Since 2019, the PrivacyTools project has grown from its humble beginnings as a simple recommendations website. We operate huge online communities that consist of a number of federated platforms full of incredible people sharing advice and discussing online privacy.

Our work maintaining PrivacyTools has been extremely difficult of late without access to key assets such as the domain and without the participation of its founder. As a result, we as a team decided to to hold a vote for a new name.

This name change is the first step in this process of regaining our independence as a community. Eventually, we plan on creating a new legal organization designed around the community to ensure our long-term sustainability. This will take some careful planning and time to get right, but we’re confident we can prevent this from ever happening again, and keep us independent of any one team member.

This was not an easy decision to make as we would of course have preferred to stick with PrivacyTools and take the organization to new heights, but without control or ownership over key assets such as the privacytools.io domain, that vision was impossible.

Unfortunately with federated services like Mastodon, Matrix and PeerTube we can't simply change the domain name for technical reasons. We plan to run these services on the old domain for a while yet.

As the long-term stability of these services is very much in question, we strongly encourage users of chat.privacytools.io, social.privacytools.io, tube.privacytools.io to switch to other providers as soon as possible. It is possible we might bring these services back under our new domain, but that is yet to be determined.

Thank you for being with us on this journey, we hope you’ll stick around and see what’s next.

~ The (formerly) PrivacyTools Team

We may think that we know the differences between privacy, security and anonymity, however we often mix them up. People will often criticize a product or service as “not private” when they really mean “not anonymous.” Privacy, security, and anonymity often complement each other but they are not always dependent on each other and they are definitely not the same thing. A service can be private without being anonymous, or even secure without being private. Which one should you prioritize? To some extent, there are no wrong answers. It really comes down to your threat model and what your desired goal is. It is perfectly fine to pick a product that provides privacy even though it doesn't provide anonymity. Futhermore, it's okay to pick a product that doesn't provide security if it does provide one of the other features. The important thing is that you need to be aware what these products and services are and aren’t offering you so that you can use them correctly.

There’s lots of ways to define privacy, security, and anonymity. Someone showed me this definition and I really liked it. It seems to pretty much hit the nail on the head when applying these terms specifically to data privacy and cybersecurity:

Anonymity: The sender and/or recipient's real ID is unknown

In the real world this could be a secret admirer sending a valentines day card. Online this could be when the ip (or fp/opsec) footprints cannot lead back to the poster: e.g. Tor

Privacy: The contents of the message can only be seen/heard by the intended recipient(s)

In the real world this could be a whispered conversation between two people in the middle of Siberia. Online this could be a Signal message, which is end-to-end encrypted and only the recipient & sender can read the contents

Security (in the context of privacy/anonymity): The parties involved are who they say they are

In the real world this could be something unique and verifiable such as a passport or fingerprints. Online this could be certificates or PGP signatures.

These topics often overlap: Privacy can help your security because if people don't know information about you, they can't effectively target you. For example, an attacker that doesn't know who you bank with cannot know which bank to target. Security can protect your privacy by forcibly controlling who has access to that information about you. Let’s take a few examples:

Security without Privacy or Anonymity

The most obvious example of this that comes to mind is Google. Google has had almost no major data breaches in all their years of existence, yet they know almost everything about everyone to the point that the former CEO Eric Schmidt remarked "We can more or less know what you're thinking about." Google offers world-class security with zero privacy or anonymity.

Security & (some) Privacy without Anonymity

Consider the renowned encrypted messaging app Signal. Because your phone number is required, you can be unmasked by a court order or even a web search depending on the phone number you use. However, Signal is renowned for having some of the best security in the world, and the content of your messages and the information you transfer will be protected and controlled even if your identity is not. Top-notch security and privacy over the content of your messages, but anonymity cannot be guaranteed.

Anonymity without Security

Cash is a great example of this. Paying for a product in cash preserves your anonymity - unless the business requires it, you don't have to give any kind of information at all. Yet, you have no security if the seller doesn't deliver the item (unless you have a receipt). You have no protection from fraud or anything like that.

Security with Privacy & Anonymity

XMPP is arguably the best example of this. XMPP allows you to sign up without any real information, over a VPN or Tor connection for total anonymity. Additionally, the conversations can be protected by OMEMO encryption, meaning the data itself is also private. When used properly, this is as closed to perfect as you can get, if a bit user-unfriendly. (Editor's note: XMPP is not officially endorsed by PrivacyTools for reasons listed here.)

Closing Thoughts

These three concepts are not necessarily dependent on each other. A secure product does not guarantee privacy, a private product does not guarantee security, and anonymity does not guarantee either. Also as I said before, there is nothing wrong with valuing one facet over another.  It's also okay to use Signal even though it doesn't give you total anonymity. Just be sure you understand how a product is meant to be used and where it both shines and falls short. It would be awful to use Google thinking that it will give your communications total privacy and then your financial details get stolen by a rogue employee. Or if you used a service like Signal to organize protests in a hostile country only to be arrested once your phone number is unmasked. Know the limitations of the services you choose and decide what features are important to you. It’s also important to know that privacy and security are sliding scales. This is could be an entire blog post on its own. Think of passwords. Any password – even “password” - is technically more secure than no password at all. But a 16-character randomly-generated password is even more secure than “password.” Sometimes it’s okay to find a solution that offers a blend – less privacy in one area in exchange for more security in another, or vice versa. Once again, it all comes back to your threat model, your needs, and your resources.

Cover photo by Philipp Katzenberger. Originally published on The New Oil.

Wars can be fought in the real world but there is also a virtual battlefield - and it is just as harmful. The Lawful Access to Encrypted Data Act is the latest attempt to access people's encrypted data and it serves as another reinforcement.

This type of “warrant-proof” encryption adds little to the security of the communications of the ordinary user, but it is a serious benefit for those who use the internet for illicit purposes.

This statement is plainly false. Encryption has as much benefit, if not more, for ordinary users. Encryption is used in every website that has the padlock sign (HTTPS), in every iPhone app since 2016, in every Android app since 2018 and in almost every modern application - and for good reason. Encryption helps protect sensitive information (such as that shared with your bank, or any time you use a password on a website). It may also help protect files which are not in use (at rest), or in the event the server is accessed by an unauthorised person (such as a criminal attempting to siphon off important data).

In 2016, Bruce Schneier wrote an article on the value of encryption clearly outlining why encryption is needed. Schneier went on to say that when the US Government was previously fighting cryptography, he wondered if they were aware how much they relied on it themselves. No-one is above the law, so if you ban strong encryption, the FBI should not use it either. Attorney General Barr gives the impression that the government, along with certain large companies, should have an exception to the law. Barr recognises that there are some things that are secret, but he doesn't recognise that regular citizens might also want to enjoy privacy as well.

“We are not talking about protecting the nation’s nuclear launch codes,” Barr told the International Conference on Cyber Security at Fordham University.

“Nor are we necessarily talking about the customized encryption used by large business enterprises to protect their operations. We are talking about consumer products and services such as messaging, smart phones, email, and voice and data applications."

