19 March 2026
I used to be a Google fan.
Not in a passive way — I genuinely admired them. Their offices were, for a long time, considered the best place in the world to work. They embraced open source with Android while Apple kept iOS locked down. And as you walked through the door of their headquarters, there was a sign that read: Don't be evil.
I believed them.
Then the ads got creepy. Not annoying-creepy — unsettling-creepy. The kind where you think "how on earth do they know I'm about to travel to London?" You haven't searched for it. You haven't booked anything. But there it is. That feeling — that something knows something about you that you didn't tell it — is hard to shake once you've noticed it.
I started paying attention.
It didn't start as a privacy journey. One day I came across a blog post by a photographer explaining why they were moving from Android and Windows to Apple. I followed it for the workflow reasons — Macs are still, for the money, the best machines for photo editing — but something unexpected happened when I started going through Apple's settings.
Private Relay. Disk encryption. iCloud end-to-end encryption. I hadn't gone looking for any of it, but there it was. My first experience of anything resembling a VPN. My first real encounter with encryption as something a normal person could use, not some spy-movie abstraction.
What struck me wasn't the features themselves — it was that they existed at all, and that I'd never noticed them before. Apple had built these tools into the operating system years earlier. I'd been using them without understanding what they did or why they mattered. It was like discovering your house had a basement you'd never explored.
Apple, almost accidentally, opened a door I didn't know existed.
I walked through it.
Once you start reading about privacy, you can't stop. VPNs. DNS. Encrypted email. Zero-knowledge storage. Each answer leads to three more questions, and suddenly you're at 2 AM reading about metadata and threat models and why your email provider knowing when you send messages is almost as revealing as knowing what you say.
I learned about data brokers — companies whose entire business is buying and selling information about you. About how free services are actually paid for: you're not the customer, you're the product. About the fundamental difference between a company that makes money selling you things and a company that makes money selling you to advertisers.
The deeper I went, the more I realised how much I didn't know. I'd spent thirty years working with computers and the internet, and I'd been operating almost completely blind about where my information was going. It wasn't ignorance exactly — it was more like I'd never been asked the question, so I'd never thought to ask it myself.
I started making changes. Small ones at first. A VPN here, a different email provider there. But each change led to another. It's like once you see the system, you can't unsee it.
I moved from iPhone to GrapheneOS — a privacy-focused Android operating system that most people have never heard of. I moved from Windows to Linux. I still use macOS for photo editing — the M-series chips are genuinely extraordinary for that work — but my relationship with Apple has changed fundamentally. I use it less and less, and when I do, I'm aware of what I'm trading away.
A few months ago I posted this on Mastodon:
I've been using Windows, MacOS, and Linux for thirty years now. Since Microsoft ditched Windows 98, I considered MacOS the high bar, with Windows gradually getting worse and Linux gradually getting better. However, after the latest MacOS and Linux Mint updates, I now think that, judging the operating systems alone, Mint has overtaken MacOS. It's minimalistic yet functional and aesthetically pleasing. It's fast, intuitive, and I haven't encountered a single glitch or freeze. And that's on a machine seven years older than my Mac, which is now riddled with unnecessary features that clog up resources but bring nothing functional nor are aesthetically appealing. To every single person who has dedicated their time to this free and open-source project — KUDOS!
I meant every word of it. And that shift — from thinking Apple was the pinnacle to realising that free, open-source alternatives had caught up and in some ways surpassed them — felt significant. It suggested that privacy and control didn't have to come at the cost of usability. They just required different choices.
If any of this resonates and you want to start somewhere, here's what I'd suggest. Not necessarily what I use, but what I'd recommend depending on how far down the rabbit hole you want to go.
A VPN encrypts your internet traffic so your internet service provider can't see what you're doing, and it masks your location. I use IVPN, which is uncompromising — it doesn't keep logs and it's transparent about how it works. For most people starting out, Mullvad is the better choice — straightforward, no account required, trustworthy, and less intimidating.
