Online tracking has become the default. Every click, search, and interaction feeds into a system that collects, stores, and profits from our behaviour—often without our clear consent. What used to be personal is now packaged into data. And what used to be private is increasingly up for grabs.
Some people say, “If you’ve got nothing to hide, you’ve got nothing to fear.” But that assumes the only reason for wanting privacy is guilt. It ignores the fact that privacy is about boundaries, not wrongdoing. We draw curtains. We lock our phones. We don’t publish our bank statements for good reason. Wanting privacy isn’t suspicious. It’s human.
In this post, I want to explore what it means to protect your identity online—and why it matters. This isn’t a manifesto, and it’s not a guide full of scare tactics. It’s a look at what’s happening, what we’re giving up, and some of the tools and ideas I’ve found that might help push things back in the other direction. The goal isn’t perfection. It’s awareness. And maybe a shift—from being passive participants in surveillance culture to becoming more deliberate in how we engage with it.
Why Online Privacy Matters
We often talk about convenience when it comes to the internet. But what we rarely acknowledge is the cost—and for many, it’s privacy.
Each time we go online, something is collected. Not just the obvious things like names or email addresses, but location data, search history, habits, patterns, even pauses in scrolling. These aren’t isolated pieces of information—they’re connected, analysed, and used to predict behaviour. That prediction becomes influence. And that influence becomes control.
When privacy is eroded, autonomy follows. Without even realising it, our decisions begin to reflect what the algorithm wants us to see or do—not what we actually need or choose on our own. That’s not just a technical issue. That’s a human one.
Beyond the personal implications, there are structural ones. Entire industries are built on profiling. Surveillance isn’t just happening at a state level—it’s commercialised. The global digital advertising industry is projected to surpass USD $870 billion by 2027, with tech giants like Google and Meta collecting behavioural data across millions of websites and apps to power their targeting engines.
[Source: Statista – Global Ad Spend]
This isn’t happening on the fringe—it’s the business model. In Australia, concerns have been raised over how companies collect and share consumer data without sufficient transparency. The Australian Competition and Consumer Commission (ACCC) has called out Google and Facebook for what it describes as “opaque” tracking practices that leave users with little meaningful choice.
[Source: ACCC Digital Platforms Inquiry]
And while this can sound abstract, the impact is personal. In 2017, a schoolteacher in the U.S. resigned after district officials discovered she’d searched for mental health support on a school device—highlighting how private searches can become professional liabilities.
[Source: NBC News]
Here in Australia, domestic violence support organisations have raised concerns about how abusers can track victims using location data embedded in apps, photos, or social media posts—sometimes without the victim even knowing it’s happening.
[Source: eSafety Commissioner]
Privacy gives us space to think, to learn, to change our minds. Without it, we live in reaction. With it, we gain the ability to move with intention.
Misconceptions About Privacy Advocates
One of the most persistent myths about privacy is that only people with something to hide care about it. It’s a simple line—“if you’re not doing anything wrong…”—but it’s built on a false assumption: that privacy and guilt are somehow connected. They’re not.
Privacy isn’t about hiding. It’s about choosing what’s shared, when, and with whom. That’s not secrecy. That’s self-governance. We don’t question someone for drawing their curtains or choosing not to broadcast every detail of their life. But online, the moment someone uses a VPN or disables tracking, they’re often seen as paranoid—or worse, suspicious.
Privacy Is Not About Hiding Anything – Mozilla Foundation
It’s a misunderstanding of what privacy actually protects. For journalists, whistleblowers, or people in vulnerable situations, privacy can be a matter of safety. But even outside those contexts, the right to privacy is foundational. It supports freedom of thought, expression, movement, and association. It’s not a luxury or a loophole—it’s a prerequisite for a functioning democratic society.
In truth, people who take steps to protect their privacy are often more aware, not more secretive. They’ve noticed the quiet expansion of surveillance and are choosing not to go along with it unquestioningly. That’s not paranoia. That’s awareness.
A great resource worth checking out is Why Metadata Matters – Electronic Frontier Foundation.
How Your Data Is Collected
Most people understand that websites collect some information. But what’s less visible—and often less understood—is just how far that collection goes, and how little control we have over where the data ends up.