Somehow, because your average Joe does not have government level secrets, he is no longer entitled to encryption. We are all humans, and we all need privacy. By taking away encryption, you are taking away privacy online.

This act is aimed at Section 230, which ensures that no interactive computer service provider shall be treated as the publisher or speaker of content published by their users - an essential part of the survival of all search engines, social media platforms and video sharing sites. Without it, the internet would become a self-censored platform – one that is more concerned with fending off lawsuits than providing a medium for ideas and innovation as it originally was.

It is easy to sympathise with an act that is being pushed through on the grounds that terrorists, paedophiles and drug-dealers all use encryption. Reading the New York Times' reporting on online images of  sexual abuse would leave some wondering why this sort of Act has not been passed already. Equally, if no-one had encryption then it would certainly be easier to catch the aforementioned crooks and fellons.

Encryption, however, did not create these problems; these crimes were around long before it came into existence. In addition, those who partake in illicit activity will always find loopholes and ways to do so, such as using products or encryption tools that don't have backdoors. Criminals do not obey laws by definition. Furthermore, many innocent people use similar encryption to these criminals, but only to protect privacy, not hide any illegalities and yet they could still be subject to some kind of prosecution. It is assumed the use or possession of non-backdoored software would also become an offence if too many people used that instead. Statistically, it's agreed there are many more innocent people in society than criminals; those innocent people would be punished as a result of the bad actions of a few.

It is not feasible for a government to make a law of this sort that can apply outside of it's own country. Governments around the world would almost certainly disagree on which countries should be allowed access to the backdoor. As a result, this backdoor would most certainly lead to every unauthorised party having access, as the key to decrypt the data would be discovered by third parties, this would result in completely broken encryption for all. In federated networks, such as Matrix, it's not even possible to add a backdoor to every homeserver. Federation decentralises trust, which means that the person deploying the server isn't necessarily the same entity who makes the client software or server software. Matrix has even written a thorough article on how to combat this sort of abuse without backdoors.

Weakening encryption will only result in criminals using strong encryption anyway, without fighting any of the problems that the the law claims to solve. There is no easy solution, and it is down to politicians to provide one. Yes, encryption can be used by people with bad intentions, but it is also used by so many ordinary people who would never think to use it in a malicious way. Nearly every tool in life can be used for nefarious purposes, but does not mean it should be unavailable for legitimate non-criminal uses. You could hit someone with a hammer, but it doesn't mean hammers should be made out of foam, because if they were, people would just use knives instead. Weakening encryption will not solve these issues, and that's probably because they were not the the focus of the Act. Instead, it seems that this law seeks to criminalises strong encryption that does not have backdoors, even though the government knows full well that this will not stop criminals. The US Government should stop devising new ways to breach its citizens privacy, and focus on combating the issues that this Act fails to.

In 1988, Timothy May predicted that “the State will of course try to slow or halt the spread of [encryption], citing national security concerns, use of the technology by drug dealers and tax evaders, and fears of societal disintegration”. He was spot on.

Cover artwork by Zan

I am announcing today my departure as sysadmin from the PrivacyTools project. Long-time team member and current editor-in-chief, blacklight447, will be taking over as interim project sysadmin to manage existing services currently operated by PrivacyTools, including Mastodon and Matrix.

blacklight447 is a trustworthy member of the PrivacyTools community and an experienced sysadmin. I do not forsee any decline in the quality of service you currently expect from PrivacyTools services, they will continue to be provided in their current capacity.

🐬 So long, and thanks for all the fish.

Since April 2019, one of the primary goals of PrivacyTools has been to promote the creation and use of decentralized and federated networks to replace the centralized giants like Google and Facebook that have taken control of the internet over the last decade. Already we've launched Mastodon and WriteFreely instances with thousands of users, and our Matrix homeserver is one of the largest in the Matrix fediverse.

This week, we're happy to announce another instance in our foray into federated platforms, tube.privacytools.io, an open and curated PeerTube instance that you can use to view videos on any instance in the interconnected PeerTube network.

What is PeerTube?

PeerTube is software you can install on a server that allows you to create your very own video hosting website, a "homemade YouTube" if you will. The difference between PeerTube and YouTube is that PeerTube is not a massive platform centralizing videos from all their users on a single server farm. Instead, PeerTube connects many small and independent video hosting providers, using the same technology as Mastodon and WriteFreely: ActivityPub.

PeerTube is the only video hosting platform that combines open code, federation, and peer-to-peer broadcasting/viewing into a single service, ensuring that the network is completely free and robust, even if your video goes viral!

In an ideal world, every content creator would host their own PeerTube instance and upload their videos there, and every viewer would host their own PeerTube and use it to follow others. Federated platforms thrive with as many instances as possible, and if that is something that excites you, you should definitely check out joinpeertube.org for more details on setting up an instance.

Our Instance

Of course, there are always users who simply don't have the time, knowledge, or budget to host their own services, and that's fine too! That's why we launched our instance with open registration, so you can join the PeerTube community just by creating an account. An account on our instance will allow you to like, comment on, and subscribe to the numerous videos and video creators on the PeerTube platform.

Of course, since PeerTube is ActivityPub-based, you can actually subscribe with any ActivityPub platform, including subscribing to creators with a Mastodon account:

An account on PeerTube simply gives you a more video-centric viewing experience compared to Mastodon, but you have the option to choose what works best for you!

For Content Creators

We do realize that for video creators, hosting your own PeerTube platform is a unique challenge. Depending on your size, servers and bandwidth can quickly become costly. And even though PeerTube tries to mitigate this as much as possible with Peer-to-Peer video viewing, that cost may still be significant to you.

That's why we are offering free, unlimited video hosting to privacy and technology focused content creators. That's no limit to either video storage or bandwidth, and we believe our infrastructure can handle many, many viewers at high performance to get your content out to as many people as possible.

Uploading to PeerTube is as simple as pasting a link to an existing YouTube video you hold the copyright to, or uploading it manually yourself. If you don't want to upload to PeerTube regularly, please reach out anyways, we can run automated scripts on our side of things that will mirror your YouTube channel for you with very little effort, with your permission.

Techlore is the first content creator to partner with us to bring his YouTube content to the PeerTube network! We're very excited to get his videos out to our community. If you want to experience the PeerTube viewing experience for yourself, check out his channel on our instance.

But maybe you already host a PeerTube instance already, or the idea of setting one up doesn't scare you. Please, reach out to us anyways! We are happy to follow informative non-spammy instances to boost your content on our discover page, and provide instance redundancy to reduce the bandwidth load on your own instance. PeerTube's redundancy controls allow our server to mirror your content, so that viewers will automatically download content from us as well.

Over the last week we've been working with Sun Knudsen, a privacy content creator who recently launched his own PeerTube instance to mirror his YouTube content. By enabling video redundancy with his server, we're able to share the bandwidth load without harming user viewing experiences. Check out his channel for some more great content!

Finally, if you're not a content creator, but you know someone else who would be perfect for the PeerTube platform, please encourage them to reach out!

Our instance will be highly curated: We are primarily looking for content creators who will help advance the message of online privacy and self-hosted technologies, so unfortunately we can't provide accounts for every creator under the sun. But, even if your content isn't quite compatible with the tone of our local PeerTube community, we are still happy to help you find the perfect instance for your content, or help set up your own node in the fediverse.

Final Thoughts

We are very happy to support PeerTube and we believe there is tons of fantastic content to watch on the network.

PeerTube is currently in the middle of a crowdsourcing campaign through the end of this year. They have currently surpassed their target of €20,000 for the month of July and are well on their way to raising their final goal of €60,000 by November.

Contributions will fund the development of many new features coming to PeerTube's future, including additional plugin and playlist functionality, and live-streaming! If you are interested in contributing to the future of federated and Peer-to-Peer online video, please consider sending some support their way.

And of course, if you like what we're doing here at PrivacyTools, consider a contribution to our project as well. The donations of all our fantastic supporters will allow us to continue hosting and promoting great services for years to come!

If nothing else, create a PeerTube account or instance, and get watching :)

Media

Branding Resources

You are being watched. Private and state-sponsored organizations are monitoring and recording your online activities. Since 2015, PrivacyTools has been providing services, tools and knowledge to protect your privacy against global mass surveillance.

Press Contacts

Jonah Aragon
PrivacyTools
jonah@privacytools.io

It makes me smile when I come across someone struggling with the decision of whether or not to get a VPN. It makes me smile not because of the indecision and relative lack of knowledge, but because it wasn't so long ago I was in exactly the same position—perceiving VPNs to be some kind of extreme measure only the paranoid and the criminal resorted to. How wrong I was.

In just a few months I've come to realise that something like a VPN is in fact a basic measure one might take in the effort to more freely roam the Internet—tainted as it is by censorship, surveillance and many other forms of state control. So where do you go from realising these issues if you know them to be the threats that they are to democracy and freedom? You seek to take control.

You discover the Tor Project—or rather, you learn more about a network that's been around for years and for years has suffered the type of reputation which only blinds everyday people from its incredible potential for positive change in numerous oppressed countries around the world.

At the time of writing there are over 6,300 Tor relays, and I like to think this number will continue to grow steadily. Each one—no matter its uptime, bandwidth or overall reputation, or whether it’s a Guard, Middle or Exit—each one is the direct result of an individual deciding to sacrifice money, time and effort for the cause of fighting for a freer Internet: enabling millions of users—journalists, bloggers, whistleblowers, activists and everyday people like you and I—to communicate anonymously, and therefore safely, wherever we are in the world.

Like many others, at first I was unsure about running my own relay. The usual doubts and questions arose: surely it's too difficult; I don’t know much about servers, and it’s surely expensive and beyond my skill-set to configure one as a Tor relay. But then I watched this talk by the articulate, intelligent and passionate Tor Project developer Jacob Appelbaum (if you do nothing else today, watch it).

Jacob couldn’t have made a better case for direct action, requesting of the audience:

Raise your hand if you think anonymity is something that is good and you think is a fundamental human right that we should all have...
Now raise your hand if you want to do something about it...
Now keep your hand up if you’re going to run a Tor relay...
Everybody that put your hand down, why aren’t you running a Tor relay? You can do something about it right now.

And this is when it struck me, as I hope it struck many others at that talk: Am I doing enough? Can I claim to take this subject seriously if I’m not willing to invest the effort to really be a part of the solution. Not simply to donate money—which of course is still a great way to contribute—but to truly, technologically support the Tor network.

It struck me that I have enough money, time and access to the right information to run my own relay. So it begged the question: Why wouldn’t I?

At the time of writing my relay has been flagged ‘valid’, ‘running’ and ‘fast’ and is on track to have relayed around 750GB by the end of the month. It feels good. It feels really good.

This article was originally published on my personal blog at samhowell.uk, on February 15th, 2019. It is made available under the Creative Commons By-SA 4.0 License.

Dear PrivacyTools community,

In October 2019, we learned that System1 had become the majority shareholder in Startpage.com via a new System1 subsidiary, Privacy One Group. Due to the uncertainty surrounding the acquisition and the initial lack of clear communication from the Startpage team towards the privacy community, we were forced to delist Startpage from PrivacyTools's search engine recommendations. In an explanatory blog post, we asked for more clarity surrounding the situation, stating:

...there are still so many unanswered questions, we can no longer recommend the service with good confidence. If Startpage aims to be re-considered, they will have to answer the questions above, preferably along with an explanation of why it took them so long to get proper answers out to the public.

Shortly after this, the PrivacyTools team was able to get an open line of communication with Startpage.com CEO Robert Beens, who vocalized his regret for not answering our questions more quickly and providing more clarity to the community from the start. From their perspective nothing fundamental had changed due to the acquisition, except that they would now have the resources to market Startpage efficiently thanks to System1. Unfortunately, Startpage failed to put themselves in the place of their users, and understand that their lack of transparancy at the beginning would erode the trust they shared with the privacy community.

By December, Startpage had responded to our questions. More recently they also clarified that System1's privacy policy does not relate to Startpage; Startpage's privacy policy remains unchanged:

Having a new shareholder in the company will not change any aspect of the privacy we offer. We are a Dutch company and will continue to be so, fully complying with Dutch and EU privacy regulations (GDPR). We don’t store or share any personal data. No change either. Our clear privacy policy will stay the same. Management / founders (including myself) continue to have an important stake in the company and will continue to be fully committed to our privacy mission!

They also created new support pages clarifying the privacy implications of System1's relationship with Startpage:

• Startpage CEO Robert Beens discusses the investment from Privacy One / System1
• What is Startpage's relationship with Privacy One/System1 and what does this mean for my privacy protections?
• What is the Startpage privacy-guarding data flow?

Additionally, Beens joined an interview with Techlore in February answering his questions and further questions from the privacy community.

We prepared a merge request in December for relisting Startpage in case we decided to do so, but did not have plans to merge it until the whole team felt confident (which we knew would take time). 5 months later, we sync'd up as a team, and decided to re-list them (with a warning explaining these events) which you can now find on PrivacyTools here. Our confidence and trust in Startpage has grown, and we're appreciative of Startpage's cooperation and willingness to address the concerns of our community.

We also hope this encourages any services that may end up being delisted for one reason or another to take action and improve themselves in this same fashion. We don't like delisting the services we've previously trusted and recommended, and we are always happy to see when steps are taken to regain community trust.

Media

Branding Resources

You are being watched. Private and state-sponsored organizations are monitoring and recording your online activities. Since 2015, PrivacyTools has been providing services, tools and knowledge to protect your privacy against global mass surveillance.

Press Contacts

Jonah Aragon
PrivacyTools
jonah@privacytools.io
763-392-3051

Hello everyone! As a part of our ongoing server migration we have made the decision to discontinue our Gitea installation at git.privacytools.io. Ultimately this service was used by a very small number of users, and continues to consume too many resources to make this a cost-effective platform to host.

Effective today logins and repository creations will be disabled, and our installation will be made read-only to allow any existing users to download any repository information they need. If you are unable to access any data you need in a private repository, please email me at jonah@privacytools.io.

In 30 days we will shut down the server entirely, and all resources will be completely inaccessible. The server and all related backups will be destroyed shortly thereafter.

We feel that this will allow us to focus on our other existing services and bring new and useful platforms online for our users. We thank you for your support and understanding!

Best,
Jonah
Services Administrator

Media

Branding Resources

You are being watched. Private and state-sponsored organizations are monitoring and recording your online activities. Since 2015, PrivacyTools has been providing services, tools and knowledge to protect your privacy against global mass surveillance.

Press Contacts

Jonah Aragon
PrivacyTools
jonah@privacytools.io
763-392-3051

With the ongoing COVID-19 pandemic, many of us have had to make rapid lifestyle adjustments to keep up with social distancing and isolation rules. More of us are working and studying from home, and using telecommunication tools for conferences and lectures is becoming a daily habit for people around the world.

One of these tools in particular, Zoom, has seen a huge increase in use since the COVID-19 outbreak. This is due in part to their clever marketing and support materials they've provided to teachers, students, office workers, and employers. Consumer Reports privacy researcher Bill Fitzgerald has suggested Zoom is using the pandemic as a selling opportunity.

Zoom's Privacy Woes

Of course, everyone is keen to continue work and keep productivity at a steady rate through this crisis, and to many employers Zoom appears to be a great option to do so. And Zoom is happy to take on customers who will likely continue to use their services after the pandemic subsides, where they can continue to mine the personal data of their users.

Many institutions and workplaces did not have preparations in place for a crisis of this scale, requiring them to adopt technology without taking the time to consider the privacy and security implications of the solutions chosen, — of which there are a number — prompting bans from organizations like the United Kingdom's Ministry of Defence and SpaceX. Zoom may not be suitable for you or your organization, as privacy breaches continue to pop up. Just days ago it was revealed that Zoom was leaking email addresses and other profile information to other users with an address on the same domain. More bad news for Gmail users!

Zoom is not the best choice for protecting communications privacy. Zoom falsely claims to support end-to-end encryption (E2EE), when in fact Zoom only uses regular transport layer security (TLS) such as that used when visiting https websites. This means that Zoom can see the contents of your conversations and calls, when this would not be possible with true end-to-end encryption.

If you do have the ability to choose what platform you use, we recommend considering Jitsi or BigBlueButton, two options which can be hosted by your business or institution internally, rather than relying on their cloud offerings. At PrivacyTools, we've also compiled a list of recommendations for Real-Time Communication you can also check out, especially if you need more than just video.

But sometimes we don't have the opportunity to choose the platforms we must use to communicate with our coworkers, students, and friends. If you are required to use Zoom or software like this, that you do so using a Virtual Machine (VM). A VM is a program that works like a completely separate computer inside your computer. The "host" operating system, which is your main system, continues to run everything you might need, while a "guest" operating system also runs completely independently. You can run any programs you want — like Zoom! — inside this guest operating system, and they will be completely isolated from your system and files. It won't even know the host exists!

Using a VM will help with maintaining some security, especially if you need to use a personal device at home to work. Bugs like these recently discovered exploits that allowed malicious websites to enable your webcam, the use your camera without consent and the discovery of a user's Windows username and ability to steal credentials would not have been possible, as Zoom would be completely isolated on your device and would not be able to run at all when your VM was shut down. It's also worth noting that Zoom has decided on a complete feature freeze in an attempt improve security and privacy.

When Zoom is confined in the VM, it cannot see what applications are open outside on your host operating system. We recommend users avoid attaching their webcam, (if they can). However, some users have reported that it is encouraged or required by their school or employer. Fortunately in these cases, you can still attach your webcam as-needed to the guest operating system for full functionality.

Setting Up Zoom in a VM

Creating a Virtual Machine for applications like Zoom is a relatively easy task for most tech-savvy users. We are going to outline the basic steps you need here, but if you need more guidance I've created a separate guide with detailed instructions and screenshots to help you through the process.

What You'll Need

• A computer capable of running a Virtual Machine. Most modern machines should be, but it is worth double-checking.
• A Virtual Machine "hypervisor": This is what actually runs the VM. For most people the free VirtualBox program works well, and it is what we use in our guide. Advanced users may wish to use a solution like Parallels, VMWare Workstation, Hyper-V, or Gnome Boxes, all of which will support this functionality as well.
• VirtualBox users who need webcam support should also download the VirtualBox Extension Pack from their download page.
• A Debian ISO (Linux installer download, torrent)

Overview

1. Verify your Debian ISO is legitimate. If it's compromised now it might not boot, or you might be inadvertently installing malware!
2. Install VirtualBox and the VirtualBox Extension Pack if you haven't already.
3. Create a new VM in VirtualBox. Set the type to Linux / Debian, give it a good amount of RAM (30-40% of your total RAM is good for most users), and create a virtual hard disk.
4. Open the VM's settings and attach the Debian ISO you've downloaded. You can also adjust the video memory (typically setting this to 128MB or higher is best).
5. Start your new Debian VM and complete the Debian installer that should automatically start.
6. Install VirtualBox Guest Additions in Debian.
7. Attach any devices (like webcams) you might need to use to the VM, and reboot the VM.

Now you can install pretty much any software you'd like in your new Linux VM, and it will be completely isolated from your main machine. Remember if any of this is confusing, I've created a more complete walkthrough you can download that explains these steps in detail. Once you're in, you can use the web browser built into Debian to download Zoom, and you're good to go!

As the world finds itself preoccupied with COVID-19, the United States government is trying to pass a law to ban encryption.

It's called the EARN IT act, and while it claims to combat the sexual exploitation of children online, it has potentially devastating repercussions for encryption and companies that use it.

EARN IT focuses specifically on Section 230, which has historically given tech companies freedom to expand with minimal liability for how people use their platforms. Under EARN IT, those companies wouldn't automatically have a liability exemption for activity and content related to child sexual exploitation. Instead, companies would have to "earn" the protection by showing that they are following recommendations for combatting child sexual exploitation laid out by a 16-person commission.

(Source: WIRED "The EARN IT Act Is a Sneak Attack on Encryption")

The US government has never been a fan of cryptography even though they make extensive use of it themselves. The "Crypto Wars" provide more than enough evidence to suggest that this might not be the only reason they wish to ban the use of encryption by the public. A suspicion only further realized when you understand the breadth of the National Security Agency's spying capabilities as demonstrated by Edward Snowden.

The logic behind the EARN IT act does not seem to add up.  If we ban things because unsavory people use them then why does the US allow guns, for example? The problem is that strong lobbies who have the power to influence both politicians and the voting public exist to ensure that things like guns are never banned. Meanwhile, privacy advocates have such a small voice in comparison.

It is also important to note that encryption is available to everyone, yet only a few use it for the wrong reasons. I am not responsible for the actions of anyone except myself. Group punishment is rarely the best option. PGP and similar encryption software were created to improve the privacy of communications and online file storage. The idea of secrecy or privacy is bound to attract some of the wrong people, and yet encryption is also a force for great good. It is used by governments to keep their secrets safe and privacy-seekers to take control of their information. It is used by activists, victims, and thousands of others who rely on it for their personal safety. And it is used by millions of regular people who use encryption — perhaps not even realizing it — on a daily basis to keep their identity, finances, medical information, and more out of the hands of criminals and ne'er-do-wells.

