Thursday, January 19, 2012

How to Protect Your Internet Privacy

The U.S. Government is one of the leading threats to Internet freedom.

In 2011, Immigrations and Customs Enforcement (ICE) seized more than 100 domains, often without any basis in law. 

Some politicians--most notably Joseph Lieberman--have called for an Internet Kill Switch whereby the executive branch of the United States Government would be given the "legal authority" to "kill" or terminate some or all of the Internet for any reason.  

More recently, the Stop Online Piracy Act (SOPA), a draconian measure supported by much of Hollywood, threatens to subvert what little freedom remains on the Internet.
However, legislation targeting Internet freedom must be construed in a broader context: since September 11th, 2001, the Patriot Act has essentially sundered the rights and freedoms afforded by the United States Constitution.  And, in many ways, it has given birth to the National Security State.
In light of the various threats to Internet privacy, it is necessary to protect yourself not only from governments, but multinational corporations, internet service providers, universities, employers, and criminal networks.  


Every connection to the Internet has an Internet Protocol (IP) address issued by an Internet service provider (ISP).  The IP address may not only reveal who the internet service provider is, but more importantly, the approximate city, state, and country of a particular user. 

In addition, every search made and every website visited (in particular, online banking, email logins, et al) record a person's IP address and saves it indefinitely.

It is this number that uniquely identifies every user on the Internet.  And since the ISP has a record of the subscriber (name, tax identification number, home address, et al) , every connection is traceable--traceable, that it is, unless the data is first encrypted by a proxy or a VPN service before passing through the internet service provider, making the data unreadable to the ISP. 

In addition to encrypting data, proxies and VPNs can hide a person's IP address and replace it with a different IP.

Although many services on the Internet promise privacy and anonymity, few deliver on such a promise.  All web based proxies, such as,, and, for example, are ineffective and consequently must be avoided. 

Web based proxies do not encrypt an Internet connection and simply cannot handle third party plugins such as JavaScript, Flash, Java, et al.  More importantly, many web based proxies are in fact run by criminal networks, law enforcement, and intelligence agencies.

Virtual Private Networks (VPNs), unlike proxies, encrypt the whole Internet; however, like proxies, VPNs can be good or bad, depending on the service provider.  A VPN connection typically encrypts data from a person's computer through the ISP to a VPN server.

How to choose a VPN:

    •    Always read the privacy policy of a VPN provider.  Avoid services that keep data logs.
    •    Understand that all VPN services, regardless of the privacy policy, offer private--not anonymous--connections.  VPNs are not anonymous because all data passed from users' connections are visible to the VPN provider; ultimately, VPNs require a certain amount of trust on the user's end.

    •    Avoid Point to Point Tunneling Protocol (PPTP) services.  PPTPs are considered less secure than OpenVPN services.
    •    OpenVPN is open source VPN technology that encrypts Internet connections with high grade encryption. and are a few popular VPN services.

Proxy Services:

    •    Only use network proxies that are open source programs.

    •    Onion Proxy services (such as Tor) are the most anonymous Internet connections but also are among the slowest.
    •    Proxies have limitations on the ports they can anonymize.  In order to anonymize all ports, proxies require third party software known as Socksifiers.


Email messages resemble a post card--there is nothing preventing anyone from reading it in transit.  Here are some precautions you can take:

    •    Always encrypt sensitive emails with either PGP or S/MIME standards.

    •    Avoid popular email services offered by,, and  Those services are neither private nor anonymous.
    •    Be cautious of certain email services claiming to be private (i.e. but are in reality intelligence honeypots.
    •    Always read the privacy policy of email services.  It is almost always preferable to use an email service outside of local jurisdiction.;; and are popular choices.

    •    To avoid spam, preserve privacy, and protect against potentially dangerous email, always use a disposable email service for forum logins, online coupons, and other online activities. and are good choices.  However, please remember that most throwaway email services are not intended for sensitive data, since anyone may be able to read the contents of the email.


    •    It is always preferable to use a prepaid gift card (American Express, Visa, et al) for anonymous online purchases than a debit or credit card.
    •    It is preferable to use an alias when purchasing online products.

The author is the author of The Privacy Book.  Contact the    --For more information, please visit

No comments: