Cybersecurity

I use graphene OS and Magic Earth instead of Google maps. I only turn on location when navigating. GOS also surfaces app permissions in a more obvious and granular way so I tend to reject most permissions and wait to see if it breaks anything. I also try to use open source apps from F-Droid instead of the Google store. If I need an app on Google store, I use Aurora as my client so I can install apps anonymously.

There's a number of additional steps I take. Although it seems like a lot, I still feel like I'm not doing everything I could. What really matters though is that I'm always making progress over time.

The degoogle sub is a good resource, as is the !privacy@lemmy.ml comm.

I personally never bought nor have used a smartphone, and always use VPN services. I stopped focusing all my time on my IT career, work minimal hours now, and bought a small piece of farmland where I spend as much time as possible offline and outside. Just me and the police drones and spy satellites. 😆

This is my semi-lazy approach. I’m sure someone is going to tell me all the ways that I’m falling down on this front, but…

I switched over to iPhone in like 2019. I started getting ‘stealth’ ads in google maps while driving, and I just could not deal with it. It made me reconsider all of Google’s products, and I made an effort to get away from them. (The stealth ads were like “In a quarter mile, continue past the [name of store] on your right” on a perfectly straight road. At the time I was giving a lot of thought to dark patterns and how they influence our behavior, and I just could not see that occurrence as anything other than manipulation. Ironically, I’ve since learned it may have actually been due to GIS errors thinking the road curved when it didn’t, and Google not having a nearby street to use for reference, but like… I don’t know, and I don’t care.)
On my iPhone I set it up to never send advertising ID/opt out of ad personalization.
I don’t give apps permissions they don’t have a clear reason for needing - Your camera can give away your location because of photo geotagging. Network access can report on what devices you have on your network as well as your network information, which is something that’s trackable and geolocatable. In an extreme edge case, network access could be used to find file shares on your network and use those to gather information about you. Bluetooth for same reasons. There are advertising networks based on Bluetooth, since your hardware MAC is not changeable and is freely shared. It can be used to track your location within a store, or figure out where you’ve been. A device that connects your identity (email login or something) to your bluetooth MAC can be used to build profiles on where you’ve shop and what sections you loiter in stores. And obviously, location access. I semi-routinely audit which apps are on my phone, and remove ones I don’t use and restrict permissions that I may have granted for a good reason but no longer need the app to have.
I don’t use the same email for anything anymore. I use an email masking service to generate emails for different services.
I never give my last name to any site unless it’s for billing. And I often don’t give my real first name. I never give my real birthday to any site that isn’t engaged with money or the law. I’ve removed or made ambiguous my profile on almost all social media. I no longer post my face to the internet.
I have used (but am not currently using) a service to request to remove me from online marketing/info sites like spokeo or whatever.
I also use a network-wide advertising blocker on my home network, and while I do have smart devices, they are blocked from internet access, with an upcoming plan to completely put them on an offline and isolated network.
The other thing that I did (accidentally) was to buy a new car that does not share data with advertisers or insurance companies. (Yet/to the best of my knowledge.) I’ve also gone through and audited my old accounts and requested not just account deletions, but data deletions. This is especially important for services that may have health, financial, or purchasing data. When I move, I never file a change of address with USPS. First - I just know what’s important to me and update those addresses. But second, the USPS maintains a database of everyone in the U.S. called the National Change of Address (NCOA) Database, and that is more or less monitored by junk mail advertisers to track where people physically are and to send them junk mail. The only time I get junk mail that’s addressed to me is when my information is shared against my will from financial institutions under this stupid exception.

My next thing that I may wind up doing is seeing if I can start acquiring throwaway phone numbers to forward to my real number, so online services that require a phone number for delivery or whatever cannot use that piece of information consistently or well.

That all does sound like a lot, I guess. But it doesn’t feel like a lot. I just live my life and try not to leak my data.
Most of that (and the issue this article is about) would be moot if the U.S. would just pass consumer privacy protections, but noooo, we can’t have that. Instead they’re going to theatrically whine about other countries and pass laws to help Facebook and bolster U.S. controlled propaganda-outlets while not doing anything to actually solve the problem(s).

Maybe running an OwnTracks server or something?