and actually having [sites
respect your instruction](http://donottrack.us/) are two different
things.

The traditional model, so far, has been to rely upon HTTP headers to
request no tracking, but the new browser project,
[Brave](https://brave.com/FAQ.html), is proudly working to block
tracking and advertising. Brave actively blocks third-party trackers,
while simultaneously allowing your own browser to privately "track"
your activity. You keep your own tracking information, fully
encrypted, so that targeted content is selected client-side rather
than server-side.

That's not all Brave is up to. They're also developing a BitCoin-based
solution to allow for micropayments to content providers that you care
about, with the theory that people paying for sites that they frequent
is discouragement to sites serving a constant barrage of ads.

It's a fascinating project, fully open source, auditable, and in heavy
development. An interesting default is its blank tab background: a
running tally of trackers blocked, ads blocked, and upgrades to HTTPs.


Download and try it!


## Develop Independently

A lot of big name companies started chattering about The Cloud a few
years back, and then they started offering free services to
developers, and everybody who was anybody just *had* to join. And the
services were good, too. They did seemingly complex web tricks with
one-line HTML headers or one or two CSS includes. It made your site
look great, and you didn't even have to download anything!

Sounds pretty good, right?

Well, the unspoken part of this bargain turns out to have been a sort
of evil *CDN* empire, at least to varying degrees. The concept isn't
terrible, but in practise, the companies behind services like web
fonts and font icons and global user avatars are also purveyors of,
well, *you* (and your users, if you're a web developer).

Every time someone visits a site that uses a live Google Font, or Font
Awesome, or Gravatar, the content provider harvests what they can. It
varies from provider to provider, but the point is that the very
language of the Internet is being used to support advertisers. Did you
intend to contribute to the advertisement and data collection industry
when all you wanted to do was read an academic article?

As a user, you can certainly block calls to these providers, but if
you're a developer, then you can do one better: you can decline to
impose them upon your users in the first place.

The web used to be a dismal place for fonts. It took too long for the
internet to accept that people wanted over-the-wire font rendering,
but it did happen, and it's a valid and well-supported feature of the
HTML5 and CSS3 power combo.

Instead of using callbacks to Google Fonts or Font Awesome, grab the fonts offered and put them on your web server. Assuming the fonts have been placed in `public_html/fonts`, the CSS to put them to use looks like this:

   @font-face {
       font-family: "titlefont";
       src: url("fonts/LeagueGothic.otf");}

   h1 { font-family: "titlefont"; }

That's it! That's all you have to do to get fancy fonts on your website. Zero callbacks to a CDN required.

David Revoy, [Krita](http://krita.org) artist extraordinaire, recently
[launched a personal
campaign](http://peppercarrot.com/article390/my-fight-against-cdn-libraries)
to avoid these kinds of services. The result has been generative
artwork for use in place of Gravatar (based on the work of the
[MonsterID](https://www.splitbrain.org/blog/2007-01/20_monsterid_as_gravatar_fallback)
but independent of Gravatar's backbone), along with a bundle of Font
Awesome replacement icons (note that you can download Font Awesome
icons without pinging their service).


## Broaden Your Horizons

Something I reiterate to people complaining about life on the internet
is that the World Wide Web (www) subdomain is just one subdomain of a
much larger system. You don't have to cut the wires coming into your
house to get away from advertisers, trackers, snoopers, and
sniffers. There are other options, and always have been.

One new option is the [GNUnet](http://gnunet.org) project, a mesh
routing layer for end-to-end encrypted networking. It has a few
exciting long term goals, but as is often the case with open source
applications, they release early and release often, so you can try it
out today.

The GNUnet is a mesh, so it's peer-to-peer communication, but it
allows for different degrees of information sharing. For instance, I
might want to share a nice photo that I took at a national park with
friends, and I might want to take full credit for it. So I could use a
frontend to GNUnet to publish my photo and broadcast it as being
available to my network. At the same time, I may also want to share a
photo I took at a protest that turned violent when the police started
beating people down for exercising their right to free speech, but
since the very existence of the photo proves that I was *at* that
protest, I might not feel comfortable broadcasting it as something
that I am legally responsible for. To publish that, I could use the
same GNUnet frontend to create an encrypted identity, and broadcast
the protest photo securely.

[GNUnet, the encrypted mesh](gnunet.png)

It's still a developing system, and currently its setup has a lot of
manual steps to it, but it's moving in the most positive direction
possible: decentralized, public, open, encrypted networking that
exists outside the space currently owned by corporations, national
security agencies, and botnets.

GNUnet isn't the only option out there. Networked projects are
everywhere, so take an afternoon to close your browser window and
explore the other ways there are to build a community without the help
of the obvious social network sites and the comfort of the World Wide
Web.


## Be Mindful

The Internet is still a marvel of technology, but it's a busy
place. Treat it as you would a weekend trip in to The Big City. When
you're there, keep track of your wallet, check your pockets when
someone bumps into you, and don't talk to strangers. In Internet
terms, that means don't stay logged into sites that obviously track
you all day long, use your browser's defenses, and be willing to
sacrifice a little bit of convenience for a change. The sales won't
end if you have to stop to log in, the gadgets will still exist even
though you're blocking its ad, and the Internet will go on with or
without you. I promise.

It's time to tell advertisers and the various agencies of various
countries that you'll provide information to them when *you* decide to
provide information. It's not really about privacy; it's about
independence.

You are viewing proxied material from sdf.org. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.