People with the wrong intent will always find ways to get around anti-encryption laws, and there are many forms of communication that would be impossible to police. Memespeech for example, is a supposedly censor-proof method of encryption which hides messages inside normal passages of free speech by adjusting the letter formatting. While Memespeech was built as a counter to the EARN IT act, it demonstrates that any encryption technology — including itself — could be easily built and utilized by the wrong people. Banning encryption unfortunately won't prevent pedophiles from communicating, it will only harm law-abiding citizens.

If you live in the United States, the best thing you can do right now is to call your representatives and tell them not to pass the bill. The EFF has built a helpful tool if you are struggling with this.

In this time of struggle, we must continue to pay a close eye on all aspects of our governments and their actions. The US government is already taking advantage of the situation, as they are currently also in talks with phone companies to use phone location data to help track the spread of the virus. Even if this power could be used responsibly to help prevent the spread of disease, historically we have seen that when power is handed to governments in the midst of a crisis, it is incredibly difficult to take it away in the aftermath.

And if you find these ideas alarming, it is also important to realize your privacy is being abused on a daily basis. If you aren't already aware of this and actively doing something against it, this is a great time to get started and find out more. There are lots of great websites, communities, and video channels to help you learn.

Cover photo by Gage Skidmore

I am very excited to introduce Safing ICS Technologies GmbH as the first sponsor of the PrivacyTools project. Safing is developing the Safing Privacy Network ("SPN", formerly Gate17), a decentralized network designed to protect both connection data and metadata, and focusing on speed and usability.

Safing and its founders share many of the same privacy ideals as our team, and we are very excited to support each other moving forward. You can read more about this sponsorship and what it means to them on the Safing Blog.

We are delighted to be in a position where we are able to share our resources, and equally enthusiastic that we can start this off by supporting the amazing team behind the PrivacyTools venture.

SPN is still in development, with a Kickstarter launch planned for January 2020. Therefore, we have not been able to test their products first hand. But, the PrivacyTools team has been very impressed with their company values and founders, and the technical details behind SPN sound promising. We hope to watch Safing grow with the privacy community and encourage you to check out their website at Safing.io.

The Future for PrivacyTools

Some of our members have asked us about our plans for funding like this, and we have a lot of short- and long-term goals I would like to take this opportunity to share with you.

Right now it is important for us to stay put. Funding from our initial sponsors like Safing will be saved and used carefully. PrivacyTools has always existed in a precarious position of private funding and high out-of-pocket expenses, so having a reserve in place and continual future funding will help ensure our self-sustainability and independence. If we were to use this funding to expand our services now, we would be in a situation where we are too reliant on a single entity (in this case Safing), which might jeopardize our independence despite the best intentions of everybody involved.

In the future we wish to offer more services, especially on platforms that currently receive little support. Networks like Mastodon are reaching relatively high adoption levels, while smaller projects like PeerTube could use some additional exposure.

The problem with projects like PeerTube is mostly resource-based. In PeerTube's case, storage is a huge issue for us to provide. Future sponsors and private funding of PrivacyTools can hopefully change that around. While we don't wish to do this solely with Safing's money for the independence reasons outlined above, it is in the works. If you want to support our mission, please consider giving a monthly donation to us at OpenCollective, every dollar counts. Our end goal is to be completely funded by our fantastic community, and I really believe that is possible.

We also wish to increase the reliability of our current services, and expand our server network internationally. This will allow more redundancy and increase performance for many users. Currently, all of our users connect to a single datacenter in France, causing slowdowns for many. Additionally, a few months ago we were the target for a month-long DDoS attack, and while it didn't take us offline thanks to our host's security networks, we did experience some intermittent networking issues across some services that people definitely noticed. Mirroring our site and distributing our services across continents would help further mitigate these issues in the future.

For those of you wondering what we wish to do with our funding, I hope this makes things more clear. If you have any questions feel free to reach out on Matrix at #lounge:privacytools.io!

We take the recommendations and content on PrivacyTools's sites and services very seriously, and we do not allow our sponsors or other financial contributors to make any decisions regarding the editorial content of our site. All financial transactions are published on OpenCollective, and all editorial changes are published on GitHub for community audit. PrivacyTools is a non-profit collective. Learn more about our sponsorship program and requirements at privacytools.io/sponsors.

A few days ago we launched our new logo for the PrivacyTools sites and services.

But, we are not changing it without a good reason. The previous logo we have been using since 2015 wasn't created by us, and was released to public domain, which meant that anyone could use it in their own projects. Because of that, some of you may have seen it being used on different unrelated websites. This by itself, was a sufficient reason for a new logo. Another issue we had was that it felt too generic, it's just a shield with a white/blue squares and there are a lot of similar logos used by different projects.

So, it was clear we needed a refresh. At first, I started thinking about what people imagine when thinking about privacy. One of the most obvious one is some kind of shady looking person with glasses and a hat, but that wouldn't give our brand a trustworthy look. Otherwise, we have a lock and a shield, which calls to mind both security and privacy, so that's the base I chose to design first.

Our first draft logo was very similar to old shield with white and blue sections, which would present a more familiar look, but it still would feel generic, just like the old logo.

In my second draft, I wanted to show the "Tools" part of PrivacyTools in our logo. There were a lot of tool icons considered, perhaps a hammer, screwdriver, or wrench. I realized either a screwdriver or a hammer would have too many details to incorporate, and we wanted the new logo to be simple. We went with the wrench because it was a simple design that would be visible at all sizes, while being distinct, making it an ideal choice.

The second draft I created incorporating a lock and wrench was met with some mixed feedback in the private team chat. The lock iconography has been used in many other privacy-sites in the past, and it didn't really feel like "PrivacyTools". I got few suggestions, including trying to use shield instead of a lock. Which is how we ended up with our final design:

The logo was made using the free and open-source vector graphics editor Inkscape, and vector copies and different layouts can be found on GitHub. We hope that our logo will create a more consistent branding system across our sites and services!

One of the most common questions users have when it comes to privacy is about messaging services. It seems almost all of them mention some level of privacy or encryption to entice the user to sign up for their service, but how can you be sure you’re using the most secure, privacy respecting platform?

The answer actually lies in one’s threat model, which is often an ignored step in choosing all privacy related apps and services, meaning a lot of users limit their internet and communication experience because they believe they need Edward Snowden level privacy settings.

The truth is, each user needs to decide what their privacy goals are. Is your goal to stop corporations from tracking you, targeting you, and profiting from your data? Or, are you are trying to hide communications from the government or law enforcement, which is common for journalists and activists who want to protect their sources or communications from government eyes?

