Data Compartmentalization for Privacy

Data compartmentalization is the key to taking back control of your online identity, protecting your online privacy, and keeping your private data safe. Compartmentalization stems from the assumption that any system, no matter how secure will eventually get breached, nothing is perfectly secure and time …

Data compartmentalization is the key to taking back control of your online identity, protecting your online privacy, and keeping your private data safe.

Compartmentalization stems from the assumption that any system, no matter how secure will eventually get breached, nothing is perfectly secure and time is always on the side of the attacker.

Compartmentalization is all about not putting all your eggs in one basket, you are probably already doing some sort of compartmentalization; you organize our closets (winter clothes in one drawer, summer one in another, different compartments for socks, shoes, gym clothes, etc.), banking (separate accounts for everyday expenses, savings, and emergencies), and so on.

The fundamental idea is to take control of who gets access to what data, so that no one entity has access to all of your personal information, but only to the information that is absolutely necessary for proper functioning.

How to do data compartmentalization?

Compartmentalization is all about separating access to sensitive information from open information, you can do just that by creating “compartments”, where each compartment has its own separate entry, and is completely independent of all other compartments.

It can be done at basically two levels:

Compartmentalization of digital identity

Compartmentalization of digital identity means creating separate containers for different aspects of your digital life, here’s an example of how you can do just that:

  • Professional / Work Compartment
  • Social Media Compartment
  • Personal / Private Compartment

Create compartments that suit your needs, while trying your best to separate those compartments.

Compartmentalization of Service Providers

Compartmentalization of service providers means using different service providers for different services, and not living in an “Ecosystem”; your email provider should not be your search engine, cloud storage provider and vice-versa.

The goal of using different service providers is to minimize the possibility of linking one pool of data to another, so that no one entity has access to your search history, your email, your private files, etc.

How to create compartments?

You can start your data compartmentalization journey by using different browsers for separate compartments: hardened Firefox, Brave Browser and Tor Browser are great picks; both Firefox & Brave lets you create separate user profiles to keep multiple browser sessions separate.

Another great option is to use Qubes OS which implements the security by isolation approach; allowing you to create and manage isolated compartments called qubes that can be based on Fedora, Debian, Whonix, or even Windows.

If doing all of that is a bit tiresome, you can just use a Firefox add-on called Multi-Account Containers that lets you create separate compartments in your Firefox browser.

Alright, with all of that out of the way, here are a few tips to get the most out of data compartmentalization:

  • Switch to Firefox, Brave, and Tor Browser or any of these secure browsers that respect your privacy.
  • Switch to DuckDuckGo, Qwant, SearX or other privacy-respecting search engines that don’t snoop on you.
  • Install privacy add-ons like uBlock Origin, HTTPS Everywhere, Decentraleyes, NoScript to block trackers.
  • Switch to Tutanota, ProtonMail or any of these private email providers that encrypt your mail.
  • Consider using email cloaking services like AnonAddy or SimpleLogin.
  • Switch to an open-source encrypted messaging apps like Signal or Element.
  • Don’t use Single Sign-On (SSO) aka those “Sign in with Google” or “Sign in with Facebook” buttons.
  • Use a secure password manager like Bitwarden or KeepassXC.
  • Turn on two-factor authentication everywhere, and use software or hardware-based 2FA instead of SMS.
  • Take steps to prevent fingerprinting of your devices and browsers.
  • Use Firewalls like NetGuard and block internet access to apps that don’t need it.
  • Always encrypt your data using open-source encryption tools like VeraCrypt.
  • Remove metadata from files before uploading or sharing them.
  • Consider making a switch to privacy-respecting open-source alternatives, check out privacy tools.
  • Use Progressive Web Apps or PWAs instead of regular native apps—you can install a PWA of any website like Facebook, Twitter, Instagram, Uber, etc by opening the website on the browser and then tap on “Add to Home screen”; PWAs work on both desktops and phones, use a separate browser to install social media PWAs.

That’s all folks!

I will be updating this page frequently with more tips and tools about data compartmentalization.

Leave a Comment