In your normal, everyday life, privacy is very important to you.
You wouldn’t announce the details of your personal finances or your bank account numbers to a crowded pub; you wouldn’t loudly declare your sexual preferences in the middle of a restaurant, and; you wouldn’t conduct a sensitive business call on speakerphone in a busy train carriage.
Yet, somehow, when we are online, people tend to behave differently.
Maybe, it is because the other people who are listening in are physically in the room with us. Perhaps it is because the technical knowledge that many people have about the internet is so vague that we don’t really understand whether what we are doing is private or not.
But these days, these are not good enough excuses. It was back in 2013 that Edward Snowden first revealed the extent of online mass surveillance that Governments around the world were carrying out.
Barely a week goes by these days without some company or other admitting that they have been hacked and sensitive personal information of clients, customers, or subscribers has been leaked.
The fact of the matter is that the internet is like a crowded public place. There are people everywhere and while many of them are not paying you any attention whatsoever, the chances are that at least a couple of them are.
This is why, just as you might speak quietly in a pub or restaurant and just as you would make sure your phone wasn’t on speaker in a train carriage, it is essential that we take steps to protect our privacy when we are online too.
It sounds like a daunting challenge.
Online privacy is a big topic and there are lots of different areas, many various tools you can use, and lots of advice (much of it confusing or contradictory, or both) out there.
Here at VPNCompare, we have been writing about online privacy, reviewing the tools that you can use, and keeping an eye on the issues that affect it for a long time.
Our site is packed with many different guides to different aspects of online privacy that countless users browse, read, and take advantage of every day.
But with online privacy a more critical issue than ever before, we have decided to take the plunge and pull all of our knowledge and expertise into a single guide; the ultimate guide to online privacy and as equally as important, security.
In this guide, you will find every bit of information you need to maintain your privacy online. We will highlight the main threats, tell you how to keep a watchful eye out for them and offer some tips on how to protect yourself.
We will show you how you can be proactive and protect your online privacy even if it is not facing an imminent threat. And perhaps most helpfully, we will recommend the best tools, software, and hardware you can use to secure your online privacy.
There is a lot of information in this guide. It is one of the biggest we have ever written.
While some readers might take the plunge and read it from start to finish, our advice for most of you is to think of this as a reference guide; an encyclopaedia of privacy.
This article is going nowhere, so feel free to bookmark it and dip back in as and when you need to. We will also be keeping it updated as much as we can with the latest advice and recommendations, so do drop back in from time to time to see how things have changed.
If you take nothing else away from the guide, we hope that you will realise that when you are using the internet, no matter how innocently, your privacy is at risk.
There are threats out there and people like you are being targeted. But there are plenty of solutions to help keep you safe as well and you will find them all in this guide.
Part One: Threats to Privacy
Before we start to tell you more about protecting your online privacy and the best tools to use to do it, it is vital to give you a clearer understanding of the type of privacy threats and the extent to which your privacy is at risk when you are online.
This section of the guide could be a thesis in itself but we want to keep the information we are giving you simple and digestible and easy to understand. We also don’t want to be guilty of scaremongering either.
Our aim to be factual and accurate.
Not everyone who reads this guide is going to be at risk from all of the threats we will detail in this section. But we can say with some degree of confidence that everyone is likely to be at risk from at least one of them.
Depending on where in the world you live, some of these threats could be written into local law.
You might read through this section and think there is no way you could be targeted or fall victim to a privacy-busting scam in this way. But the key message is not to be complacent. Anyone, even the most privacy-conscious of experts, can become a victim.
But knowledge is power and understanding the potential threats will help you ensure that you don’t fall victim to them.
The revelations in the documents released by Edward Snowden back in 2013 confirmed what many online privacy advocates had long suspected. Governments of free countries, most notably the USA, were monitoring and harvesting online user data on a massive scale.
He revealed a mass surveillance programme that collected every online message, text message, phone call, internet search record and much, much more. The programmes that Snowden revealed have since been ruled to be illegal and quite possibly unconstitutional.
But despite this, and some token nods at reform, it is highly likely that these online surveillance programmes continue to be used by the National Security Agency to monitor the online activity of the majority of law abiding American citizens and a great many people outside the USA too.
While the focus of the Snowden revelations was on the US Government’s mass surveillance programmes, it also revealed that they were not working alone.
It was through his data that we first learned about the five, nine, and fourteen eyes surveillance alliances in which members routinely share online data to help bypass domestic laws that prevent agencies from spying on their own people.
In the UK, it quickly became apparent that GCHQ worked closely with the NSA on its internet surveillance programmes, as well as having many similar ones of its own. Scrutiny of their activities in the wake of the Snowden revelations revealed, for example, that they routinely tap into undersea internet cables to monitor traffic.
Far from hiding their online surveillance, the UK Government decided to tough it out.
On the watch of former Prime Minister Theresa May, in her time as Home Secretary, the UK Government forced through the Investigatory Powers Act, a piece of legislation that was described by Snowden himself as the most extreme surveillance in the history of western democracy.
“the most extreme surveillance in the history of western democracy.”
The UN Rapporteur for Privacy was similarly hostile, calling it “worse than scary”, while the brutal Communist regime in China cited the law when justifying their own overbearing and intrusive anti-terrorism laws.
The Investigatory Powers Act has since been ruled unlawful but remains on the statute books in an amended version and still requires online activity by UK internet users to be recorded by their ISP and stored for 12 months.
It also allows this data to be accessed by a huge range of government agencies and for the most spurious of reasons.
Similar laws have also been put in place in many other countries around the world, including Australia, New Zealand, and Canada, as well as many European nations.
It worth pausing to realise that this is just the online surveillance being carried out by democratic and free nations. Those controlled by authoritarian dictatorships like China, Russia, and Iran, are frequently even worse.
Communist China operates the most intrusive and overbearing online surveillance scheme on the planet.
Domestically, it can monitor and even censor your online activities in real time. Its pernicious influence can be found seeping into the online actions of Chinese ex-pat communities and beyond in dozens of countries around the world.
Government surveillance of the internet is simply a fact of life these days, no matter where you happen to live.
Unless you take matters into your own hands and take steps to protect yourself, it is safe to assume that what you are doing and reading online (including this guide) is being watched by those that govern you or the authorities they empower.
Government surveillance is not the only form of online spying that has grown exponentially in terms of its scale and technical capabilities.
So too has the ability of hackers and their propensity to target individual regular internet users is even greater these days as we put more and more sensitive information online and within their reach.
Data is a valuable commodity these days and there are no shortage of hackers out there who know as much and have the tools and the skills they need to extract it from us.
Both the hardware and software tools you need to hack into devices, plant malware, spyware, and any other nasty little presents you might want to leave is now readily available and affordably priced.
The extent of our internet usage and the lax privacy and security practices that many of us use online means that even novice hackers can access a steady stream of lucrative online data with the bare minimum of fuss and effort.
Hackers these days tend to work in broad brushstrokes.
Unless they have a specific reason for targeting you, they will cast a wide net and just see what they can catch. Enough people will get caught up in it for the practice to be worth their while.
The key message from this is that those internet users who take sensible precautions and use some of the tools and techniques we have highlighted in this guide have a pretty good chance of avoiding falling victim to a hacker unless there is a specific reason why they might be targeted.
It is a form of online Darwinism; survival of the fittest. As long as you make sure you are not one of the weakest, you should be doing enough to survive.
Browsers and website data gathering
The first two items detailed in this guide have focused on human threats, where individuals or organisations deliberately target individuals or groups of people.
But many of the significant online privacy threats come from technological data harvesting by people who are not snooping on what you are doing online to check up on you but rather to use your data to generate cold, hard cash.
Browsers and many of the websites you routinely use do this as a matter of course.
When you use a browser, it will tell the websites you visit an awful lot about you.
This is commonly known as a browser fingerprint and it will include information like your IP Address, your device details, what browsers you are using but also little details like your screen resolution, battery level, cookie settings, and much more.
This might seem innocent enough on its own, but the problem is that when it is combined with the various other types of data that websites can get hold of about you, it can paint a very clear portrait about you and what you get up to online.
It can also allow browsers and websites to identify you individually, which they love because data about such users is all the more valuable. They can even use it to track your activity across different websites.
Then there are cookies, which you will all be familiar with by now, thanks to the interminable pop-ups that every website in the EU is now legally obliged to show. Your web browser will store cookies from all the websites you visit unless you explicitly tell it not to.
Cookies are designed to create a customised browsing experience and decrease loading times. The problem is that they can also be used to monitor what you are doing online, target online advertising at you, and even be accessed by third parties that you are unaware of.
This type of automatic surveillance tool has been developed (usually) with the best of intentions. Still, the way they are used has mutated over time and these days they pose a severe threat to your online privacy.
There are ways to deal with them, which we will explain in this guide, but the reality is that these data gathering tools are automated and very hard to avoid.
Search engine data gathering
When we talk about search engines these days, what most people will think of is Google. They are the default search engine for just about everybody, which puts them in a hugely influential position.
