Regarding my online privacy and the security of my personal data, I have a very simple model that I use as a rule of thumb. There are two types of data, and the way I manage them helps me use online services more carefully.


The first type is data that I actively want to share because I consider it harmless; sharing it will improve the quality of the service I receive. There are some products and services that I willingly share my data with, because by having access to a controlled set of my data they can actually provide a better service for me. Take, for example, video or music streaming services. Once Netflix gathers some information about the movies I enjoy, they can easily recommend other related or similar movies. Apple Music will check which artists I’m listening to regularly and recommend others that I might like.


The second type of data is absolutely everything else that I do not want to share. It’s important that we are very, very conscious about the types of data we are sharing. Among the data I care the most and definitely don’t want others to access are my private conversations. You probably feel the same way: when you communicate online, you expect the same level of privacy you get when you talk to people in person, but that’s not always the case. Google and Facebook scan your conversations all the time to build a profile about you for their advertisers.


The line between the two types of data gets very thin from time to time, and lots of online services do the limbo dance with it. Uber, the magnificent tap-two-times-and-get-a-car-ride-immediately app used to be a service I liked a lot… until they started collecting your location even while you were not using the app without giving you much of a choice.

Evernote freaked out millions of people a few months ago because they suddenly decided they would start reading private notes in order to “see how people used the service”. They not only allowed their machines to automatically analyze your data; they also wanted their human employees to read your notes. That would be like having an employee at your internet service provider come inside your house and start reading your internet browsing history in order to provide “better service.” (To their credit, Evernote changed this in their Terms of Service after people were extremely upset.)

Given enough data, eventually profiling users is very easy, and let me tell you: the majority of the services you use online have access to all of your data, whether you like it or not.

It usually takes an Evernote-like disaster for people to start being conscious of this, but it’s not that hard to realize that you really don’t want the services you use to have indefinite access to your data. At SpiderOak, we don’t want that either.


The good news is that there are lots of organizations challenging the abuse of data mining and providing services that respect your privacy. This is why we created Semaphor. It’s an online messaging tool that features our No Knowledge privacy, meaning every message is cryptographically secure, and everything is encrypted end-to-end. We are not promising we won’t read your messages. We are guaranteeing that we cannot do it. To learn more about other privacy-friendly tools, check out this list that we put together.

How do you decide what data you want to share with services? Let us know on Twitter!