I have a samsung s10.. All privacy settings enabled. I dont have costco in the country i am in... nor i googled it ever.. I was on a whatsapp video call with my brother who showed me some spring rolls from costco and was yapping about how cheap he got them from costco. After the call ended i went to youtube to watch some reels and after 3-5 reels a relatively small channel popped up talking about the same spring rolls from costco showing the packet and all.. I am sure no matter what meta says about end to end blah blah .. they are monitoring everything.This cant be a flippin coincidence.

I would like to know if using fingerprint on the device (mobile) increases the attack surface. Even with a screen lock set with a random password (high security), can the fingerprint bypass this and introduce errors?

Looking to do some personal finance in google sheets but when I went to install an extension called Budget N Sheets, they asked for access to send an email as me? Never seen this permission on anything google related before. Why would they ask for that? I'm sure tons of my personal info is online but that feels like a stretch just for a budgeting extension.

We will soon be traveling together, and we all want to be able to see each other's location. When we get home, I want privacy. Is there a way I can share my location most of the time but occasionally present a false location? (That's for when I return home.)

(If not, any ideas for how I can explain / justify wanting privacy from my spouse? (I'm not cheating, and not doing drugs or drinking, but I can imagine occasionally bwanting privacy.))

recently i left a highly abusive situation (that im still sort of in) and am trying to purchase new devices (all of mine i think are compromised, as well as banking, government ids, healthcare programs, fcking icloud and google i see are linked i have no idea how, apple pay set to go to them- its family violence but apple cannot give me a single answer as to why on earth there is password syncing or it seems as though it is somehow an interchangeable apple id?- its not family sharing or something it is bizarre etc)

Im going to purchase mac products as i was given money to do so= but I have no idea how to ensure safety and privacy as best as i can on my own. I recently moved to a rural area, apple have been no help at a all, im scared about if the wifi in the house will do something if i buy new devices and my current ones are still here, i dont know if thats possible- there is also a wifi connection in my car i only just discovered through iphone settings but its not usable- wtf is this

any advice? i was going to do new products and maybe hot spot will im at home for a bit? and not log on to any old accounts on new? transfer data through usbs? Im scared about using my home printer.

is the type of wifi unit important - should i get one of those portable sticks? god i have no idea what im talking about. I just have a feeling something could happen there with existing wifi.

I also found on my computer when i type in microphone the setting didnt pop up in finder it instead popped up a window that said something like "microphone/headphone extension cant access" and my iphone and headphones microphone were linked. But then it disappeared the other day and went back to pulling up the normal mac settings. I can see weird things take up storage "ios files for iphone 12' -paretnal controls are on its bizarre

theres also users on my laptop i find in some random sections that say wheel, staff etc i could be mistaken

i also was given an iphone by them and it had to be sent to me i couldnt purchase one- and i finally worked out it was done under apple business- apple says there is no way i can see if that phone is linked to business manager- im just scared and dont know what to do with iT?

These people are powerful, well connected in my city, have my ids, passport, heath care card, im scared to change because they will know im doing something.

if anyone has some basic suggestions, i just want a safe device i can use the internet on and advice on browsers to start with and a mail account

i was going to save everything on thumbdrives or maybe get a mac mini so i can grab it and go- defitnely not fcking icloud haha or google i could not believe the data on there

thank you very much

hello, i want to know if mail.com is a trustworthy website to register an e-mail. i have some accounts in services like discord and fl studio (image-line) and i want to get a new email with a kittymail.com domain.

I'm having a problem with Cryptomator. I believe this issue may not have a solution. Here's what happened: I encrypted a file, and it was stored in the virtual drive that Cryptomator creates. The problem is that this file took a long time to copy and paste into Cryptomator's virtual drive. It was the first file I placed there. All the other files copied and pasted normally, and I was able to access them. However, this first file, which took a long time to copy and only appeared much later in Cryptomator’s drive folder, is corrupted.

An error message says that the file does not exist. However, its size is displayed as 1.38 GB. This file cannot be moved, cut, deleted, copied, renamed, extracted, or compressed. I can't do anything with it. I also can't rename Cryptomator's drive or download the file from the cloud. I have already uninstalled and reinstalled Cryptomator, but this does not allow me to access the file because the same faulty and corrupted version always reappears. I don’t know what to do. A Windows I/O error code appears, and I need to recover this file. I just wish someone could at least help me delete it from my computer.

I was using the Google app until it crashed when I got a new phone or somehow I don’t even know how to log back in. I’d like to start fresh with something else.

Hello, If I was to plug my iPhone into a company chromebook to charge it, and pressed “Do not allow” when given the “give access to photos prompt” then would it be able to access any data from my iPhone at all?