What you search for online is very revealing and very valuable data. Google knows this (as do most other search engines, too) and that is why they retain an awful lot of information when you use them.
The basic information that Google will retain when you run an internet search through their system includes:
- Your IP Address.
- The date and time of your visit.
- Details of what you are searching online for.
- A Cookie ID, which is a unique identifier they will place on your system.
So all-seeing is Google that for most users they will be able to see details of
- Who you are
- Where you are
- What you like
- Do online
- Search for
- How you communicate
- Who with
- What about
- What websites you visit
- What online services you use
The list just goes on and on and on.
In case you are in any doubt about what Google does with this information, how do you think they have become one of the most valuable companies in the world?
They sell this to third-parties and advertisers for huge profits.
Perhaps even more worrying, they will also willingly hand it over to governments and law enforcement agencies when requested to do so. Courts can also demand it and search histories have been used in cases as diverse as divorce hearings, child custody cases, and all manner of criminal proceedings.
Secure websites which use the HTTPS encryption protocol to protect users and their data are thankfully growing rapidly.
The HTTPS protocol is very secure and when you visit them, your activity should be encrypted and secure. Most popular websites now use the HTTPS protocol and many browsers and search engines will warn you if the websites you want to visit do not.
But not all do and there are still plenty of websites out there, including those for reputable companies and organisations, which only use the insecure HTTP protocol.
These websites do not encrypt user data and that means that your ISP, any hackers, and any third-parties that might be watching what you are doing online can see everything you are doing.
That means anything you write on the site is publicly visible and any sensitive information you might input (such as credit card details) can be harvested and used.
Malware is a type of malicious software that, once it finds its way onto your device or your network, can spy on your online activity, steal your online data, and damage your devices and accounts.
A key feature of much malware is that it can create a simple backdoor that allows malicious actors to bypass security procedures to access your devices and your data and even remotely take control of your computer.
It can be tough even to know if you have malware on your device. One type of malware, known as a trojan horse, takes its inspiration from the ancient Greek myth and pretends to be a trustworthy piece of software or app.
But once on your device, it can be used to access data, transmit information, and control the device. Because it is pretending to be a legitimate piece of software, it is quite possible that you will unknowingly hand it your passwords and other sensitive information quite willingly.
There is also a different type of malware known as greyware, which does serve a legitimate purpose but will also hoover up your data or compromise your device in other ways.
Malware can get onto your device in all sorts of different ways but usually, it is through human error, such as you clicking on a dodgy link or opening a suspect file attached to an email.
In this guide, we will advise you on the best ways to avoid falling victim to malware and help you to find the best tools to assist you.
Cloud storage has revolutionised the way we store our data and taken away forever the nightmare scenario where a hardware failure ends up costing you crucial work or priceless family photos.
Nowadays, we can store all of our data in the cloud, where it is safe from a hardware blip. But cloud storage means trusting your most sensitive and personal of data to a third-party company. While most cloud storage providers pledge various levels of security, the privacy of your data isn’t always guaranteed.
Most cloud storage firms will have clauses in their terms and conditions which allow them to share your data with government or law enforcement agencies if required to do so. A lot will even do this without the need for a court order.
Other less reputable providers may even harvest data from your files and sell this on for profit to third parties.
Cloud storage is a handy tool as long as you take steps to ensure that everything you put in it is safe and secure. In this guide, we will help you to do exactly that.
The last threat on this list, but in many ways the biggest, is social media.
We would bet with some confidence that everyone reading this guide has at least one social media account. It might be Facebook, Twitter, Instagram, Tik Tok, LinkedIn, or one of the thousands of other platforms that are out there.
You might use these platforms for professional purposes, to pontificate about politics or your favourite football teams latest defeat. You might use it to keep in touch with friends or (increasingly of late) for work purposes.
But one thing you will all be doing is posting personal information on the internet, in the form of data, photos, videos, or other things.
All of this information can be seen by others. Indeed, unless you have made sure your privacy settings are correct, anyone can see them.
You might think this is harmless and perhaps it is. But social media information can give an unerringly accurate impression about your life, your personality, and your interests. When this is combined with other available data, it can help to create a clear and compelling portrait of you as a person.
You don’t have to abandon all social media to prevent this from happening. But you do need to think about how you use it, what information you post, and ensure your settings are tailored to your individual needs.
In this guide, we will help you with this and all of the other threats in this list and give you the tips, techniques, and software you need to protect your online privacy.
Part Two: All About Encryption
There is not one single solution to the problem of online privacy. But there is one technology that plays a pivotal role in protecting it; encryption.
Encryption is a technology that encodes all of your online data to make it impossible for outsiders like hackers and government spies to harvest and read it.
Unless those who intercept your data can crack the encryption, they will just have reams and reams of encoded gibberish. And modern encryption is largely considered to be completely uncrackable.
The sort of encryption that is used in tools like VPNs and the other software we are going to be recommending in this section is of the same standard that national governments and militaries are using.
Before we look at those tools in more detail, it is worth familiarising yourself with the different types of encryption that are out there to fully appreciate how they work and how secure they are:
For a long time, 128-bit encryption was the standard. It was largely considered to be unbreakable. After all, A 128-bit key cipher has 3.4 x10(38) possible keys, which it was thought would take a super-computer around a third of a billion years to crack.
However, Edward Snowden was the man once again who sharpened our understanding of just how misleading this figure could be.
Among the information he revealed was the enormous amount of time and resources that the NSA was throwing at trying to break 128-bit encryption. Experts immediately began to question whether 128-bit encryption was as secure as we had thought.
The concerns about 128-bit encryption resulted in most services looking to upgrade their encryption to a 256-bit key.
The number of years it is estimated would be needed to crack a 256-bit cipher is 3.31 x 10(56) – which is about 13.5 billion years. Not too many of us will be around when that happens.
256-bit AES encryption is the standard found in most VPNs and other encrypted software at the moment.
It is widely perceived as unbreakable and the extent that the NSA and other government agencies have been pushing for backdoors into encrypted communications suggests that they know they aren’t cracking it anytime soon.
The only way that 256-bit encryption is likely to become insecure is when quantum computing becomes a reality. This is a long way off but when it happens, it will change everything.
However, with quantum computing, we can also expect to see the arrival of quantum encryption too. This will mean that just as the power to crack current encryption arrives, so encryption will step up to the next level.
This game of cat and mouse is likely to continue ad Infinitum. But as long as encryption stays ahead of the technology to crack it, it still provides a tool to protect our online privacy.
Is encryption secure?
It is impossible to know for sure the full extent of what intelligence agencies like the NSA and GCHQ in the UK are capable of doing. They are secretive agencies and keep their cards very close to their chest.
But there is no obvious reason for us to believe that either the 256-bit AES encryption or the OpenVPN protocols we see being used by most VPNs are insecure in any way. No doubt both agencies would like to crack them, as would many of their global competitors.
If they had done so, it seems highly unlikely that the news wouldn’t have either leaked or been spotted by now. Neither has happened and this means we can say with some confidence that both these types of encryption are secure.
There is also the ongoing political debate around encryption. The leaders of intelligence and security agencies worldwide have been vocal about the vast problems that encryption causes them.
Many have openly lobbied their governments to require providers of encryption communication to place backdoors in them to allow them to access and read encrypted communications and other data.
It is possible that this is all a front to hide the fact that they have cracked encryption. But the evidence and the basic mathematics behind encryption makes this highly unlikely.
Far more likely is the fact that they are telling the truth and encryption really is stopping them from snooping on what we are doing online far more than they would like.
What is a VPN?
If encryption is the technology to protect your online privacy, then a VPN is the tool to use to deploy it.
The acronym VPN stands for Virtual Private Network. It sounds very complicated and technical but actually, VPNs are extremely simple to use. They basically do three key things.
A VPN redirects all of your internet data through an encrypted tunnel. This encodes all of your data, making it impossible for prying eyes to see what you are doing online.
The majority of VPNs these days use 265-bit AES encryption which, as we have discussed above, is essentially uncrackable.
A VPN also redirects your internet data through an external server before sending it off to its chosen destination. This is crucial for your online privacy because it helps to hide your IP Address.
The term IP Address stands for Internet Protocol Address. But like the VPN acronym, it isn’t something you need to worry about. All you need to know is that it is a unique code that your internet connection tags onto all your internet data.
Your IP Address will tell the websites and services you visit where in the world you are located. To maintain your online privacy, you really need to try and obscure your IP Address.
This is precisely what a VPN does.
It replaces your IP Address with the IP Address of the server your data passes through. These servers can be located anywhere globally, which means a VPN helps to hide your location when you are online.
Lastly, a VPN also stops your Internet Service Provider (ISP) from logging what you are doing online too. Normally, your ISP will monitor what websites you visit and create a log which governments can request to see.
But if you are using a VPN, all your ISP can see is that you are connected to a VPN server.
No further information about the websites you are visiting is available. And because your data is encrypted too, this means they have no record of what you are doing online.
