Decentralizing my digital life a bit


Why

For a long time now, the web has shifted towards centralized points. The most clear sign of centralization for me was when Social media took root at the center of people’s online identity and started crossing over into their real lives. Coupled with this, a few years earlier a slightly different, sneakier, centralization started to take a foothold of the web in the form of Gmail.

Once upon a time, it was unfathomable to think we could get gigabytes worth of storage for our online correspondence for free. So when Google announced Gmail, we thought we we’re getting a killer deal. Little by little, we realized those services were never and have never really been free.

In the years between the launch of Gmail and the present, data became the new oil. The more hooked you could get customers on “free” services, the more data you could collect about them, and the better your ad revenues could be.

In the past when discussing how some of these services thrive financially off logging your every move, some folks have said something along the lines of:

Big deal. Let them have data on me. Why should I care?

But several scandals later, we know the data collected is not just trivial useless info about you, but a scary compilation of your every day life: where you shop, what you like, how much money you make, and several other extrapolations from your online behavior.

Recently, I read an article about several companies that track consumer behavior and assign a customer score.

In terms of collecting data, Google is right up there with the worst offenders (they are primarily an ad selling company after all). They own and operate “free” services which provide the company with a wealth of information on individuals. In exchange, users get useful tools. Services such maps, e-mail, contacts, calendar, photos, video, and app stores provide Google with the ability to generate an accurate portrayal of user without ever talking to them.

For users living in this Google ecosystem, things get even scarier when it becomes clear that Google operates at such a large scale that customer service for all its product feel like an afterthought.

Accounts linked to development accounts began getting shut down which also resulted in users being locked out from every other service Google offered. Sometimes, the only way to restore access to critical services such as email would be to go on social media and hope the complaints became viral.

Before seeing accounts of this happening, I never gave two thoughts to what would happen to my digital life if one day Google decided to kick me off its platform. It was a scary realization.

So from both a privacy perspective and a practical perspective it became clear that I had to start diversifying my digital life.

Buying a domain

The first step in my journey was to buy a domain. It allowed me to start using email addresses attached to this domain.

At first, I only forwarded the mail from certain aliases from my domain to my current gmail. I figured this was a good first step while I looked into e-mail hosting options.

I explored the changes in landscape since the last time I purchased a domain when I was in high school. There were several new Top Level Domains (TLD) available now. My old .net is currently being squatted (update: I have recovered it!) so I decided to go with a less traditional .xyz.

After looking for registrars, I settled down on one that provided WHOIS privacy for free by default while also offering domains at reasonable prices. There are several registrars that are trustworthy but mainly I wanted to steer clear of registrars like Godaddy.

E-mail service

There are several options when it comes to using your own domain for e-mail service.

One option is to host your own e-mail service on a cloud provider. But the more I looked into it, the more challenging it seemed to securely run the service while maintaining a good reputation against spam filters.

Realizing this, I took my time exploring several service providers.

Looking for a service provider outside of Gmail was really tough. There are many providers to choose from with different kinds of trade-offs, usually in the User Experience area.

I looked into security and privacy focused services like Tutanota and Protonmail as well as other well regarded services like Fastmail.

Ultimately, Tutanota and Protonmail came with big trade-offs for the privacy they provided in terms of convenience. Using their services with IMAP seemed pretty complicated and error prone. I decided that at this time, the trade off wasn’t worth it, specially because e-mail was never meant to be a safe means of communication. All I wanted was to avoid having my data mined or accessed without legitimate cause.

Fastmail was pretty expensive and with the recent law passed in Australia, where Fastmail and their servers are based out of, made it a tough pick. Backdoors are never a good thing.

I almost signed up with mailbox.org but I wasn’t sure I’d be able to get by with only 3 aliases for the 1 Eur plan. Posteo.de looked like a great option until I looked around their site and found out they don’t support using a custom domain.

Finally, I settled upon another e-mail provider recommended by Drew DeVault, runbox.com.

I’ve paired my new e-mail service with FairMail on my phone and Thunderbird on my laptop to very good results. (Side note: If I were a user of Apple devices, I would have had a much easier time with finding alternative mail applications as the default mail apps for IOS and MacOS are great.)

On my phone, I’m using DavX5 to synchronize my calendar and contacts.

Messaging

This is a really tough one, mostly because you have to convince others to try new services.

After all, if no one else you know is on a service, it’s not really any good to you.

In hindsight, Whatsapp’s purchase by Facebook was a terrible shame. Their product is intuitive to use and almost everyone outside the US is on it. It has end to end encryption done with the Signal protocol which in theory shouldn’t allow anyone in the middle to collect any data. Nevertheless, since it’s now part of Facebook, a notoriously untrustworthy company when it comes to data collection, it was time to look for possible alternatives.

Google Hangouts is on its deathbed and it was never that great a messenger to begin with.

I’ve settled on Signal for now as a good middle ground. Since Brian Acton joined the Signal foundation things have looked pretty good for the app. It’s also available to both IOS and Android which allows folks on both side of the fence to join.

For large group chats, I’ve found Telegram to work really well. It’s not my favorite messenger in terms of privacy but I tend to use it with that knowledge in mind. The User Experience is great and it makes chatting in group settings much better than Signal.

Lastly, I tried running a Matrix server for a bit, but it’s not easy to convince people to join and the user experience is pretty mediocre on the client side of things. I hope with time better, more intuitive clients like Pattle gain traction in the mobile space for Matrix.

Final Thoughts

It’s not easy to get away from the big corporations and finding alternatives that are easy to use for the whole family. But it is a worthwhile endeavour, and we should always be looking to support companies and projects that are looking to protect our privacy as users. As the landscape continues to become even more hostile towards users who which to keep control of their data, it’s more important than ever to continue to look for alternatives.