After researching this it is very confusing, some suggest it can access any data from any app on my phone including passwords, history etc.

Thank you very much

Mozilla Firefox vs Waterfox vs Mullvad vs Librewolf vs Zen Browser are all built on Mozilla Firefox based software so compare and contrast which one is fastest, safest, most private, secure, uses less ram, memory, gpu, cpu

I notice in my Reddit feed an ad for Jolla phones (based on Linux). I believe the os is sailfish os . The price quoted is €299 which seems quite good for a “private” smartphone . Has anybody any experience with Jolla or sailfish ?

Hi,

In the past, I've had considerable success by just emailing a company a generic GDPR erase request (from the email address linked to whichever account I wanted to delete).

I want to completely delete my old lego account, so I sent an email to the address they advertised on their website to do so: privacy.officer@lego.com

What is special this time is that they got back to my email requesting that I share with them the following personal details (over email) in order to "verify my details" and enact my request:

• Full name
• Date of birth
• Residential address

Is this normal and fair? I feel like giving out my personal details over email (which will remain stored on their side), in order to request them to delete those very same personal details kind of defeats the purpose.

Does anyone have any recommendations on how to reply to this?

Regards,

Hey friends,

I'm using the below archived post to get rid of information of mine on the internet. The issue is that both the post's explanation & SimpleLogin's tutorial to create an email alias does really contain much info for a how-to & isn't very intuitive for someone who knows absolutely nothing on how it works (SimpleLogin's video explanation also wasn't any help). I'm new to all of this so I need to be walked through it like I'm a literal child, lol. I just want my info off of sites & to do it with an alias (I signed up through SimpleLogin through my proton.me account btw).

https://www.reddit.com/r/privacy/comments/n5w8b3/whitepages_requires_a_phone_number_to_remove/

Can someone better explain?

TY in advance

Anyone know the best privacy-minded 3rd party Discord client for Android? >!Yes I know Discord itself is awful for privacy!<

Excuse me for being ignorant but I just had to ask about this website. So when you try to check and put your name, address, or phone number in the search input and hit enter does their website get all those info you entered? Anyone, educate me on this? lol luckily I did not found my info but I’m worried, now that I entered my info on their search input and clicked find.

I am trialling GrapheneOS on mobile and due to lack of full play integrity (I think it's something to do with device integrity of the Play Integrity API which a few of (mainly financial) the apps need), I'm unable to get these apps working on it. As a result I resort to using their webapps (normal browser stuff) on mobile.

I have a habit of either using only private/incognito tabs or setup the browser in general to delete all cookies on exit. This means that every time I want to revisit many of these sites, I must login via username-password, which is a non-issue due to password managers, but also enter information which the password managers only help partially (like random letters or a "memorable" word if you memorable word is also actually a random alphanumeric and stored in password manager) OR are not a help at all (like in case of OTP being sent to a mobile number).

In these cases to not have auth fatigue depending on number of such websites you visit and how frequently, you could persist their cookies so that in future you are only asked username-password combo which password managers excel at.

Given this, I wanted to allowlist these websites to persist their first party cookies. However, given that my browser setting already blocks 3rd party cookies, what's the harm in just turning off the setting which clears cookies on exit? If I visited a random website say https://some-ropey-looking-site.com and it stored its 1st party cookies in my browser (all 3rd parties being rejected by the browser), what's the privacy concern here? Some that I can think of:

1. If someone gets hold of my device, they can find out via cookies what websites I have visited in the past (assuming I'm still clearing history).
2. Same someone can use the session identifiers in those cookies to forge a session on my behalf with the webserver.
3. When I do visit the website again, they might have slightly more info on me - instead of relying on browser fingerprinting, IP etc, they'll just use the info from the stored cookies making their lives much easier.

I'm not very worried about (1) or (2) because an adversary that's breached the perimeter that far has me vanquished in so many ways already - it's a compromised machine at that point.

(3) may be a slight worry but I don't think eliminating it adds much to privacy unless you are constantly changing the bits that allow fingerprinting you over a course of time.

So do you all think that an advice of clearing out your (1st party) cookies is not very meaningful anymore (assuming 3rd party ones being default-blocked by almost all mainstream browsers) ? What harm to privacy/security do you see?

I have been hanging around this subreddit and started turning off ad settings and reining in my data. I just realized good tracks app activity and location from the play store.

I was wondering since they are so forward with AI on this new phone if you can have more control over what kind of data goes out.

Can the personal data engine be trusted?

