Ghostboard pixel

How Free & Open Source Software Can Save Online Privacy

I have used services from tech giants for years. Most were free of charge, at the expense of my privacy. But those days are over. Now I browse, chat and work without anyone tracking, monetizing or censoring my data. Thanks to free (libre) and open source software.

I start to worry about Big Tech

Big tech surveillance

I’ve always felt machines should be doing what I want them to do, not the other way round. That’s why Google’s Android operating system immediately appealed to me when it first hit the market in 2008. At the time, Google’s open-source approach was genuinely refreshing. I spent hours customizing my HTC Hero phone. Little did I care that it was uglier than my friends’ iPhones or Symbian devices. My new gadget was infinitely more versatile.

Fast forward a decade. Google has become a tech giant, dwarfed iOS and killed Symbian OS. Today, the company captures over 90% of search traffic and dominates the browser market. This stellar growth came at a cost, as illustrated by the removal of Google’s “don’t be evil” clause. The search giant is entangled in court cases, such as the one over data collection and tracking malpractices. Researchers also found privacy flaws in Google’s contact tracing app. To top it off, the tech giant announced a controversial new algorithm that tracks browsing behaviour to better serve ads.

Now, I don’t want to pass the buck to Google. Amazon just created the largest civilian surveillance network in US history. It provides the police with unwarranted access to millions of home security cameras. Meanwhile, Europe probes into Amazon’s compliance with privacy rules. Same goes for Microsoft, which incidentally also apologized for having facilitated workplace surveillance feature.

One might think that users can at least count on Apple to protect their privacy. The tech giant recently gave them the choice to know whether apps track their behavior. As it turns out that only 5% of US users opt into this new app-tracking transparency. Meanwhile, the company hugely benefits from doing business with data brokers like Google. Not to mention the antitrust trial raging between Fortnite developer Epic Games and Apple, which claims to protect the privacy of its App Store. And of course, there’s Facebook. The company’s privacy misconducts culminated in a Senate hearing over the Cambridge Analytica scandal, wiping out what was left of user trust.

Yet in spite – or because – of these questionable practices, the total value of these companies reached over 7.5 trillion dollars in March 2021. “Big Tech” is now worth more than Germany’s and the UK gross domestic product – combined!

Why privacy matters

Privacy

We all use Big Tech’s services. We are part of Surveillance Capitalism, a term coined by Harvard professor Shoshana Zuboff and discussed in Cory Doctorow’s latest book, Surveillance Capitalism. It’s an economic system centered around tech monopolies which harvest personal data to maximize profit. This system threatens the very core of democracy, as it gives rise to mass surveillance, polarizes the political debate, interferes with the electoral process and drives uniformity of thought as well as censorship.

Surveillance Capitalism is based on a deeply troubling invasion of our lives. We tend to forget that privacy is a fundamental right. It’s enshrined by the UN Human Rights Council, the International Covenant on Civil and Political Rights and a number of treaties. I think we can all relate: there are more than a few aspects in our lives we’d like to keep private, even without wrongdoing. Whether it is to freely express ourselves and explore our personality without being judged by others. Or to shield us from surveillance, censorship and manipulation. That’s why curtains were invented. And things like banking secrecy, attorney-client privilege, secrecy of correspondence, secrecy of the ballot, confessional secret or medical confidentiality.

Tackling online privacy is a broad issue. It requires comprehensive changes to our legal systems and social conventions. Regulation of tech monopolies is one of the main challenges of this decade. As illustrated by the recent standoffs between tech giants and governments: Australia vs. Facebook, China vs. Tencent, India vs. WhatsApp, the EU vs. Facebook or the US vs. Big Tech. For years, digital rights groups and software foundations have been advocating for better privacy laws, user rights and the freedom to innovate. Let’s only name a few: the Electronic Frontier Foundation, the Free Software Foundation, the Freedom of the Press Foundation, Privacy International, the Open Rights Group or the European Digital Rights.

What’s this got to do with FOSS?

FOSS

Since its inception in 1983, the Free Software movement has become quite a diverse community. Free and open source software is often referred to as FOSS, FLOSS, Libre Software or Free Software. It includes a whole range of licenses that give users the right to use, study, share and improve the software. As well as the right to repair. Free Software is “free” as in “free speech” — and sometimes as in “free beer”. As such, FOSS is not only about technology. It’s about social, political and economic emancipation.

