# Privacy and How to Get Some
by Alan Smithee

Last year, I wrote down some [tips on locking down data and protecting
privacy](https://opensource.com/life/16/1/how-increase-online-privacy),
discussing PGP email encryption, ownCloud (you might be interested in
trying [nextCloud](https://nextcloud.com/) if you've not already
invested in ownCloud), and the concept of online identity.

There's usually a steady conversation about privacy online, almost to
the point that it's considered a kind of noise floor; it's a drone
seems significant at first, but that eventually fades from your
consciousness the longer it continues. To a lot of us, privacy is
basically idling at a steady *not very good* status, redeemed with the
*but nobody is actually looking anyway* clause.

There are standards for that, too; security-through-obscurity is
easily adapted into privacy-through-obscurity. It's easy to fall back
on, because most days it appears to work.

The thing about privacy online is, though, that you don't necessarily
get a popup notification when it's being violated and why. The common counter-argument to "privacy doesn't matter" is "then why do you close your door?" but the analogy isn't perfect; if I don't clone the door to my apartment and someone strolls by and glances in, I see them as much as they see me. There's a personal connection, too. But if a big faceless corporation scans your emails, it's just a robot doing the invasion, so who cares?


The Internet at large counters that complacency with ominous stories
about how no one thought Darth Vader cared about the Death Star plans,
either, until Grand Moff Tarkin went and blew up a planet, or about
how no one thought it would be shameful to be a Star Wars fan until
the prequels came out (and believe me, if I'd known then what I know
now, I'd have encrypted my fandom).



That article got a several thousand reads in the course of the year,
and I, perhaps not coincidentally, find myself with 4 new email
contacts with whom I communicate through full end-to-end
encryption. That's not bad, especially considering that the article
was written under a thinly-veiled psuedonym (astute readers may have
detected the author's true identity from a screenshot), but it
shouldn't take writing an article to garner more PGP keys.







Possibly the biggest blockade to implementing privacy



It seems the most common two arguments against jumping on board the
encryption bandwagon are:

0. Belief that current levels of Internet privacy are "good enough"

1. Lack of time to implement encryption

The first is easy to disprove: if you're reading this article, open
your email client, compose a new message consisting of all your email
addresses and passwords, and send the message to
[email protected]. Don't encrypt the message (I promise not to
look at the email); just send it there as a vote of confidence that
Internet privacy is good as-is.

The second is easy to fix; I'll show you in this article an
easy-to-follow, step-by-step PGP encryption scheme. Once you've
stepped through this brief tutorial, send an encrypted email to
[email protected].

In the end, the number of emails in my account should be equal to the
number of reads this article acquires.




Why is encryption important? Well, that's a leading question; the
better question is whether encryption is important. After all, if you
stand by your words and actions, why do you need them to be hidden?




There are dozens of articles on the
subject, and dozens refuting that it is. If you don't believe
encryption matters at this point, you may be never be convinced
otherwise, and that's OK. At the end of the day, encryption actually
doesn't matter, the way food and rent matters. Encryption is a luxury;
a Lifestyle Choice. Maybe some time in the future, it will become less a luxury; maybe when something you care about becomes vilified, you'll want to start encrypting your communication, or when you have finally had enough of the ads,



Let's Encrypt