Once you understand your goals you can start to look at messengers and their upsides and downsides, and it’s important to remember, there is no perfect solution. Each service, no matter how secure can be compromised, because at the end of the day, you’re dealing with other humans who can screenshot, copy, or forward your messages to parties you did not intend to see them. So, it’s also important to know who you are messaging, verifying their keys, and ensuring that you place the utmost trust in them with the content you are sending.

If your goal is to simply avoid corporate tracking and the harvesting of your data from your communications, you can eliminate apps such as Facebook Messenger and WhatsApp, both services owned by Facebook and while offering encrypted messaging (optional in Messenger), Facebook reads your non-encrypted messages, and WhatsApp has fallen victim to security breaches.

For this type of user, your options are much more wide as you may be more willing to share your email address or phone number at signup and can be less concerned with metadata (we will get to that shortly), and you want to look for a messenger that simply isn’t scanning your content or behavior to sell it.

If your goal is to evade more massive state-sponsored surveillance programs, the aforementioned apps are out of the question, but so are many others.

This is because when it comes to these apps, and other like it, you don’t own the encryption keys, the service does, so they are able to decrypt your messages, for their own use, or for the use of government officials who request it. This is something important you’ll want to remember as you choose the messenger that is right for you.

Even Apple’s iMessage, which is encrypted, while more secure than Facebook’s offerings, still control the keys and can access your messages if necessary. Apple does also collect data based on your behavior, so while using iMessage isn’t the same as handing your data over to Facebook, you’re still messaging with a variety of privacy vulnerabilities. On Android, you’re using SMS messages which are even less secure and can be easily hijacked by someone with just enough know-how.

Metadata

One important aspect of messaging apps you need to be sure of is what kind of metadata it exposes, what is encrypted and what isn’t.

Wire, a popular encrypted messenger app has always been criticized for its decision not to encrypt user metadata, such as the date and time of registration, IP geographical coordinates, and the date and time of creation, creator, name, and list of participants in a conversation.

Metadata can be used to place you in a certain location, speaking to a certain person and can be used against you by law enforcement, even if they have no idea and no access to what the conversation was about.

Apps such as Signal, or Wickr encrypt metadata, making the conversations between two or more parties more secure and harder to track individual users with.

When it comes to avoiding corporate data mining, your metadata won’t be as useful, especially if you’re using a service that is not profiting from your data to begin with. For those avoiding state-sponsored surveillance, metadata can be a killer.

Encryption

This article will not get into the complexities of the best kinds of end-to-end encryption (E2EE), but ensuring your messenger has it, that must be discussed.

The popular messaging app Telegram has come under fire the most for this. Telegram says on their homepage that, “Telegram messages are heavily encrypted and can self-destruct.” Yet, this statement is only partially true. Yes, you can set your messages to self-destruct, a great privacy feature for some, and yes, they do offer encryption, but what they don’t tell users is that encryption isn’t turned on by default.

In an interview with Gizmodo, Christopher Soghoian, Principal Technologist and Senior Policy Analyst at the American Civil Liberties Union said that, "There are many Telegram users who think they are communicating in an [end-to-end] encrypted way, when they’re not because they don’t realize that they have to turn on an additional setting,” he continued to say that while he’s happy they offer the encryption, it’s not useful if it’s turned off.

Apps such as Signal, Keybase, and Wickr offer E2EE by default. Less popular but quickly growing apps such as Element, offer E2EE but like Telegram, have not made it a default setting, though the Matrix.org team has said that default encryption is on their road map.

Ensuring your conversations and metadata are E2EE is one of the best practices you can have when choosing a messenger.

Sign Up Process

When it comes to your goals and threat model, you will need to decide how much, if any, information you’re willing to give this company on signup. Do they require a phone number and or SIM card? Do they require an email address, or do they allow completely anonymous signups, and how anonymous is anonymous? Are they storing that info (remember the metadata) unencrypted?

Giving up your phone number or email won’t be a big deal for many, as any good privacy policy will state they won’t use it for any purpose other than those you’ve granted permission for. Yet, for those avoiding state-sponsored surveillance, you may have a regularly changing number, no number, or would rather not risk giving that information up. Same goes for email.

So, you will want to find a service that fits this need. While Signal is currently testing signup without a phone number, currently you’re unable to do so. Element, Wickr, many XMPP services, don’t require anything but choosing a username.

Source Code

Open source may be the most used phrase in all of privacy and security, and for good reason. It’s really helpful to be able to review the source code of the product you’re trusting. Experts can look for backdoors, leaks, and other bugs. Organizations that opt to open source their code are showing good faith effort to increase trust between them and the user.

Yet, open source can also limit your options, again, depending on your threat model and goals. Signal, Wire, and Keybase all offer open source repositories of their applications, and sometimes even the server software itself.

Open source also doesn’t mean secure. This is often misunderstood, and people hear open source and assume it must be good. Look at the apps code you want to use, you don’t need to be able to check it, but are others? An open source app that no one follows, or contributes to is no more or less secure than a closed source app.

Wickr, Threema, and others are closed source. They don’t offer the ability to check the source, but that doesn’t immediately rule them out either. When the Electronic Frontier Foundation (EFF) had a comparison chart for messenger apps, it gave Wickr 5-stars. This doesn’t mean it’s perfect for someone like Snowden, but for those avoiding Facebook and Google, it could be a usable option.

It’s also important to remember there’s no way to check that someone is always using the source code in their repository in the app or server you’re downloading from the Apple Store or Google Play. When it comes to this, reputation becomes a key player in your decision, as does trust, which we will get to next.

If you’re unsure what to do here, it’s always a safe bet to stick with open source that has a large contributor base and strong reputation. It’s always best to use open source options when they are available and only recommend closed source when there isn’t a usable open source option. This is generally a good way to pick a messenger app as well.

Ownership & Trust

An often overlooked, but increasingly important part of choosing a secure messenger is, who owns the company that’s providing your service? What would the gain or lose from selling your data and who does the company answer to?

Wire recently lost a great deal of trust and standing in the privacy world because they quietly sold their company and moved it to the US. They also changed parts of their privacy policy making it harder for users to tell when Wire would share customer data. They did all of this while never updating their current users of such changes, either to the change of the privacy policy, or the move to the US.

Wire also took in more than $8 million in venture capital funding. So now, users wanted to know more about who owned their data and what jurisdictional rights were changing with the move from Europe to the United States?

These are questions we must ask of all services. Wire now has investors to answer to who will want a return on their millions of dollars.

Signal on the other hand is a non-profit which does not rely on investors and instead relies on donations, sponsorships, and grants. Because of their non-profit status in the US, they must also be highly transparent about not only where the money comes from, but how they spend it. So, users can see where this money goes, and who it’s going to.

Matrix.org (the service Element uses) runs a similar business model as Signal, located in the UK instead of the US, they reply on donations, partnerships, and grants. Matrix.org is heavily supported by New Vector, a venture capital backed company, however, Matrix.org as a non-profit is transparent about its spending, income, and influences.

Not all services are non-profit, and that should not rule them out immediately. You can also follow their funding goals. Wire lost credibility because instead of simply relying on user signups, they wanted to be the next Skype for Business and wanted to build a larger enough user base to get the attention of investors. Meanwhile apps such as Wickr, while for-profit, is transparent about taking limited investors to become sustainable on subscriptions.