Let’s start with cookies. Not the kind you accept out of habit, but the ones that quietly follow you around the internet. Many websites include third-party cookies—tiny bits of code from other companies embedded in the page. These often come from services like Google Analytics or Facebook’s Like/Share buttons. When loaded, they drop trackers into your browser that stay with you as you browse other sites. This allows companies like Google and Meta to monitor your behaviour across multiple domains, even if you’re not logged into their platforms.
[Source: Electronic Frontier Foundation – How Tracking Pixels Work]
In practice, this means visiting a news site or online store that uses a Facebook plugin can inform Facebook about your activity, allowing them to target you with ads elsewhere. The same goes for Google, whose advertising reach covers over two million websites and apps.
[Source: ACCC Ad Tech Inquiry Final Report]
Then there are mobile apps. Many request permissions that go well beyond what’s needed to function. A simple flashlight app might ask for access to your location, microphone, or contacts. Once granted, that data can be sold to brokers, embedded in advertising networks, or passed on to other services—often without you ever knowing where it ends up. In one audit, the Office of the Australian Information Commissioner (OAIC) found that many apps failed to explain how they collected and shared personal data, breaching Australian Privacy Principles.
[Source: OAIC Mobile App Privacy Assessment]
Even when apps or websites say your data is “anonymised,” that protection is often superficial. Researchers have shown that it only takes a few pieces of behavioural data—location, time, activity—to re-identify individuals with surprising accuracy.
And while content might be encrypted, metadata is usually not. This includes who you talk to, when, how frequently, and for how long. Law enforcement agencies and third parties often rely on this metadata to infer personal connections and habits.
Beyond that, device fingerprinting goes even deeper. By combining details like your browser version, screen size, system fonts, and time zone, websites can create a unique fingerprint of your device—allowing you to be tracked even without cookies.
[Source: Panopticlick – EFF’s Tracking Test]
Individually, these methods may seem insignificant. But combined, they form a detailed profile—one that can follow you across platforms, across devices, and even across years. And most of the time, you won’t know it’s happening.
Tools and Alternatives to Protect Your Identity
Choosing to protect your identity online isn’t about escaping from the world. It’s about being more conscious of how you move through it. The goal isn’t to become invisible—it’s to reduce unnecessary exposure, regain control, and decide what parts of your life you want to leave open, and what you don’t.
Below are some of the tools and platforms that support that kind of choice. None are perfect, and not all will suit everyone. But they exist to offer a different way forward—one where you’re not just the product.
VPNs (Virtual Private Networks)
VPNs encrypt your internet traffic and mask your IP address. This prevents your internet service provider, public Wi-Fi operators, or websites from easily tracking where you go online.
Services like ProtonVPN (which has a strong free tier), Mullvad, and IVPN don’t require identifying information and have clear privacy policies. In contrast, many free VPNs have been found to log and sell user data.
[Source: CSIS – The Hidden Dangers of Free VPNs]
Privacy-Focused Browsers
Most mainstream browsers allow extensive tracking by default. Privacy-first browsers block much of that before it ever loads.
Brave Browser includes built-in tracker and ad blocking, while Firefox (with extensions like uBlock Origin and Privacy Badger) allows more granular control. LibreWolf is a hardened fork of Firefox that removes telemetry altogether. Take note that this is not just about Ads. It is about these websites also harvesting data from your website history, cookies and pretty much anything else they can get their hands on that will fetch a profit. Simply by switching to a privacy focused browser can help you take back a lot of control with very little effort on your part.
Search Engine Alternatives
Search is one of the most tracked online behaviours. People default to using search engines provided as part of their browser which can include Google and Bing. As an alterative, search engine services like DuckDuckGo and Startpage offer private search results without storing your queries or building a profile.
Startpage even proxies Google results anonymously which gives you Google results w ithout the tracking. The trade-off is that results may be less personalised—but that’s often the point.
Encrypted Email and Aliases
Mainstream email platforms scan messages for advertising purposes or behavioural data. These services have clauses in their contracts that allow them to scan your email and online storage for security purposes which can be used to lookat whatever, whenever. In comparison, privacy-focused providers like Proton Mail and Tutanota encrypt messages and store them in jurisdictions with stronger data protections.
If you don’t want to switch providers, tools like SimpleLogin let you create throwaway email aliases you can deactivate at any time.
