I expect serious privacy and civil liberties issues under the Trump presidency. I highly recommend that you take steps to protect yourself, steps that I will outline shortly.
We now live in conditions that would make the great authoritarians of yesteryear salivate with envy. The government’s ability to monitor us has never been greater. And, as that capability advances, politicians and bureaucrats adjust their understanding of privacy and constitutional freedoms in ways that allow them to use it.
The only thing preventing them from fully defining those things is the residual respect for constitutionality held by those in key positions. As I said last week, evidence of such respect is very scarce in the incoming Trump administration.
So, love it or hate it, you must be prepared …
Privacy is your responsibility
No matter who is in charge, the government forever find a way to justify new methods to invade our privacy.
For example, the Justice Department’s legal basis for monitoring our emails and phone calls is based on the old postal letter. When postal mail was king, the courts ruled that any information on the outside of a letter (address, sender, place of shipment) was in the public domain and therefore available to government investigators. That’s why the post office scans and records every piece of mail in the United States … every day.
That logic now applies to the metadata for every call you make and every email you send. It may soon apply to your web browsing history as well. I just don’t trust Trump appointees to resist that logic. So this is what I recommend:
- Get Signal and / or WhatsApp for mobile messages: Signal is a sophisticated Swiss messaging application that fully encrypts all your text messages. It requires both parties to use it, so it is not ideal for everything. However, Moxie Marlinspike, the founder of Signal developer Open Whisper Systems, says there has been a huge expansion in its user base since the election. So you will probably find more bookmarks on your contact list as time goes on. It is not as secure as Signal because it is owned by Facebook, whose approach to court orders is uncertain, but for ordinary purposes it will avoid real-time monitoring of your communications.
- Encrypt your computer’s hard drive: Full disk encryption makes the contents of your computer totally unintelligible to anyone without the password. For example, if you are stopped by the Department of Homeland Security when you return to the US, your laptop can be registered before officially entering the US But if it is encrypted, no law says you must disclose the password. itself activates it. That is fine for most purposes.
- Get a password manager: Using secure apps and utilities like the ones above means having passwords, a lot of them. Don’t write them on your palm. Get a password manager that stores your passwords (encrypted, of course) in one place and generates and even changes passwords for you. Other good password managers are 1Password and KeePass. I don’t recommend LastPass, another popular one, because they got hacked last year. That’s not good enough.
- Use two-factor authentication: Most email programs, cloud storage utilities, banking applications, social media, and other sensitive applications currently offer two-factor authentication (TFA). TFA requires that every time you log in, you go through a secondary layer of security – a code to enter at login that is sent to your phone via text message. Some offer these codes by email, but do not use them. If hackers gain access to your email, they can gain access to your accounts by submitting TFA codes.
- Use HTTPS everywhere: My friends at the Electronic Frontier Foundation developed a browser add-on for Firefox and Chrome that forces the websites you visit to use the most secure connection protocol. If encryption is available on the site you visit, your connection to the site will be encrypted and protected from various forms of surveillance and hacking during that session.
- Don’t rely on your browser’s “incognito mode” to do things it wasn’t intended for: Browsers such as Chrome, Safari, Opera, Firefox, and Microsoft Edge allow you to start a browsing session that does not record anything you do during that session. All visited websites, downloaded cookies or other connection statistics will be erased when the session ends. The “private” browsing modes protect you from searches on your computer. But unless you connect to an encrypted site (via HTTPS Everywhere, for example), whoever operates the site can collect all your browsing data anyway, as the site’s server records it.
- Use DuckDuckGo for sensitive searches: If you are not convinced that Google’s motto “do no wrong” is more than just a marketing ploy, use DuckDuckGo, an alternative search engine that doesn’t log your searches or anything else about you. It produces great results, so you really won’t lose much by using it instead of Google.
- Use a virtual private network (VPN): A VPN is the best comprehensive protection you can get on the internet, because it encrypts everything you do, including your identity and location. VPNs can be used on both your computers and your phones. That’s important, because as Eva Galperin, Global Policy Analyst at the Electronic Frontier Foundation, says, “Logging into the airport’s Wi-Fi network without using a VPN is unprotected Internet sex.” As a bonus, you can also use a VPN to spoof your location and gain access to region-locked streaming content, like Amazon Prime, when you’re abroad. The only downside is that they slow down the connection a bit. VPNs are provided by specialized hosting companies that charge around $ 5 a month for the service.
These techniques make some or all of your electronic data and communications instantly invisible to anyone. They use levels of encryption that would take hundreds of years to break a bank of supercomputers.
When it comes to protecting your privacy, now is the time … because later It’s too late.