This can take some time, because it’s important to know who the investors are, and what the organizational goals are. Will they eventually need to resort to data harvesting to sustain itself, if they do, and you decide to leave the platform, will you leave behind data you don’t want them to get their hands on?

Making your choice

Now it’s time to choose a messenger and no one can do that for you. Popularity will need to play a role here, there’s no point in joining the new up and coming messenger service if you don’t have a single contact using it as well. One reason Telegram has been so popular is they have managed to convince more than 100 million people to sign up. If you sign in today, you’ll likely see a group of your friends in there. Signal isn’t as far behind, and others are catching up.

You’ll need to decide who you trust, and who your other contacts trust, and then compare all of that with your goals and your threat model. How much information are you willing to give on signup, does metadata matter to your threat model, and is the service you’re choosing likely to sell itself to the highest bidder once enough people sign up?

The important thing to remember is there is no one size fits all for messengers, and that each user must decide what is best for them. If someone is an avid WhatsApp or Facebook Messenger user, even Telegram is a step in the right direction. Yet, if that user is concerned with more than just giving data over to Facebook, they may need to look at more secure options.

Ensure you keep your messenger apps up to date. You don’t want to discover you’ve been compromised because a bug found in version 1 was fixed in version 2 but you didn’t bother upgrading your apps.

One last piece of advice is that users need to be diligent and never become complacent in their decision. You must be willing to change services if the goals and values of your messenger of choice change in a way that no longer match yours. Look for news of sales, mergers, or acquisitions that could compromise the organization.

Dan Arel is a journalist, author, and privacy advocate. He's also the editor of ThinkPrivacy.io. This article was originally published to Hacker Noon on November 27th, 2019.

There's a massive problem in the privacy world. Websites, social media accounts, and other platforms are constantly popping up out of nowhere, telling you to buy The Greatest Service Ever in order to solve all your privacy woes, whatever that may be. These websites often employ marketing teams to make sure their "reviews" are what you see first when you begin your research. Some of them are even operated by VPN providers themselves, operating under anonymous business entities to hide their bias, or doing it right out in the open, hoping you'll mistake their advertising-filled press releases and blogs as insider knowledge of the VPN space.

When a seemingly "unbiased review" on a site is merely a paid advertisement in disguise, that website is breaking their reader's trust. From a consumer's point of view, affiliate marketing and other paid promotional techniques like this make it near impossible to know when a review is genuine or not.

This isn't going to be a lengthy blog post on advertising being bad, far from it. In fact, many of the VPN providers we recommend engage in responsible advertising across various platforms. The key is transparency: Their advertisements should look like advertisements, and nothing else.

The Bad

I'm really looking to take the time here and identify "the bad" sites and resources that use these techniques to profit off a community just looking for reliable answers. Lots of sites like these will claim they're acting in your best interest, but they're just here to make money.

One common thing I'll see on these sites is a ranked list of providers that are ostensibly the best ones to choose from. These sites have supposedly done all the work for you, so you can just click and go, assured you're making the right choices.

So here's my issue with ranking VPN providers: Let's face it, VPN providers are all offering the same service, and they will either protect your information or they won't. Ranking providers like this only serves as an easy way to guide users to a certain choice (in this case, the choice that will make the reviewers the most money).

Let's look at one of these "review" sites for example, which will go unnamed for the purposes of this article. On their homepage they prominently list 10 providers as the "best" VPN services, in this order:

1. NordVPN
2. Surfshark
3. ExpressVPN
4. PerfectPrivacy
5. IPVanish
6. Mullvad
7. CyberGhost
8. Trust.Zone
9. ibVPN
10. Private Internet Access

To their credit, this review site also helpfully included an advertising disclosure in their footer. On this fairly well hidden away page, they note that they participate in affiliate programs from 8 providers, as follows:

• NordVPN
• SurfShark
• ExpressVPN
• Perfect-Privacy
• IPVanish
• CyberGhost
• Trust.Zone
• Private Internet Access

Hmm. Look familiar? Of the 73 providers this site had reviewed at the time of writing this article, all eight of the VPN providers paying this review site happened to make their top 10 recommendations. In fact, you'd have to scroll down to #6 before you found a provider that wouldn't pay them, practically buried.

Furthermore, their list includes NordVPN, a company notable for not disclosing security breaches in a timely fashion, and ExpressVPN, a provider notable for once using weak 1024-bit encryption keys to protect their users. By any objective standard, these providers do not deserve to be included in a top 10 recommendations list for securing anybody's information. This review site in particular claims to have set criteria for their recommendations, but this just demonstrates that any criteria can be adjusted to fit any goal you may have.

If these sites truly wanted to be helpful, they would consolidate all the relevant information and present it to their users without making the choice for them. A provider is going to be better or worse for every user depending on their particular situation, and encouraging making an informed choice between options presented equally is far more beneficial to putting one over the other in a largely arbitrary fashion.

But that isn't to say they should just throw all the providers in a big table and call it a day. Almost worse than the ranking scheme above is when sites provide out of context lists of providers, often just with pricing and a link. Sometimes they will link you to a full review (more on that in a bit), but for the most part these sites just expect you to follow their recommendations blindly.

These read like advertisements, because they usually are. Once again we see the usual suspects — NordVPN, ExpressVPN... — paraded as the gold standard in the VPN space, not out of any inherent value, but based on the value of their affiliate programs. To further this point, let's take a look at how much each of the five providers above will pay you for a referral (on a one month plan).

1. ExpressVPN: $13 for first month
2. NordVPN: $11.95 for first month
3. VPNArea: $4.95 for first month
4. VPN.ac: $2.90 for first month

Unfortunately, Perfect Privacy would not share their commission rates publicly, but if anyone has any information on that I'd be happy to receive it. What I will say is that based on the information above, I would not be surprised if it fell right between ExpressVPN and NordVPN's rates. Their one month plan costs $12.99, so assuming a 100% match on the first month (the standard from NordVPN and ExpressVPN) that would add up quite nicely.

Once again, we see a lineup of providers ordered in a way that appears to conveniently pay the most to the website owner. And therein lies the issue with affiliate programs. Once you begin receiving financial compensation on a per-signup basis, you are now motivated to push the most users to the sites that pay more on a monthly basis, rather than the sites that will actually help the user.

Occasionally, these recommendations are coupled with a "review" that is supposedly independent and unbiased, but in reality are simply more marketing tools to persuade you towards their opinions. In most cases, these reviewers will simply copy the VPN provider's own press releases and even media, presenting their advertising as fact to their readers. These reviews are always hidden away as well, with main navigation links directing users towards the more affiliate-link-laden lists and tables that they'd much rather you browse. The true value of these review articles is the Search Engine Optimization (SEO) advantage they bring in the rankings on Google, and not much more. More traffic = More clicks, at the expense of good, independent content and integrity.