Years ago I got deep into privacy and the Edward Snowden shit. I switched to Firefox and DuckDuckGo seven years ago, I tried to stop sites and services tracking me, I hosted my own VPN with OpenVPN, I have all the Firefox privacy extensions, I host my email now etetc. I actually can't lie to some degree enjoy it. It gave me greater appreciation and understanding of technology and the internet. I learned to code along the way and I'm now going into a Computer Science career.

Yet there's a part of me that thinks I'm doing this wrong. My entire social life has been part online since I was 12 like most people. I'm aware that's very bad and depressing both from a developmental and privacy pov but I won't lie, I don't think anything anyone could say would get me to put the phone down completely. I don't post much and am probably using it less than 20% of the day. I'm not naive to what company's probably have on me. There's some irony to the fact I'm posting this on reddit. I just decided I'd have to trade some of my data for the social life I want and that was okay for me. I know a lot of y'all wouldn't take that comprimise.

My question is am I wasting my time? Is what I listed in the first paragraph going to help if I just end up keeping all social media.

I'm a beginner when it comes to privacy. I recently learned about something called 'Invidious' as a front-end for YouTube. However, it seems that it's not working properly anymore. Is there any good alternative?

So a few years ago I stumbled upon a website where you could type some text into a box, whatever you wanted to type into a message, then optionally enter a password, select an optional timeout feature where the message is deleted after a certain amount of time if not opened, then click a button and the website would store the text as an encrypted file (or something like that, I'm not actually sure,) and it would spit out a link for you to copy. You could copy the link and send it to a friend who would click the link, optionally enter the password, and the message would pop up for them to view, unencrypted. When they left or closed the window the message would be permanently deleted and rendered unrecoverable.

Can someone tell me what the website was called? It was so useful for sharing sensitive info but I can't for the life of me remember the name.

Also, bonus question, was it really as secure as it claimed to be? It seems like almost nothing that's easy to use as a novice is actually secure...

Came across this phone that runs Android. Technically a gaming phone so has great specs, but doesn't come with all of the bloatware from Samsung for example. Anyone familiar with this phone or have insight into its use in terms of privacy? Obviously is heavily dependent on how you interact with it and what data you are sharing and entering into your apps, but as a whole- how much is it tracking you?

Realized it is not a degoogled phone. I use Google for work anyways. Just more conscious of what I share with these apps nowadays

I am in California and websites must gives us an ability to opt out of tracking. I have noticed that despite weather.com having the option, it reverse back to opt in once you leave that menu. Anyone else seeing that?

Hi! I been more privacy aware for weeks now. Changed most of my software for more private ones, but I'm still a little lost about the purpose of having or not an account on any given platform.

This might be a super dumb question but doesn't logging into an account, even with a VPN and/or Brave/Tor/Mullvad, kinda defeats the whole purpose of privacy?

I can see how it blows the anonymity provided by a browser like Tor, but if someone wants to feed less data to corporation and have less personal information floating around, wouldn't logging into a account (e.g. Costco, BigCartel, Reddit, etc.) basically revealing your identity? Like a big "hey, I'm here! I working through this VPN and everything". Linking your IP and everything to the info provided in your account?

I currently have a browser for when i need to log into my google account (working on de-googling) and another one for everything else. I always close my browser when I'm done for the day.

Thank you in advance!

I'm from India, and we are just now getting our first digital privacy law, called the Digital Personal Data Protection Act (DPDPA).

It says large organisations which store data need a dedicated personel called Data Protection Officer to be appointed, who will act as the front line for developing a privacy-first culture at the org. as well as tackle and prevent crisises like data breaches.

This is a very new role for India, even though we do have Chief Information Security Officers (CISOs).

But Afaik, this is a common requirement in GDPR. But how is this role viewed by organisations? Is it a high responsibility role? And one that's quite lucrative to pursue?

Would love to know your thoughts, observations and opinions.

So I recently left a one-star review on Google and Yelp for a business that scammed me out of a lot of money a few years ago when they were just starting/establishing their business.

They have a lot of positive reviews. However, my single review has caused them to doxx me, leaving my full name and location in reply to some of the previous reviews I had left on their Google page (I had to delete those reviews for my safety since Google was no help in deleting the business' reply). Eventually, they just stuck to my name and not my location in their most recent reply to my review. I managed to report the post on YouTube, however, it is still up. I don't have Facebook and my few friends don't care to go out of their way to report it. Somehow they can't, I am not sure how Facebook works anymore. A friend was able to send me a link to the post to report it to Facebook and that is as far as I have gone. I guess it's not the worst thing that could happen.

Any advice is appreciated.

I no longer use Google Chrome because of privacy concerns, but I still have it installed on my laptop. Is it safe to leave Google Chrome installed on my laptop, or should I uninstall it? Will it run and send private information to their servers without my knowledge, even if I don't open it?