How to choose the best VPN
It is not an exaggeration to say that a VPN is vital to ensuring your online privacy is as protected as possible.
But choosing the best VPN is not as easy as you might think. There are a lot of VPNs on the market and the truth is that some are much better than others.
If privacy is your priority and you are on the lookout for a VPN, our advice would be to seek out a provider that can offer you the following features:
Strong encryption – As we have already discussed, 256-bit AES encryption is the default minimum you should be looking for.
A no user logs guarantee – When you use a VPN, you trust the provider not to collect or store any data about your online usage. The best VPNs offer a no user logs guarantee but only some have had this policy independently verified. It is well worth finding a provider that has.
Kill Switch – A kill switch is a feature that cuts off your internet if your VPN connection goes down. This is important for online privacy because it ensures your data and IP Address can never be inadvertently leaked.
This matters everywhere, especially in countries where there could be serious consequences for doing the wrong thing online.
Apps – We use the internet on all sorts of different devices these days and we need a VPN to protect our privacy on all of them. Make sure that your VPN works on all the devices you use.
The easiest way to do this is to check that they provide a dedicated app. Thankfully, most do.
Servers – A lot of sites flag the number of servers a VPN provider offers. This can be important as the more servers there are, the more options you have. But most important is to ensure that your VPN offers servers in the countries you need them.
Top 5 VPNs for Online Privacy
Here at VPNCompare.co.uk, we have been reviewing VPNs for a long time.
Our team has spent many years applying these core criteria to their assessments of different VPNs and online privacy is always at the forefront of our thoughts.
For this ultimate guide, we have taken a fresh look at all the top VPNs to see which are the best for protecting your online privacy. Here is our rundown of the current top 5:
ExpressVPN has been our Editor’s pick for the best VPNs on the market for a long time now and with good reason. Its combination of top-notch security and privacy protections, as well as the wide range of features offered, makes them a standout choice.
ExpressVPN offers robust 256-bit AES encryption as standard in addition to a wide range of additional security features, including that crucial kill switch.
It also has a no user logs guarantee that guarantees your privacy and hides your online identity. You don’t just have to take their word for it either. They have had this claim verified by PriceWaterhouseCooper (PWC) in a comprehensive independent privacy audit.
Dedicated ExpressVPN apps can be downloaded for Android, Apple iOS, Windows, Mac OS, Amazon Fire TV / Stick, Linux and some select routers. Web-browser extensions for Chrome, Firefox and Safari are available too and, even better, you can connect up to five devices simultaneously.
ExpressVPN has more than 3,000 servers in 94 different countries available to every user. It is one of the few VPNs currently available that works in Communist China and just about every other country without any problems.
As the name suggests, speeds are excellent across this entire network.
The best VPN for online privacy is not the cheapest. But there is a generous 30-day money back guarantee which lets you try their service for a month before committing any money.
And if you sign up now, you can save 49% thanks to our exclusive offer for VPNCompare readers.
Read our full review of ExpressVPN to find out more.
NordVPN is a high profile VPN that also delivers all the security and privacy protections you should be looking for in a VPN.
It offers 256-bit AES encryption as standard and this comes with one of the most comprehensive sets of security features of any VPN we have tested.
Among the features you can choose from are double-hop servers, Tor-over-VPN servers and that essential kill switch. Despite all the security, connection speeds are second-to-none as well.
NordVPN also offers a no user logs guarantee and theirs has also been verified by PWC. It means you can trust NordVPN to protect your data and keep your IP Address private.
There is a vast range of user-friendly NordVPN apps available too, including for Android, iOS, Windows, Mac OS and the Amazon Fire TV Stick devices. These apps work in most countries around the world but NordVPN does still have some problems in China.
You will also get six simultaneous connections with every account, there is a 30-day money-back guarantee, and you can enjoy some of the lowest prices of any VPN.
Read our full review of NordVPN to find out more.
3. CyberGhost VPN
CyberGhost VPN is an established VPN that has made some great improvements to its service over the past couple of years.
At the forefront of this is their excellent app which is ideal for beginners but still offers all the security and privacy protections you will need. There is 256-bit AES encryption as standard and a no user logs guarantee, although it hasn’t been independently verified.
These superb CyberGhost VPN apps can be downloaded onto almost every device, including Android, iOS, Windows, Mac OS, Linux, Routers and the Amazon Fire TV Stick. Even better, there are as many as seven devices allowed to be connected to their service at any one time.
CyberGhost can work in most countries around the world and the connection speeds it offers are good. The pricing structure is very reasonable too and there is also an unbeatable 45-day money back guarantee available.
Read our full review of CyberGhost VPN to find out more.
Not too long ago, IPVanish was one of the very best VPNs on the market. Its stock has fallen a little of late, but it has waned a little since 2018 when a historical law-enforcement case raised concerns over their no logs policy.
But IPVanish has solved that issue and reaffirmed their no user logs guarantee which means they are deserving of a place on this list once more. They also offer robust 256-bit AES encryption as standard to all subscribers and a wide range of excellent additional security features.
IPVanish continues to be renowned for its vast range of apps, including for Windows, Mac OS, Android, Apple iOS, Amazon Fire TV Stick, Linux, and many more devices. Even better, IPVanish now allows unlimited simultaneous connections to every user and their huge server network remains undiminished too.
They have also recently upgraded to a 30-day money back guarantee and alongside some very competitive prices, IPVanish is still a VPN to contend with.
Read our full review of IPVanish to find out more.
VyprVPN is another established name in the VPN industry and its service is built on reliability, security, and privacy.
There was a time when privacy wasn’t VyprVPN’s strong suit. But the VPN market has changed and so too has VyprVPN. In 2018, they upgraded to their current service, which includes an independently verified no user logs guarantee.
VyprVPN offers excellent 256-bit AES encryption as standard too. There are a wide range of security features, including their unique chameleon protocol that can unblock content anywhere and allows you to use VyprVPN in Communist China and any other country around the world.
It also comes with excellent apps for Windows, Mac OS, Android and iOS, impressive connection speeds, and an impressive server network.
Sadly, their once-popular free trial offer is sadly now no more but there is a 30-day money back guarantee available and the pricing remains highly competitive.
Read our full review of VyprVPN to find out more.
Avoid Free VPNs
We are confident that all of the five VPNs detailed above will go a long way to securing your online privacy. Any one of them is a safe bet and there are some other decent options out there too.
But it is vital that you avoid those VPNs that promise much but actually deliver very little. The most important VPNs to give a wide berth to are so-called free VPNs.
No matter how tight money might be for you, free VPNs are simply not worth the risk. Many originate in Communist China and will routinely log your data for the regime there or to sell to anyone willing to pay for it (or even both).
Other free VPNs will come with malware and spyware that can threaten your security and your devices. They might also inject adverts into your browser or other software.
Most free VPNs promise encryption but few will deliver the unbreakable 256-bit encryption you should be looking for.
Some offer no encryption at all.
Many free VPNs come with limitations on the amount of data you can use, which also makes them totally useless for everyday online activity.
Using a free VPN might save you a few dollars a month but the price for this is that your online privacy and security are likely to be fatally compromised.
Far better to choose a premium VPN such as the ones recommended above. They will only set you back a few dollars but will guarantee your online privacy and your peace of mind.
If you have already done some research, it is likely that you have come across some of the most common alternatives to VPNs that are also available.
These tools have their advantages but also come with some significant disadvantages too. Our view is that VPNs offer the best combination of performance and privacy to deliver what most users need.
Here are a few details of the two main alternatives you are likely to have come across if you want to know more.
Tor is another acronym that stands for The Onion Router (again, don’t worry!).
It is a free and open-source tool that helps to anonymise your online activity by redirecting it through a number of nodes.
These nodes are essentially the devices and servers of other Tor users.
By bouncing your data around this network, it makes it far harder for hackers and government spies to monitor your online activity and see what you are doing.
Tor is very effective, but the compromise is in performance.
When you use a VPN, your connection speeds will slow slightly when your data is encrypted. But bouncing your data around the Tor network will have a much more significant impact on your connection speeds.
For experienced users with a top notch connection and state-of-the-art devices, this isn’t a concern. But for everyday users, the impact on speeds will be noticeable and could, on occasion, have a major impact on your performance.
A DNS proxy is a rerouting tool that you can use to change the IP Address that is tagged to your internet data.
It essentially does one part of the job of a VPN by rerouting your data through an external server to change your IP Address and help you to access blocked content.
However, it does not encrypt your data in the way a VPN does and this means it cannot protect your online privacy to anything like the same extent.
DNS servers are great for unblocking content and have the advantage of keeping your connection speeds up which is good for things like streaming and gaming.
But if privacy is your priority, it is a VPN that you need.
All about HTTPS
In the olden days, every website you visited would have had a URL beginning with HTTP.
HTTP is the protocol that internet data communication was built on. But it doesn’t offer any sort of security provision, which means that anyone can view data travelling between your device and an HTTP website.
In recent years, we have seen a growing number of websites using the HTTPS protocol instead.
HTTPS uses the SSL/TLS protocol to encrypt data exchanged between you and the server. It secures this data so it cannot be modified by anyone else and it also authenticates that you are communicating with the intended server.
It is not a silver bullet that solves all online security issues. But there is no doubt that HTTPS has made browsing the web much more secure than it used to be.
A lot of websites that you probably use every day have adopted the HTTPS protocol. This includes sites like Google, Bing, Yahoo!, Facebook, Twitter, eBay, Amazon, Gmail, Yahoo Mail, YouTube, VPNCompare, and many more.
Google and some other search engines have also started to flag websites that do not use the HTTPS protocol and are therefore inherently less secure.
Nowadays, if you click on a link through Google to an HTTP website, you will be told that the website is insecure and asked if you are sure you want to continue.
Using HTTPS Everywhere
It is a good idea to try and use HTTPS websites whenever you possibly can. But this can be easier said than done. If you are honest, you probably don’t check the URL of every website you visit.
That is why the Electronic Frontier Foundation, which we here at VPNCompare.co.uk are proud to have supported, created HTTPS Everywhere.
HTTPS Everywhere comes as a plugin for all the most popular browsers on your desktop or mobile device. It even comes inbuilt in a number of security-conscious browsers such as Brave and the Tor browser.
This simple plugin ensures that every time you visit a website, you are directed to the secure HTTPS version of the site when available rather than the insecure HTTP version.
It will help to ensure that you spend far less time on HTTP sites than might otherwise be the case and that you are therefore more secure when using the internet.
Using Let’s Encrypt to secure your own website
If you have a website of your own, it is a good idea to ensure that it is protected with the HTTPS protocol. Most web hosting sites will offer an option to secure your site with HTTPS, but there will usually be an additional cost involved.
However, there is a free alternative.
Let’s Encrypt is an automated, open Certificate Authority (CA) that is entirely free and created entirely to benefit its users.
It provides users with the digital certificates necessary for enabling HTTPS on their websites for free. If that sounds complicated, don’t worry. Let’s Encrypt has been designed to be as user friendly as possible to encourage everyone to use it regardless of their technical abilities.
The whole point is to create a more secure, privacy-respecting Internet for everyone and Lets Encrypt does a fantastic job of that.
If you do have your own website and it isn’t already secured with HTTPS, take a look at their website today and you could join the 225 million websites that have already been secured with Lets Encrypt.
Again, we rate what Let’s Encrypt do so highly, we have financially contributed to their cause.
End-to-End Encryption: What it is, why it matters
End-to-End encryption is the most secure type of encryption to use for communication. This is because end-to-end encryption not only secures all of your data but it leaves you in control of the keys to unlock it.
Some encrypted services leave the provider in control of the key and this means that they can, in some circumstances such as a legal request, unlock your data and provide it to the authorities.
Microsoft’s OneDrive is just one example of a service like this.
But with end-to-end encryption, the only person who can open and access your communications is the intended recipient. Even the provider of the service cannot see what information you are sending.
It is always advisable to opt for services that offer end-to-end encryption if they are available since this extra control over your encryption offers you increased security.
Encrypted services where the provider holds the key are better than no encryption at all, but end-to-end encryption is always preferable.
Best Encrypted Messenger Services
If you have come across end-to-end encryption before, it is likely to be when looking at encrypted messenger services.
Online messengers are increasingly the way that we keep in touch with family and friends as well as communicating with work colleagues and clients. They have rapidly become an essential part of our online world.
Yet while some deploy end-to-end encryption to ensure that users communication are secure and private, others do not.
Given the sensitive and confidential nature of what a lot of us use online messengers for, it is a very good idea to use an end-to-end encrypted online messenger service whenever possible.
If you are wondering which messengers are the most secure, here is a run-down of our recommended top 5:
Signal is a free, secure, and encrypted messenger service that is used by millions of people throughout the world.
It is the only messenger we know of that has its privacy-preserving technology always switched on by default. This means there is never a risk of data leaking or messages being sent to the wrong person for Signal users.
Signal has a texting and voice-calling service that is secured using that essential end-to-end encryption we discussed in the previous section.
Users can choose from different disappearing message intervals for each conversation they have saved and Signal is also open source which means the coding is robust and closely scrutinised.
Even better, Signal comes with no adverts, no users logs as standard, no tracking, and not even Signal can see what your messages and data contains.
Signal is quite simply the best encrypted messenger service around and comes highly recommended, not least because it is entirely free.
If Signal ranks number one, then Telegram is the service that runs it a close second.
Telegram made headlines in recent years over its battle to stay available in Russia (where it originates) despite pressure from the Putin regime to block it.
It comes with end-to-end encryption on texts, group chats, voice calls and a wide range of extra security options, including self-destructing messages, files, photos, and videos.
There is also a secret chats option that forces your contacts app to delete messages if you want to.
Telegram has recently added video calls to its burgeoning roster of features too. This has been one of the most requested features for years and has been widely welcomed by existing users.
Like Signal, Telegram is entirely free to use and already has millions of users across the world. There is no advertising and few limitations on what you can do. Users can even send documents and files of any size for free – a great encrypted messenger.
Wire is less well known than the first two encrypted messengers on this list but is still one of the few services that use an encrypted mode to protect your calls and messages by default.
Even better, it uses a new encryption key for every message. This is great because it means the chances of its encryption being compromised is extremely low.
Wire is open-source, which means its coding is tight and more secure than most and it also claims to be the most publicly audited collaboration and communication software on the market.
Wire is free for individual users but if you want a business account, there is a charge for that. It is still fairly reasonable, though.
Compared to Signal and Telegram, Wire only has a fairly modest hundreds of thousands of users at the moment. But this arguably makes it less of a target for hackers and government agents and therefore a more secure and private option than its better-known rivals.
You have almost certainly heard of WhatsApp already and are quite likely to be a user too. If so, you will know that it is an encrypted messenger service like the others on this list.
But it was not designed as such and chose to adopt end-to-end encryption a few years back. This made it a lot more popular with users and a lot less popular with governments and law enforcement agencies.
WhatsApp uses end-to-end encryption, which means that even WhatsApp and its owners Facebook cannot see the content of your messages. One flaw is that it does back-up content on unencrypted storage sites by default, but you can change this setting manually if you choose to.
The ownership of Facebook, a corporation that has made billions from exploiting user data, is also a concern. Exactly how it makes money out of WhatsApp is not entirely clear but don’t doubt for a moment that it does.
WhatsApp’s broad usage and secure encryption make it a good option for privacy-conscious users, but we are a lot more cautious with this tool than the three that preceded it in this list.
Viber is a messenger that offers encrypted voice and video calls as well as a strong voice and text message and file-sharing service. It is owned by the Japanese media company Rakuten.
It is important to note that encrypting these services is not enabled by default, so you will have to ensure you have switched it all on. You will also need to make sure your contacts have done the same too.
This is not ideal, but it is relatively easy to make sure things are set up correctly. Viber even uses a helpful colour-coding traffic-light system to show you the level of encryption you are currently using.
Viber has several other privacy-friendly features, including auto-delete messages and trusted contact verification. It claims to have more than a billion users worldwide and its apps are certainly well-designed and user-friendly.
Well worth considering if the other four options don’t suit your needs.
Best Encrypted Email
Email is still by some distance the most common form of online communication, even though its use is beginning to be usurped by instant messengers and social media.
Most people use household email services such as Gmail, Yahoo!, and Outlook and give little thought to how secure these communications are.
The fact is that they are not very secure at all.
Emails sent and received by these services are not encrypted and most providers will store the contents of your emails on servers with little or no security measures in place beyond the most basic provisions.
Providers like Google and Microsoft will also routinely hand over the contents of your email to law enforcement agencies if requested to do so.
In other words, if you want your emails to be private, the email service you are using at the moment is almost certainly not up to the task.
But there are email services out there that can let you send emails that are encrypted and private.
These email providers offer services that are focused on the needs of the user rather than their shareholders.
However, it is essential to note that an email is only as secure as the setup at both ends. If you are sending an email from your secure provider to a Gmail account, the contents of it will still be accessible from the recipient’s device and account.
That’s why genuinely privacy-conscious people tend to use end-to-end encrypted messenger services to send private and sensitive content. But if you want an encrypted email provider, here are our pick of the top 5 providers:
- Complete end-to-end encryption
- Swiss-based where local privacy laws are excellent
- No IP logs
- Free to use
- Limit of 150 messages a day on the free plan
- Costly to upgrade
Not only is this email service secure and encrypted but it is also free to use as well, provided you can live within the pre-set limitations.
The main limitation is that the free version of ProtonMail only allows you to send 150 messages per day and offers a 500 MB-large storage.
That will be more than enough for many people but if you need more, you can upgrade to their Plus, Visionary, or Business plans. These are not especially cheap but do offer an excellent service.
ProtonMail is an open-source email service which means its coding is robust. It can be used on any computer or mobile device and employs end-to-end encryption that cannot be cracked, which means all the data you send is secure and protected.
ProtonMail is easy to use and its encryption is sound – an excellent and secure option.
- Complete end-to-end encryption
- Apps for iOS, Windows, Android, and Amazon
- Affordable upgrades
- Based in a five-eyes country; Germany
- Only 1GB of storage and one email account allowed on the free plan
Tutanota is a German-based encrypted email provider that is quite similar to ProtonMail in both design and the security provisions it offers.
It uses end-to-end encryption on all email and other communications within the service and no one apart from you will have the encryption key.
This means that if you are sending an encrypted email to an account from another provider, you can send the decryption key to the receiver to enable them to view the message for added security.
Tutanova is easy to use and offers several domains, custom folders, attachments, and more as well as the standard service.
There is a free version which is fine but is limited to just 100 emails a day and 1GB of storage. Like ProtonMail, this will be sufficient for many but there is an option to upgrade for a reasonable price to benefit from unlimited messages and 1TB of storage.
- Login via a USB security dongle
- Uses diskless data servers
- Full security transparency
- Lots of Features
- One week free trial
- Slightly dated interface and design
CounterMail is a Swedish encrypted email provider that is serious about privacy. It only stores content on fully encrypted servers and all of these are located in Sweden, which has some of the most privacy-friendly laws globally.
Even better, all of these servers are run from CD-ROMs only, with no hard disks involved, which helps to prevent leaks.
CounterMail has plenty of additional features such as options to modify many account settings, create forms, filter emails, and more. It uses anonymous email headers and you can use it either in a browser or an iOS app.
If there is one downside to CounterMail, it is that the interface is a bit dated and tired. As a result, it is not the most user-friendly of services, especially if you are a beginner.
It is also not free, but you do have the option of a very limited, week-long free trial. Other than that you will have to pay, but if you need high-security encrypted email with plenty of features, CounterMail is still a good option.
- 256-bit AES end-to-end encryption as standard
- Belgium-based with strong local data-protection laws
- Affordable upgrades
- Small storage space
- Not open source
Mailfence is probably the best known encrypted email service aside from ProtonMail.
It offers a strong focus on security with end-to-end encryption used as standard. You can choose your own email address and opt to use your own domain or a Mailfence address if you want an anonymous account.
Mailfence offers a free service but this only comes with a 200MB storage limit, which can quickly fill up. If you need more, there are paid-for accounts available too at fairly reasonable prices.
On the downside, Mailfence is not open source which does mean it is less secure and private. Its servers are also located in Belgium, which is both part of the EU and has links to the five-eyes group of countries that share intelligence data.
- Very user-friendly
- Encrypted with OpenPGP encryption
- 14-day free trial available
- No macOS app offered yet
- Based in Canada which has dated privacy laws
Hushmail is also a long-standing and well-known service that definitely warrants a place on this list.
It offers a fully-encrypted email service that can send secure emails both to other HushMail users and others who use different services.
Hushmail has a very user-friendly set-up and offers a 14-day free trial for you to get used to it and put it through its paces. After that, you will need to pay but prices are fairly reasonable.
Perhaps the biggest downside for Hushmail users is that there is currently no macOS app available. It is also based in Canada, a five-eyes country with somewhat outdated privacy laws, which could cause users problems in the long run.
Best Encrypted Cloud Storage
Cloud storage has revolutionised the way we store our data.
No longer do we have to worry about a broken down laptop or a damaged USB key resulting in the loss of vital work documents or treasured family photos.
Instead, we can store things in the cloud, where they are backed up on multiple servers and can be accessed from any device.
But if you are storing data that you want to be kept private, how much trust can you place in cloud storage providers?
It won’t surprise you to learn that, given the most popular cloud storage solutions are provided by the likes of Google (G-Drive) and Microsoft (OneDrive), the answer is not very much.
It is a good idea to check the small print of any cloud storage service you plan to use. This will tell you who can access files stored in online and cloud storage folders.
The details might surprise you.
A lot of cloud storage solutions, such as Google Drive, permit themselves to provide access to the content of the files you store to law enforcement agencies on request and sometimes even third-party companies.
If privacy matters to you, these cloud storage providers should be avoided since they cannot protect your documents and your data.
You should also be very cautious about automatic backup software such as Apple’s iCloud.
This type of backup is also usually not secure or encrypted. It can automatically back up your sensitive documents in a way that makes them vulnerable to hackers and is, therefore, best avoided too.
If you are going to back up your documents in the cloud and you want them to be private and secure, they must be encrypted.
One way to do this is to encrypt your files on your devices before uploading them onto a standard cloud storage service. But a much simpler and less time-consuming way to ensure all your documents are encrypted is to use a cloud storage provider that automatically encrypts everything you upload.
There are a number of cloud storage solutions and back-up tools that can do this. Here is our rundown of the top five:
Sync.com is a zero-knowledge cloud service that offers its users strong encryption, robust security, and a large free storage provision too.
It uses 256-bit AES encryption to secure all stored files. Unlike some other encrypted storage solutions, it also protects files in transit using the TLS protocol, which is excellent and means your files should never be vulnerable.
You can get up to 5GB of storage absolutely free and you can increase this by 1GB for each friend you refer to the service up to a maximum of 20GB for free.
If you don’t mind paying, you can go as large as 4TB of storage for as little as US$15 a month.
Sync.com offer a high-security, low-cost cloud storage solution that protects the privacy and security of your data.
pCloud is another secure cloud storage services around at the moment.
It also uses 256-bit AES encryption as standard and also uses the same TLS protocol to protect your files and data when they are on the move.
pCloud is also a zero-knowledge service which means it can’t access any of your files or data. But to benefit from this, you do need to be a paid subscriber.
There is a free plan available with pCloud that gives you a huge 10GB of storage for free (not zero knowledge) and again you can add 1GB for every friend you refer.
The premium price plans are priced similarly to Sync.com with up to 2TB of storage available for just over US$8.
pCloud also offers a lifetime subscription option, but we generally suggest you steer clear of these since you never know what the future may hold, either for pCloud or for you.
Tresorit is another secure cloud storage option that uses 256-bit AES encryption and the TLS protocol for moving files, meaning it offers excellent data privacy.
In addition to this, it also offers several additional security features like two-factor authentication (more on this below) and strong encryption keys.
Tresorit is more expensive than the other cloud storage options on this list.
Its cheapest subscription offer being a shade off US$10 for 500GB of storage. A 2.5TB capacity will set you back close to US$24 a month. There is a free service that offers just 5GB of storage which is worth a try if that’s enough for you.
More expensive it may be, but the old saying that you get what you pay for is as true in cloud storage as anywhere else, and Tresorit is an excellent option for privacy-conscious users.
You might be surprised to find that Microsoft OneDrive makes it onto our list of recommended providers, but there is no denying that it will encrypt all your documents with 256-bit AES encryption. It even uses the TLS protocol for file transfers too.
The reason it hasn’t appeared higher up our list is that this is not a zero knowledge service. Microsoft holds the encryption keys and if they receive a request by law enforcement agencies, they will permit them to access your data.
OneDrive has a free plan that offers 5GB of storage, and other storage plans are available at incremental prices. If you have a Microsoft Office subscription, you will benefit from 1TB of storage inclusive.
OneDrive is a very user-friendly service with great apps. But it is run by one of the big tech companies and they hold the key to your data. It depends on how much privacy matters as to how much you are willing to trust them with your private documents and data.
SpiderOak is another secure and encrypted cloud storage provider. In fact, this one offers something extra.
As well as being equipped with 256-bit AES encryption, SpiderOak will encrypt your data even before it leaves your device to make sure it is safe and private.
Files in transit are encrypted using SSL protocol with SpiderOak for added security. This provider not only doesn’t collect your file metadata, but it also uses a secure sync folder called ’hive’ for syncing files.
If there is a downside to SpiderOak, it is that it doesn’t offer a free plan. But prices are reasonable with 400GB of storage starting from just US$11 a month and 2TB costing only US$14 a month.
Best Password Managers
One of the most common ways your online privacy can be compromised is by cracking your password. For a lot of us, this can be far easier than you might think.
Not only are simple passwords like ‘password’, ‘qwerty’, and ‘123456’ still commonplace, but so too are simple to guess (or crack) passwords like birthdays, names of our children or partners, or our favourite band/football team/renaissance poet.
There is no lack of guidance and advice out there on password best practice, but the core recommendations that all these guides make can be boiled down to a few simple bullet points:
- Don’t use weak passwords – If it’s too simple or easy to guess (like the ones we suggest above), someone probably will.
- Don’t repeat passwords – If you have the same password on multiple accounts, hackers only need to crack one password to access all your accounts.
- Change passwords regularly – If you regularly change your password, even if it is compromised, the hacker won’t be able to access your account for long.
- Don’t write passwords down – It’s easy to lose the list or get it stolen and suddenly all of your accounts are compromised in one go.