The Good

This isn't to say all tables or lists are bad, it's how they're presented rather that makes or breaks a site. ThatOnePrivacySite.net for example sets what is perhaps the gold standard of VPN comparisons:

Here's the difference. They include virtually every provider — the good and the bad — and present them at equal value to sort through. Instead of providing their readers with answers, they provide them with information that can be used to deduce their own recommendations, based on their values as an individual.

But some users just want the answers, and that's fine too. I think there is still definitely a way to provide recommendations without introducing financials or bias into the equation. At PrivacyTools, we've developed a set list of criteria, and we make that abundantly clear when you read our list of recommended VPN providers.

We also refrain from using affiliate links. As we've discussed, they are fundamentally flawed ways to market a service, and using them would break the trust our community has in our recommendations.

We do have a newly-introduced sponsorship program, but all of our finances are handled in an incredibly transparent fashion. As a non-profit organization, the funding we receive cannot be used for private profit, and our community can see both where we receive money from and how it is being spent thanks to Open Collective. Additionally, the recommendations on www.privacytools.io are handled by an entirely separate team of editors and contributors than the administrative team such as myself that handles the sponsorships and finances. The editors have sole control over our recommendations and operate entirely independently and on a volunteer-basis to ensure the choices we make are for the benefit of the privacy community over one individual.

Ultimately, as a matter of policy our sponsors have no say over our recommendations, or whether they are recommended or a competitor is removed. We have given our community vast access to our website and internal workings to keep us in check and ensure we're staying true to our word. This separation of management and editors is a strategy that has served the media industry well for decades, and makes all of our team and organization a more credible and trustworthy source of information.

In Summary

We have a lot of points we want to get across. The current landscape of privacy reviewers and "experts" weighing in on topics regarding the very companies that pay for their reviews is morally reprehensible, and just another way for big tech companies to collect all of our data more easily.

Review sites should make it abundantly clear when their reviews are paid for by the VPN companies in any fashion, whether that be via affiliate programs or good old-fashioned sponsorships. This can't be via a hidden-away disclosure in the footer or not published at all, but clear and close in proximity to the claims published on their site. Customers are not expecting or seeking out these disclosures when they visit review sites, and can't be expected to immediately discern whether you're speaking from a place of unbiased fact, or from a place with the greatest financial incentive. Better yet, they should reconsider their entire business model. We built PrivacyTools from the ground up in 2015 based solely on a community donation model that still keeps us sustained. It's the more difficult way to build a site to be sure, actually working to gain the trust of a huge community, but the difference in quality and integrity is remarkable.

VPN providers should consider spending less money on paid reviews, and more money on securing and validating their infrastructure. Regular security audits are one fantastic way for companies to demonstrate their dedication to keeping their users secure. We strongly believe VPN services should consider the PrivacyTools VPN Criteria, especially in regard to the ownership of their organization. Your VPN provider should not be hiding away in Panama controlled by anonymous leadership. While you as a user deserve privacy, transparency should be required of providers if you are expected to trust them. I would not give my money to some anonymous overseas investor, why would I give all of my internet traffic to some anonymous overseas administrator?

Finally, when you're choosing a VPN provider, do your own research. Understand what a VPN actually does for you. Understand what it is a security audit proves, find out who owns and operates the VPN service you want to use, and make sure their policies and technologies reflect your values. Again, we'll recommend ThatOnePrivacySite and PrivacyTools as great resources to get you started, but ultimately gathering the information yourself and making an informed decision is the only way to make sure your privacy is being respected.

Update 11/21: I've clarified this article to make it clear that I cannot objectively prove how much a "review site" is profiting off any particular provider, without having access to their private financial statements. The findings in this article were based on public information from affiliate programs and opinions were drawn accordingly.

It has recently come to the attention of the PrivacyTools team that Wire, the popular end-to-end encryption messaging platform had been sold or moved to a US company. After a week of questioning, Wire finally confirmed they had changed holding companies and would now be a US based company in a move they called “simple and pragmatic,” as they worked to expand their foothold in the enterprise market. This also came alongside the news that Wire had accepted more than $8 million in Venture Capital (VC) funding from Morpheus Ventures, as well as other investors.

Morpheus Ventures holds a portfolio including companies in healthcare, voice AI, life insurance, and retail customer data analytics: All sectors that have historically used invasive data collection methods to survive. Why would a VC with a portfolio centered on consumer data want to invest in a company whose mission claims to protect that very same information?

Earlier this year, Wire announced they had entered a partnership with FedResults, in a move that would bring Wire's secure messaging platform to US federal agencies. This raised a few eyebrows, but did not alarm the privacy community as Wire remained Swiss based and beholden to Switzerland's strict privacy laws. Today however, while much of Wire's business will continue to be run out of their Swiss offices, with new US-based ownership it is not entirely clear how much jurisdiction the United States will have over Wire data.

This is alarming because it is well known that Wire stores unencrypted metadata for every user.

In an interview with TechCrunch, Wire CEO Morten Brøgger said of privacy laws: “We are in Switzerland, which has the best privacy laws in the world” — it’s subject to Europe’s General Data Protection Regulation framework (GDPR) on top of its own local laws — “and Wire now belongs to a new group holding, but there no change in control.”

Even if he is correct, the move and statement do bring up further questions. With Wire now being a US company with contracts partnering it with US federal authorities, will those authorities now have leverage to compel Wire to give up metadata on users? Wire has investors to answer to and will not be able to risk losing large deals with clients like the US federal government. This is of course a hypothetical situation, but one to be considered nonetheless as we decide which services to recommend on PrivacyTools.

Wire also quietly made an adjustment to its own privacy policy. A previous version of the policy (July 18, 2017) stated it would only share user data when required by law. Now (Updated September 1, 2018), it reads they will share user data when "necessary." What does necessary mean, and necessary to whom? Necessary to law enforcement, shareholders, or advertisers? The word "necessary" is an alarming change because "necessary" is purposefully vague terminology that could conceivably be used as a tool to justify any action. This change doesn't leave the user with much confidence as to when the company may share your data.

Yet another red flag, and one of the more important ones to us, was is that Wire decided not to disclose this policy change to its users, and when asked why, Brøgger was flippant in his response, stating: “Our evaluation was that this was not necessary. Was it right or wrong? I don’t know.”

We feel we do know, and the answer was that it was wrong. Privacy and security are not built solely on strong technology, but on trust. Yes, we can review Wire's open source code on GitHub, but we can't ever be sure that code is the same exact code that runs on their servers in practice. Yet, we have trusted them in the past because Wire had built a trustworthy reputation for themselves. We now feel that Wire has lost this reputation. By deciding to withhold information regarding its ownership and policies from its users, Wire has broken the trust our community has placed in it, and worse yet sounds almost dismissive of the worries voiced by the privacy community that had long held them in high regard.

Because of these ongoing concerns, and this break in trust in Wire's organization, PrivacyTools has made the decision to remove Wire from its recommendations. It is worth noting that does not necessarily mean Wire is unsafe, but we believe it is our duty to recommend products that we as a team feel comfortable standing behind. We need to believe in the security, privacy, and integrity of our recommendations, and we no longer feel we can do that with Wire at this time.