A few years back, a privacy controversy shook up the Free Software community. Ubuntu 12.10 – one of the various GNU/Linux flavours – started establishing Internet connections for local searches on people’s computers. It served Amazon ads and shared private data with Facebook or Twitter. The backlash was massive. A few years later, Canonical – the firm behind Ubuntu – ended up removing online searches and the Amazon web app. The more recent Audacity drama is another example of how FOSS protects privacy. The new project management decided to add Google Analytics and Yandex to the audio software, but ended up renouncing to its plans after public outcry.

For all its merits, Free Software is not free from criticism. One claim is that FOSS projects often get abandoned. A study recently presented at the Empirical Software Engineering and Measurement conference suggests otherwise: out of 1.932 popular open source projects, 7% (128 projects) were taken over by new developers after being neglected, reducing the dropout rate to less than 10% (187 projects).

Another common criticism is that FOSS exposes potential security vulnerabilities by publishing the code. On the flip side, keeping the source code a secret doesn’t necessarily increase security. Arguing that closed source code is vastly more secure than FOSS conveniently omits the fact that proprietary stacks are increasingly built on top of open source code. Free Software also tends to be decentralized, which helps with resilience against surveillance, single points of failure or massive data leaks. So sure, FOSS is not immune to security breaches. But neither are proprietary solutions, as illustrated by the latest leaks of a billion people’s data from Facebook, LinkedIn and Clubhouse. Or the spectacular security attacks against SolarWind and Colonial Pipeline.

All in all, Free Software is instrumental in promoting online privacy. For nearly forty years, FOSS has been encouraging developers to audit the code, fix issues and ensure nothing shady goes on in the background.

Seven steps to online privacy with FOSS

While waiting for better privacy laws, there’s a lot you can do to make your devices more private. Here are seven steps to replace Big Tech with privacy-respecting, free and open source software. Depending on your threat model, you’ll likely want to consider steps 1 through 4 first, as they already provide a reasonable level of privacy. If you have some tech skills and want to go further, take a look at steps 5 to 7.

  1. Get involved in privacy. There is much to be said and learned about online privacy, data exploitation, filter bubbles, surveillance and censorship. Get involved and spread the word.
  2. Choose a safe and private browser. Switch to Firefox. Block trackers, cookies and ads. Use privacy-respecting search engines. Possibly encrypt your traffic with Tor or VPN.
  3. Keep your conversations private. Use end-to-end encryption to secure your emails, messages and calls. Ditch classic social media and discover the Fediverse, a federated family of various online services.
  4. Protect your data. Use long and unique passphrases. Choose a different one for each of your accounts and devices. Keep them safe in an encrypted password manager. Consider using two-factor authentication. Create a regular backup routine. And encrypt sensitive data.
  5. Free your computer. Switch to GNU/Linux and favor free and open source apps. Depending on your needs, choose a beginner friendly distribution like Linux Mint or Ubuntu. For more experienced users, pick Debian, Manjaro, openSUSE, Fedora or Gentoo Linux. And for privacy buffs, have a look at Qubes OS, Whonix or Tails.
  6. Free your phone. Switch to a custom mobile operating system like LineageOS, CalyxOS, GrapheneOS or /e/. Favor tracker-free open source apps from community maintained app stores.
  7. Free your cloud. Choose privacy-respecting cloud providers. Or set up your own secure server and self host services such as cloud storage, photo galleries, task and contact management, or media streaming.

Wrapping Up

GoFOSS

There is no one-click solution for online privacy. Replacing Big Tech with free and open source software is a process. Some changes are simple – like installing Firefox or Signal. Other methods require more time and skills. But they are definitely worth it. And you’re not alone, you can count on the support of a wonderful community. So allow me to conclude by quoting Geoffrey A. Fowler from the Washington Post: “Online privacy is not dead, but you have to be angry enough to demand it“.


About the author

Georg Jerska

Georg Jerska is an open source enthusiast with a special interest in protecting the privacy of citizens. With his small team he runs GoFOSS, a comprehensive guide on how to replace Big Tech with privacy-respecting, free and open source software.


Open source illustrations by Katerina Limpitsouni.

The views and opinions expressed are those of the authors and do not necessarily reflect the official policy or position of It’s FOSS.

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to It's FOSS News.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.