It's a bit of a long read, but it's important, I think because, in the US alone, identity theft happens every 22 seconds.

And it’s getting worse:

1. Identity theft is on the rise, jumping 21% in just one year (from 2023 to 2024). More than half of all consumers said their personal information was stolen or misused.
2. Many people experience it more than once—45% of victims said they’d been hit multiple times. Globally, 1 in 100 users were linked to fraud networks in 2024.
3. Fraud rates keep climbing, going from 1.1% in 2021 to 2.6% in 2024, with countries like Indonesia (6.02%) and Nigeria (5.91%) leading the pack.
4. Fraud rates are increasing year by year:

• 2021: 1.1%
• 2022: 1.7%
• 2023: 2.0%
• 2024: 2.6%.

It’s taking a toll on people:

1. Identity theft doesn’t just affect your wallet—it’s also emotionally draining. 95% of victims felt anxious, sad, or frustrated, and 12% even considered suicide.
2. Many feel unsafe after it happens—70% of victims said they felt vulnerable, while others lost trust in the systems meant to protect them.
3. Nearly half (42%) of victims lost trust, peace of mind, or missed important opportunities due to identity theft.

The financial blow:

1. The financial damage can be huge. While 28% of consumers lost under $500, 12% lost over $10,000. Among ITRC victims, 29% reported losing at least $10,000.
2. Small businesses aren’t spared either. 8% of them lost over $1 million to fraud last year, double the previous figure.
3. With only a $1,000 budget, a group of fraudsters can cause up to $2,500,000 in losses in just one month.

Technology is helping fraudsters:

1. Fraudsters are now using high-tech tools like deepfakes. In 2024, deepfake attempts happened every five minutes and now represent 40% of all biometric fraud.
2. AI tools have made it easier to craft phishing scams. Since ChatGPT was launched in 2022, phishing attempts have skyrocketed by 4,151%.

How fraud happens:

1. Data breaches were responsible for 16–28% of fraud cases.
2. Weak passwords contribute to 13–36% of fraud cases.
3. Scammers often go after government-issued IDs. 40.8% of document fraud targeted national ID cards, and digital forgeries are now more common than physical ones.
4. Social media is another big target. Half of all online account fraud involved platforms like Facebook and Instagram, while 42% hit email accounts.
5. Phishing is everywhere—45% of people have received fake emails or visited scam websites designed to steal their information.

Who and what is targeted:

1. Most victims (56%) had their identity stolen by total strangers.
2. Scams like fake tax or unemployment claims accounted for 14% of cases.
3. Industries like crypto, online dating, and online media are top targets. For example, 9.5% of crypto onboarding attempts were fraudulent, and dating sites saw fraud rates of 8.9%.
4. Small businesses are also struggling—only 20% avoided cyberattacks, and 28% faced both data breaches and security hacks in the same year.

Unfortunately, but:

1. Many cases still aren’t resolved. Almost half of victims (48%) said their identity theft problems are ongoing.
2. Breach notifications are becoming more common. 81% of people got at least one notice last year, and 43% received multiple notices.
3. Security measures might not be sufficient—58% of identity theft victims were already using multi-factor authentication before the incident.
4. The situation is similar with other security tools—41% of victims were using lockscreens, 35% had their credit frozen, and 32% never reused passwords for online accounts.

Here are the sources used in this quick analysis:

• Identity Theft Resource Center (ITRC). 2024 Consumer and Business Impact Report on Identity Theft. 2024.
• Identity Theft Resource Center (ITRC). Identity in Practice Report. 2023.
• Identity Theft Resource Center. Biometric Working Group Discussion Paper. Data Alone Can No Longer Be Trusted as the Sole Source of Truth About a Person’s Identity. 2023.
• Onfido. 2025 Identity Fraud Report. 2025.
• Sumsub. Identity Fraud Report 2024. 2024.
• Tiits, Marek, Tarmo Kalvet, and David McBee. Identity Theft and Societal Acceptability of Electronic Identity in Europe and in the United States. 2024.

I think not many people know that, and even if people know they can slip.

Sharing posts/reels/videos from many social media will reveal your profile. Be aware of that when sharing funny link/post to a place you want to stay anonymous such as reddit, twitter, discord servers etc.

This is very unintuitive and people seems to forget that regardless. Notice - even small links without ? Will reveal your profile.

Edit: edit for clarification, yes facebook show your profile even if you remove what after the “?” In the link. Url in the form of facebook.com/share/ABC123 will reveal your profile to everyone clicking on it, for a period of time after creating the link. I cant share a link since i dont want to “doxx” myself.