If you want some advice on choosing a password that is hard to crack, there are two main options open to you:
Random character combinations
This is the most common method used by most people to create a secure password. It involves choosing a random selection of upper and lower case letters, numbers, and keyboard symbols.
An ideal password will contain all of these in random order with no obvious words or phrases included.
Passwords created using this method are undoubtedly secure. Still, they are also impossible for most people to remember, especially given that you probably have dozens of different passwords to keep track of.
A more recently developed password method that is statistically just as difficult to crack is using three random words together. These words should be unrelated in any obvious way and avoid any personal details.
You can also choose to mix up upper and lower case letters, numbers, and symbols if you wish. This will make them harder to crack but could also mean they are harder to remember too.
If you are not confident about remembering passwords made using either of these methods but are still determined to ensure your online privacy, there is another option; a password manager.
A password manager is a simple tool that can remember all of your online passwords for you and store them securely on an encrypted database. To access all of these passwords, all you need to remember is a single master password.
Just about everyone can manage one password.
Password managers are straightforward to use but despite this, a recent survey showed that just 23% of people online currently use a password manager.
A password manager can also help you to generate randomised and secure passwords for your accounts, auto-fill websites and app logins to save you having to type passwords in and remind you to change your passwords regularly.
The very best password managers will not be able to access any of your password data either. Instead, they will use encryption that is just as unbreakable as the top VPNs.
If you are wondering which password managers are the best, here is a quick rundown of our top 5:
LastPass is the best-known password manager on the market and still one of the best.
It allows you to store all your passwords securely and also keep things other sensitive details like your credit card numbers and online banking login details securely too.
There is a superb autofill feature that can be used with almost every website and app and saves plenty of time when logging into accounts.
LastPass will also help you to generate robust and unique passwords, set reminders to renew these on a regular basis and tell you if you have repeated any passwords. You can even add notes and comments to different websites and passwords in your locker.
You can use LastPass with Windows, Mac, iOS, and Android devices thanks to its excellent range of apps that are really well designed and user-friendly.
LastPass deploys high-quality encryption and there is even a decent free version available. There are some limitations to this but don’t worry, the paid-for version is still very affordable.
DashLane is another high-profile password manager that can store all of your passwords securely and recover them fast. Like LastPass, it can auto-fill passwords into any website or app, generate secure passwords for you or request, and remind you to change passwords regularly.
It is available on Windows, Mac, iOS, Android and Linux devices and its apps look fantastic and are really simple to use.
One DashLane feature not found on other password managers is its ability to search the Dark Web (where many criminals and hackers often operate) to see if your password is being sold there and has therefore presumably been hacked. Dashlane will warn you and help you to reset passwords.
Dashlane is also available for free, but like LastPass, if you want to take advantage of all the features, you will need to upgrade to their premium version.
Another excellent password manager is 1Password. This can remember all of your passwords for you, help you to you log into any websites or app with a single click, and generate new passwords for you.
1Password has several neat bonus features, including as Two-Factor Authentication (more on this below) and other authenticator tools. These more advanced features are optional but a nice addition for more experienced users.
There is a free trial of 1Password available and apps for all the major devices. These are well designed and overall, this is a user-friendly service suitable for beginners or more advanced users.
KeePassXC is another superb password manager but this one is definitely more suited for experienced computer users.
As well as all the usual password manager security features, KeyPassXC also allows you to self-host your password database. This means you don’t have to trust your Password Manager to keep the database safe for you, it is stored on your device and only you can access it.
This is a great additional security feature for privacy-conscious users, but it makes things more complicated and less user-friendly, which will put off beginners. But if you are up to the challenge, KeyPassXC is a terrific privacy-friendly password manager tool.
Password Boss is a cloud storage-based Password Manager which is one of the most secure password managers on the market at the moment.
It is hugely popular and comes with all the main features that you would expect of a high-end password manager.
As a cloud-based password manager, Password Boss stores all of your passwords in a secure cloud storage facility.
This means you can access them from anywhere and from a security point of view, it also means your passwords are never stored on a single server or device where they could be susceptible to hackers.
Password Boss is packed with advanced features but still manages to keep things simple and user-friendly. A great choice and excellent value for money.
Two Factor Authentication
We have talked a few times in the guide about two factor authentication, so it is worth digging a little deeper into what exactly this means.
Two Factor Authentication is a security technique that adds another layer of security on top of your usual password or login details. It means that if your password is cracked or compromised somehow, a hacker still will not be able to access your account.
This is because the login is dependent on another form of verification.
This usually takes the form of a separate one-time code being sent to your registered smartphone or email address. Sometimes it can require a specific physical device that can generate a one-time login code.
Without access to your chosen device, you will not be able to know this code and will therefore not be able to access your accounts.
Most online accounts these days will offer some form of Two Factor Authentication.
Apart from really sensitive things like bank accounts, it will not be switched on by default and you will have to opt in. But this is usually very simple to do and if you have an account that holds personal information, it is highly advisable.
The most common form of two factor authentication is to register a smartphone number with your online account. This will be sent a one-off code, usually via an SMS message, which you have to enter as part of the log-in process.
Some accounts will offer a similar service via email.
There are two other common types of two-factor authentication you might come across as well:
Physical keys such as the YubiKey will automatically generate a one-time code when you want to log into a site you have registered the key with. This code will need to be entered together with your password to log into an account.
Physical keys are much more secure than SMS messages but the big downside is the inconvenience. You will always have to have the physical key in your possession to be able to log into an account. If you forget it or lose it, you can’t log in.
On the upside, these physical keys are very portable and can often be used just like a keyring. Plus, they undoubtedly do keep your accounts far more secure and private.
Biometric identification is increasingly common on devices and some online accounts too. It is however a bit of a privacy dilemma.
Biometric ID means identifying a user using one of their own physical features such as a fingerprint, facial recognition, a retina scan, or voice recognition. These are features that are hard to replicate and there is therefore no denying that biometric ID makes your accounts and devices more secure.
But it does come with a significant privacy dilemma.
Biometric ID requires you to trust the service provider with some unique and irreplaceable biological data.
If that data is compromised, it is not something you can just reset. But biometric identification could help to stop hackers and government spies from accessing your accounts and if you are comfortable with the pay-off, it is undeniably effective.
Part Three: How to stay private online
In the previous section of this guide, we took a detailed look at encryption which is the absolute bedrock of online privacy.
So, if you were to ask us the question ‘How can I stay private online’ the first thing we would say is that you should do everything you can to ensure that as much of your online activity is encrypted as possible.
To do this, sign up for a VPN, use encrypted messenger services and email providers, and make sure your passwords are stored on an encrypted password manager.
This will go a long way to protecting your online privacy. But it is not the solution to absolutely every online privacy threat there is out there.
There is no point encrypting all of your online data if you are then going to willingly post your online information on websites or social media outlets that are open about the fact that they vacuum up this data and make it available to others.
As well as using encrypted service providers, you also need to think long and hard about which websites and online services you are using and how you use them.
If privacy matters, you have to do some due diligence before trusting a site with your private information.
Everyone’s online habits are different and it is impossible for us to go through every possible risk in this guide. But in this section, we are going to take a closer look at some of the biggest online privacy threats there are out there that even encrypted tools like the ones already recommended cannot help you with.
Don’t worry. As well as discussing how these websites and services pose a threat, we will also make some more recommendation for secure and privacy-friendly alternatives:
Internet Browser and Website Data Sharing
The vast majority of internet users stick to a small number of popular internet browsers. Google Chrome accounts for more than half of the world’s online browser users, with Apple’s Safari a distant second.
Microsoft’s Internet Explorer (IE) used to dominate this space, but even when you combine the users of IE and its replacement Edge, it is still only the third most popular these days.
What’s the one thing that these three internet browsers have in common?
They are all owned and operated by big tech companies which generate much of their income from processing user data.
As such, all of these browsers are inherently insecure because the operators are focused on driving profit for their shareholders by exploiting the data of their users.
This is not a problem limited to web browsers. It is also a problem with search engines and many other websites.
If we look at a list of the most popular search engines, a similar pattern emerges. Google once again dominates with around 75% of the market share. Microsoft’s Bing is the next recognised search engine on the list, but actually, more people run searches on YouTube (owned by Google) and Amazon than them.
Whichever you use, all of these sites are still owned by big tech companies which drive profits from the data of their users.
But with people becoming more and more privacy-conscious these days, the market for privacy-friendly alternatives to these popular sites is hotting up.
If you want to keep your online data private and stop the likes of Google and Microsoft profiting from it, there are some great alternatives on the market. Here is a rundown of our favourites:
Top 5 Privacy-Friendly Web Browsers
Brave is a privacy-friendly web browser developed by a former Mozilla Firefox staffer. It is an open-source Chromium-based browser that blocks ads and trackers by default.
It also protects against browser fingerprinting, upgrades all links to the most secure possible connection using HTTPS Everywhere, and features a built-in script blocker. Recently, Brave has added an advertising programme of its own which is a pity.