I use SimpleX, which has no user IDs at all and is about as private as it gets. You share a unique link with someone to start a conversation, and that's it. It is an open-source decentralised solution which utilises a network of European servers. It even allows you to run it on your own servers for maximum protection and privacy. It has rough edges, but it came a long way in the past two years.
Signal is the most widely recommended private messenger and it's genuinely better than WhatsApp or iMessage for privacy. But it runs on centralised Google and Amazon servers in the US, which means it can be — and in some countries has been — blocked. Additionally, each message makes Google and Bezos that tiny bit richer. SimpleX has no central point of failure. For most people Signal is the right starting point; for those who want to go further, SimpleX is where I ended up.
DNS is the system that translates domain names into the IP addresses your computer actually connects to. By default, your ISP controls this and can see every site you visit. Pi-Hole lets you run your own DNS server on your home network (a Raspberry Pi costs about £30 and will do the job) and blocks ads and trackers at the network level — no browser extension needed. However, Pi-Hole can only run on your home network and won't work for your phones and laptops when you're out. That's where NextDNS comes in — it does the same thing through the cloud, so it works anywhere. It's easy to set up and the free tier should be enough for all but the power users.
On GrapheneOS, Vanadium is hardened specifically for that OS. On desktop, Mullvad Browser and Brave both have genuine privacy credentials. Mullvad is more privacy-focused; Brave is more feature-rich but has crypto integrations that aren't for everyone. Vivaldi is highly customisable and privacy-respecting.
Proton Mail is encrypted end-to-end and based in Switzerland. Tuta (formerly Tutanota) is similar. Both work well. Both are better than Gmail or Outlook. Both offer free tiers.
Bitwarden is open-source and trustworthy. The important thing is to use one — unique, strong passwords for every service is non-negotiable.
None of these tools are perfect. They all involve trade-offs. But they're all genuinely better than the defaults, and they're all accessible to someone who's willing to spend a few hours learning how they work.
We talk about privacy on our phones and computers. But it goes further than that.
Modern cars are currently among the largest collectors of personal data anywhere. The Mozilla Foundation published a report on this — the findings are worth reading and genuinely alarming. Your car knows where you drive, how fast you drive, when you brake, what music you listen to, what temperature you prefer, whom you call or text. Some even constantly record videos of you and upload to remote servers for the brand's subcontractors all over the world to review, class and categorise. They build detailed profiles on their users and sell those details to anyone who pays. Most owners don't even realise this is happening.
Facial recognition algorithms are running in supermarkets and on streets, building detailed profiles of people who have no idea it's happening. Your face is being catalogued. Your movements are being tracked. Your patterns are being analysed. The expansion of facial recognition in the UK is happening faster than most people realise.
Smart home devices listen for wake words, but they're also collecting data about your routines, your habits, your voice patterns. Your robot vacum cleaner collects and shares images, often intimate, of everything in your house. Smart TVs track what you watch. Fitness trackers know your heart rate, your sleep patterns, your location history.
We're living in an age of unprecedented surveillance, and most of it is invisible. We can't see it happening, so we don't think about it.
A few years ago I wasn't thinking about any of this. I was working sixty-plus hours a week, raising kids, coaching volleyball, running a scouts group. Privacy wasn't on my radar — not because I didn't care, but because I simply didn't have the bandwidth to notice. I was too busy living my life to think about who was watching it.
Most people are in that position right now. Not indifferent — just busy. Overwhelmed. Trying to keep up with work and family and everything else, with no mental space left over to worry about whether their smart fridge is selling their grocery habits to advertisers.
I'm not suggesting everyone needs to run GrapheneOS or self-host their email. That's extreme. But knowing what's happening is a start. Understanding that your data has value, that companies are collecting it, that you have some choice in the matter — that changes things.
The door is open. You don't have to walk very far through it to make a meaningful difference. You could start with just a VPN and a password manager. You could switch to Signal for messaging with close friends. You could use a privacy-respecting search engine like DuckDuckGo. Small changes add up.
What matters is that you're aware. Once you notice the system, you can't unsee it. And once you can't unsee it, you can start making choices about whether you want to be part of it.
That's where my journey started. With a simple question: How do they know that?
Where it goes from here is up to you.