Secure Messaging Apps
Apps like Signal and Session offer end-to-end encryption by default, with minimal metadata retention. Session goes further by not requiring a phone number and routing messages through a decentralised network.
These tools aren’t yet mainstream, but they offer strong protection without the data harvesting baked into larger platforms.
DNS Filtering
Every time you visit a website, your device performs a DNS lookup and provide your current IP address and what you are looking for. This information is stored for a set period defined by the DNS lookup provider. Services like NextDNS, ControlD, and AdGuard DNS intercept these requests and block known trackers, ad servers, and malware domains.
This can be set up on individual devices or network-wide via your router.
Private Operating Systems
If you want to go further, privacy-focused mobile systems like /e/OS, GrapheneOS, or CalyxOS offer Android-based experiences stripped of Google’s infrastructure.
These are best suited for people already comfortable with tech, but they represent what’s possible when privacy is the default—not the exception. Keep in mind that some apps may rely on certain Google services being active on the device however not having apps that rely on Google is the point.
The Trade-Offs: Convenience vs Control
Convenience is one of the main reasons people don’t think twice about privacy. And in fairness, the systems we rely on are designed that way. Logging in with Google is easier than creating another password. Syncing across devices is seamless when you stay within one ecosystem. Letting your browser autofill every field saves time—but convenience comes at a cost.
Many of the tools we use daily weren’t built to serve us—they were built to extract value from us. The more frictionless the experience, the easier it is to hand over information without noticing. And the more interconnected our accounts become, the harder it is to pull back later.
There’s no denying that privacy tools can introduce complexity. VPNs may slow your connection slightly. Some websites don’t load properly when trackers are blocked. Using email aliases or encrypted messaging might feel like overkill in day-to-day life—but what you trade in convenience, you gain in control.
You get to decide who sees what, when, and why. You start to notice how the system operates. You become harder to profile—not because you’ve disappeared, but because you’re no longer participating in the same predictable patterns.
The shift doesn’t need to be dramatic. It can start with one change—a new browser, a different search engine, turning off permissions you didn’t realise were enabled. Each adjustment is a small act of resistance against a model that treats privacy as optional. Over time, those small acts add up.
What You Can Do Today
You don’t have to overhaul your life to take back some control. Privacy isn’t an all-or-nothing equation. It’s a slow, deliberate process of noticing, adjusting, and deciding where your boundaries are.
If you’re not sure where to begin, here are a few simple shifts that can start to make a difference:
Switching from Google Search to something like DuckDuckGo or Startpage stops your search history from being logged and tied to a profile. You may notice different results—but that’s part of the point.
Using a browser like Brave or a hardened version of Firefox with extensions like uBlock Origin can cut down on trackers and ads before they ever load. It won’t change the way you browse—but it will change what’s collected while you do it.
Installing a password manager like Bitwarden helps break the habit of reusing passwords across sites. Strong, unique passwords are one of the simplest defences against account leaks.
Try an encrypted messaging app like Signal or Session for one conversation—maybe with a friend who’s curious too. You might find the experience more ordinary than expected.
If you’re not ready to install anything, just revisit your app permissions. Does your notes app really need access to your camera? Does your weather app need your precise location 24/7? Turning off what isn’t needed is a quiet but powerful act.
And if all else feels overwhelming, start by asking more questions:
Why is this app free? Who benefits from this feature? What am I agreeing to?
That kind of awareness is where privacy begins.
Final Thoughts: Normalising Privacy
Wanting privacy isn’t strange. It isn’t suspicious. It isn’t extreme. It’s reasonable.
And yet, for some reason, choosing not to be tracked or profiled is often seen as a statement—like you’re hiding something, or overreacting, or opting out of something you’re meant to accept. But the idea that our behaviour should always be visible, traceable, and monetised—that’s the more radical position. We’ve just been taught to see it as normal.
Protecting your online identity isn’t about disappearing. It’s about creating space. It’s about keeping something for yourself. It’s about knowing who’s watching, and deciding when that matters. That’s not about being afraid. That’s about being aware.
And the more we treat privacy as a right—not a workaround, not a protest, not a niche preference—the harder it becomes to erode. We set a standard just by choosing differently.
You don’t need to do everything. You don’t need to get it perfect. But the more conscious we are in how we connect, the more we remind the system—and ourselves—that we are not just data points to be harvested.
We are people. And some things are worth keeping.