Purists have been critical of this but it doesn’t take away from the many privacy-friendly features that are available and Brave is still one of the best browsers around for privacy-conscious internet users.
The Iridium browser is also built on Chromium and it can support Google Chrome extensions which is a big attraction for many users.
However, despite this, Iridium is still built with privacy at the forefront of their thoughts and it is packed with a wide range of security and privacy enhancements.
These include things like blocking cookies by default and not logging any user activity.
Iridium is open-source, which means its code can be closely scrutinised. This means it is tightly written and has minimal vulnerabilities. It is very user-friendly too – another good choice.
Ungoogled Chromium browser
This browser may not have the catchiest of names but it is built with privacy in mind. As the name suggests, it is built once again on Chromium but with all the Google features like logging data and personalising ads removed.
The concept was to build a privacy-focused browser that served as a version of Google Chrome without the nasty bits.
It certainly succeeds in that and it has also removed the dependency on Google Web Services and added some tweaks to enhance user privacy, transparency, and control too.
What you end up with is a really nice browser that delivers all the positive points that Google Chrome can offer without the downsides – highly recommended.
GNU IceCat browser
GNU IceCat is built on the Firefox browser from Mozilla, which is probably the most privacy-friendly of the mainstream browsers on the market right now.
This one has gone even further though making a number of tweaks to enhance privacy even more. There are some extra privacy-enhancing add-ons thrown in too.
These include LibreJS, HTTPS-Everywhere, SpyBlock, AboutIceCat, and fingerprinting countermeasures, all included as standard.
GNU IceCat is a high-quality and privacy-friendly internet browser well worth trying.
Pale Moon is another fork from Mozilla Firefox that has built a fantastic privacy-friendly browser on a substantial base.
Pale Moon comes with high levels of customisability and can even support Firefox addons as well as its own ones too.
If we are being very harsh, the design of Pale Moon is a little dated but on the plus side, it is very lightweight and fast and the high level of customisability makes it a big favourite with more advanced users.
From a privacy perspective, this means that you can set the privacy settings to suit your needs and adjust them according to what you are doing.
But that also means that some privacy features are not enabled by default, so you will have to set things up manually.
Top 5 Privacy-Friendly Search Engines
Metager is a German-built metasearch engine that is designed to compile results from other search engines like Bing, Yandex, and Yahoo. It also has its own web crawler to generate unique results.
When a link it generates comes from another browser, Metager will tell you on the results page. This is a very user-friendly tool that is open-source and includes a number of neat features such as letting you search results by date or language.
The reason Metager tops this list is because it automatically converts your search requests into anonymous queries through a proxy server. It will truncate your IP address when you are using it too and there are no cookies or other tracking tools used at any point.
It’s not perfect. Metager does retain a small amount of data but its policies are clear that this is deleted after 96 hours. Free users will get some adverts, but if you don’t mind paying, you can use Metager ad-free.
Searx is another metasearch engine that works similarly to Metager.
It too compiles results from other search engines but Searx includes Google on its list. Google doesn’t like this at all, which means Searx is actually blocked on Google as a result.
Searx is a highly customisable browser. It lets you choose which search engines you want it to scrape results from and you can sort the results by a variety of different categories.
It uses public instances, which can have privacy implications because anyone can theoretically set up one of these and log user data passing through it.
Such an occurrence is extremely unlikely though and Searx is by and large an extremely privacy-friendly search engine. It is also open source which means it is pretty secure too.
Qwant is a French search engine that primarily sources its results from Bing.
Don’t let that put you off though because this is a very privacy-friendly option. Qwant guarantees no user tracking and it doesn’t use any cookies.
There are some excellent search filter options and you can even filter results by different categories like images, websites, news, and social media posts.
The Qwant homepage includes news stories, trending people, events, and interest stories which may or may not be a useful feature depending on what you want from a search engine.
Qwant is already one of the top 50 most used websites in France and its global audience is growing all the time. An excellent privacy-friendly option.
DuckDuckGo is probably the best known privacy-friendly search engine around.
It is based in the USA and generates its results from more than 400 different online sources, including Wikipedia, Bing, Yandex, and Yahoo. It has a particularly close relationship with the latter.
This is not ideal by any means but they are adamant this data is not identifiable because DuckDuckGo “does not store IP addresses or unique user agent strings.”
It is the main reason DuckDuckGo is not higher up this list though. Collecting such data and the lack of transparency about how it is used is not what anyone wants from a privacy-friendly search engine.
Startpage was, until relatively recently, the top recommended privacy-focused search engine on the market.
It used to be Dutch-based and had no tracking, no storage of user data, and a great record of generating accurate results.
But recently, StartPage was acquired by a US company called System1 and now there are significant concerns about this company operates, how it generates its profits, and how it is using StartPage.
An analysis of other aspects of the business and its previous business operations suggests that it makes most of its money by harvesting and selling data and profiling the users of its various websites.
Given this track record, it is little wonder that the reputation of StartPage has nose-dived as a result. It is now impossible to verify the level of privacy StartPage is now able to offer its users.
The way that the new ownership has been hushed up and hidden from users doesn’t bode well either. On the face of it, StartPage remains a great privacy-friendly search engine. But if you asked us whether we would recommend using it and we would have to be honest and say we have serious reservations.
On the face of it, you might think that Malware is a security issue rather than a privacy one. But actually, the two things go hand in hand and malware is often used by hackers and governments that want to spy on what you are doing and access your personal information.
Malware can take many forms. Broadly speaking, it is a small piece of malicious software that, once installed on your device, is able to access all your data, send it back to the hacker, or even allow them to access and control your device remotely.
It is effortless to operate malware. The hard part is getting that software onto your device. This can be done in various ways.
The most common is probably phishing, a type of scam most often carried out via email, where you are tricked into downloading the file yourself or clicking on a link to a website that automatically does the job for you.
Another common method is bundling.
When you download software or files from an unreliable source, malware can be bundled together with it and installed on your device without your knowledge. We have already referenced this earlier in the guide when looking at the risks associated with free VPNs.
It can be easy for even the most experienced of internet users to fall victim to malware, which is why it is so important that you have anti-virus software installed and running on your system.
This software will scan for and identify malware and stop it from being installed and executing on your device. As long as you keep this software up to date with the latest definitions, there is no reason why it cannot protect you from all but the most sophisticated of malware.
Top 5 Antivirus
So, which anti-virus software should you use? Here are our top 5 recommendations:
Bitdefender Antivirus is the best anti-virus programme on the market currently. It is regularly updated with the latest malware definitions to enable it to tackle all the latest online threats.
Bitdefender Antivirus is very simple to use.
The free version allows users to install the software and then leave it running and updating in the background. For those who want a more powerful tool, you can choose to upgrade to the paid-for version Bitdefender Antivirus Plus, which is even more secure and extremely reasonably priced.
Both versions have plenty of features but the free version only allows you to protect a limited number of devices. Bitdefender Antivirus plus lets you protect up to 10 devices simultaneously, but unfortunately, this only applies to Windows and Mac devices at the moment.
Bitdefender can protect mobile devices too, but you will need to opt for the even more comprehensive (and slightly more expensive) Bitdefender Total Security programme for that.
Avast is the best known free antivirus programme on the market at the moment. It is lightweight, meaning it takes up a minimal amount of space on your device. But it still offers a powerful and effective anti-virus tool for keeping your devices safe and secure from malware.
The free version is fine and comes with neat apps for all the most popular devices.
If you want more, you can choose to pay a little more and upgrade to the Avast Premium Security programme. This comes with various other bits of Avast software, including their very average VPN.
We wouldn’t recommend using this since it is not as privacy-friendly as the best VPNs, which we have suggested above.
But the increased level of anti-virus protection offered by the Premium Security tool is great for those who find online privacy is crucial to them.
Norton Antivirus Plus
Norton Antivirus has been around for years and is still one of the best anti-virus tools on the market.
Norton Antivirus Plus is their latest package and offers a vast range of virus definitions that are updated regularly.
The Norton interface is not the best design you will find and, if we are honest, it is not the most user-friendly of tools either, but you will get used to it in the end.
There is no free version of this tool available but the prices are affordable. Sadly, it doesn’t protect multiple devices, so you either need to buy a new subscription for each of your devices or choose a different provider.
Trend Micro Antivirus+
Trend Micro is another anti-virus software provider that has built its reputation over a number of years. This experience really shows in their latest Antivirus+ tool.
This software comes highly recommended by security experts and the levels of protection it offers are definitely impressive. It will undeniably provide you with comprehensive protection and there are regular updates.
If there is a downside to Trend Micro Antivirus+, it is that the software is fairly resource-intensive. This means it can slow some devices down and it is not a good choice if you are running an older devices or a cheaper one.
As well as the basic anti-virus tool, Trend Micro also offers a premium programme called Internet Security and Maximum Security. This is more expensive but does offer a much broader range of features and is similarly impressive.
The Sophos Home anti-virus programme allows users to protect up to ten devices at any one time, which means you can keep all of your devices safe with a single subscription.
It is also a highly user-friendly tool with a simple interface and a great design. If you are a novice, Sophos Home is a great choice for you.
If we are honest, its anti-virus capabilities are not quite up to the standards of some of the other tools on this list. But it does do the basics well, even if more advanced features are a little lacking.
A free version of Sophos Home is available that will be more than sufficient for most people. However, if you want more robust protection, Sophos Home Premium is priced reasonably and does come with a few more bells and whistles.
Downloading – Best Practice
A good anti-virus tool should tell you if you are inadvertently downloading malware or anything that could harm your devices or compromise your online privacy.
But even the top anti-virus tools can’t be 100% reliable, so it is important not to rely solely on them to keep yourself safe and private online.
We would recommend all internet users follow a number of simple rules to minimise the risk of downloading malware, flawed apps, or anything else they don’t want to.
Apps – Don’t download apps from unofficial sites. Our advice for VPN users is to only download VPN apps from either the official app store or the website of the VPN provider.
This advice can be expanded to all apps; the official website or your devices’ app store are the only places to download from. Anywhere else, and you just don’t know exactly what it is you are downloading.
Check websites before downloading – A common trick of hackers is to set up a website that is identical to the official one but has a slightly different URL.
Once they lure you in, they will try to get you to download fake apps or enter information. Check your website URLs carefully before doing either and ideally, make sure the site is using HTTPS too.
Email Downloads – If you have received an email from an unknown source and it wants you to click on a link or download something, the simple rule is ‘don’t’.
This is one of the most common tricks to download malware onto your device. Don’t fall for it. Never download from an email or click on a link unless you are 100% certain who it has come from.
If in doubt, don’t – If you have any doubt about a download or a link at all, don’t take the risk. Instead, check with the company or the provider first, do your research, and be cautious.
The risks you can be exposed to if you make the wrong decision can be huge, so don’t download anything unless you are certain it is genuine.
Making online payments privately and securely
One of the things hackers are most keen to get their hands on, and most people are eager to keep private, is financial details. But as we are making more and more financial transactions online and even managing our banking online too, the risks have never been higher.
But just because there are risks doesn’t mean you shouldn’t buy things online and use online banking services. All you have to do is make sure you are taking the proper steps to protect yourself and keep your financial information private.
There are some simple tips you can follow to help you keep online payments and financial information private:
Check websites are legitimate – As noted in our previous section, hackers like to use fake websites that look identical to the real ones to lure people into handing over payment information.
Check the websites of your online bank and retailer carefully to ensure it is the genuine one and not a scam.
Check retailer is legitimate – It is not unknown for hackers to set up online retail operations to lure people into handing over information. If you are buying something from a retailer you are not familiar with, do some research first to make sure they are legitimate.
Make sure websites are secure – Any online retailer worth doing business with should have both a secure website and secure payment methods. This means it should be encrypted.
Check for the HTTPS URL and look for the padlock in the address bar. If it is missing, the best advice is not to enter your details.
Use a Credit Card – In the UK, credit cards offer additional protection and if you do fall victim to a scam, you should be able to claim your money back.
Use a VPN – VPNs encrypt all of your online activity automatically and offer a greater level of online security than an online retailer will alone. It is a good idea to have a VPN set up and connected before entering any financial information online.
Don’t use public Wi-Fi – Never enter financial information when you are connected to a public Wi-Fi network. As we will explain in the following section, these networks are inherently insecure.
You should only use these for such transactions if you have first connected to a VPN.
Be smart and sensible – Use common sense when shopping and banking online. If you come across a deal that looks too good to be true, take a step back because the chances are that it probably is.
Public Wi-Fi Networks
Public Wi-Fi networks are everywhere these days. You can’t go into a shop, café, restaurant, shopping mall, train station, or high street without encountering them.
It can be tempting to connect to these free networks that allow you to get online to check your messages, compare prices with online retailers, and much more. But you have to be really careful because unbeknownst to many people, public Wi-Fi networks are inherently insecure.
A public Wi-Fi network is a free internet connection designed to be easily accessed by multiple users. A lot don’t even have a password and those that do will have one that is easy to remember and publicly available.
For a hacker, this is an absolute gift.
Once they have compromised a public Wi-Fi network, it is possible for a hacker to intercept the data of anyone else using the same network. They can then steal their information, hijack their devices, and do just about anything else they want.
Some hackers don’t even bother trying to access a network. They will just set up their own password-free Wi-Fi network with a similar name to the legitimate one and try and trick you into connecting to it.
This trick works a lot and once you have connected, your data and your device is effectively at their mercy.
The risks posed by public Wi-Fi networks are so severe that last year, the FBI issued guidelines for using public Wi-Fi network.
Their advice was as follows:
- Check the name and password of a Wi-Fi network to make sure it is the official one.
- Don’t do any sensitive activities, such as online banking, when connected to a public Wi-Fi network.
- Disable location settings on any apps to ensure anyone who does access your data can’t see where you are and potentially either attack you or rob your home while you are out.
- Never give permission for your devices to connect to free Wi-Fi networks automatically.
- Always sit with your back to a wall when using a public Wi-Fi connection in a public space so other people cannot look over your shoulder and see your screen.
The one thing that the FBI omitted to recommend in their public Wi-Fi guidance is perhaps the most important tip of all. Always use a VPN when connecting to a public Wi-Fi network!
When you connect to a VPN, all of your internet data is encrypted. This means that even if the network is compromised, no-one can see what you are doing online and no-one can trace what you are doing online back to you.
The FBI have their own reasons for not recommended this, but just about every other online security expert does. If you can get away without using public Wi-Fi, do this. But if you have to use it, make sure you are always connected to a VPN.
Social Media privacy
Last but by no means least in this extensive guide is the topic of social media privacy.
We all use social media, whether it be Facebook, Twitter, Instagram, Tik Tok, or one of the hundreds of other social media sites there are out there.
And for all the talk in this guide of hackers and government spies seeking to compromise your online privacy and access your sensitive information, when it comes to social media, a lot of people will hand over vast amounts of private information to the world at large willingly and without any scam or provocation.
It has become the done thing to record our lives on social media. We check in to tell people where we are, post precious family photos on social media sites, and share our views on everything from politics and sport, to that funny cat video and how racist our Aunty Rita is.
All of this is private information. While it might seem innocent on its own, when it is combined with all the other information about us that is accessible in the public domain, it helps to tell anyone who wants to know a great deal about us.
Social media is fun but it is essential that everyone thinks about their privacy when using it. There are some simple rules you can follow:
Privacy settings – All social media sites have privacy settings built in, but most of them do not enable these by default. So, if you want to keep your information, photographs, or location private or even just let your close friends view them, you have to change these settings manually to do so.
Before you use any social media site, check these settings carefully and make sure you are comfortable with how much of your information will be accessible to the public.
Location Settings – If you are using social media sites on a mobile device, they will often tag any posts with the time and your location. This is dangerous for two reasons. It can tell criminals when you are not at home or on holiday which could lead to a break in at your home.
And it also lets committed hackers or government spies develop an idea of your movements and habits and track where you go and when. The best advice is to always disable location tagging on all social media sites.
Photos – Photographs that seem harmless can reveal a lot about you. They can show where you are, who you are friends with, what you like to do, and you can even inadvertently include things in the background that are even more revealing.
If you have to post photos on social media, check them carefully first and remember to ensure only friends can see them.
Policies – Before you start using a social media site, do some due diligence and consider how the site plans to use the data you upload onto it.
All social media sites have privacy policies and while these are often impenetrable, some research should find summaries and key points online. Take a look and if you are not comfortable, don’t sign up.
Don’t use – If you are ultimately determined to keep your online activity and details about your life private, there is really only one option available to you when it comes to social media; don’t use it.
A Visual Guide to the issues of online privacy
Please consider using the code below if you want to share the image on your website:
Awareness about online privacy has grown considerably over the past decade or so. But at the same time, so too have the threats to it.
These days there are more hackers than you can imagine competing to steal and monetise your data. Many of these are criminals but a lot also work for governments, both authoritarian and democratic, and are working under the delusion that they are keeping you safe by violating your privacy.
With governments and tech companies having no interest in protecting your online privacy, it falls on the individual to take the necessary steps to ensure their online activity and valuable data is as private as is possible.
In this guide, we have pulled together information from hundreds of different sources to create a comprehensive guide to online privacy. This is not a fixed topic and we will attempt to keep this guide up to date with all the latest threats and privacy solutions as well.
For now, we have outlined the main threats that all of us face when going online. We have also detailed some of the most important solutions. We have recommended various tools you can use to enhance your online privacy and suggest some best practice too.
VPNs are perhaps the most important ones we have discussed, but things like password managers and anti-virus tools are just as important.
As well as explaining why these tools work, we have also outlined which software our privacy experts recommend you choose. If you follow all of our advice, you have as much chance of keeping private as anyone.
Achieving absolute privacy online is all but impossible these days. But follow our advice and use some of the tools we have recommended and you have as good a chance as any of retaining your online privacy.