I am one of the few people who have the luxury, the time and the knowledge to run most of his cloud based services for family and friends at home. While this is the most private setup for personal data and communication, not everyone who wants his private data not to be in the hands of globally dominating surveillance capitalism companies does have this luxury. But there are many options for privacy focused people even if they can’t run cloud services on their own. As I keep being asked what I’d recommend, I thought I’d put together a post on how to have as much control over your privacy and your data as possible while not hosting the required servers (‘the cloud’) at home.
A Hosted Private Cloud For Almost Everything
The central hub for my core cloud services is my Nextcloud server at home. It offers secure and private file exchange, calendar and address book synchronization across all my devices and also collaboration tools like an online office to work on documents and a video conferencing system. In other words, I use it for pretty much everything except email and mobile messaging. So finding a solution of using Nextcloud without a server at home will already cover most people’s needs. Fortunately, many small and medium sized hosting companies these days offer managed Nextcloud instances for little money. I did a quick search and came up with more than I can count, even though I only focused on German hosters. Here, here, here, here, here and here are just some examples. Some of them even offer free basic accounts, mostly for testing purposes with little storage, so it’s easy to find out if their service is the way forward for you. Unlike big global companies that offer services for free in exchange for exploiting your private data, a managed Nextcloud instance with meaningful storage of 100 GB or more costs some money. But offers start at less than 3 euros a month for up to 10 users and even if you need a terabyte of storage for your Nextcloud instance, prices are still affordable, especially if the cost is split between several users.
Nextcloud also has an email add-on and many hosting companies offer email service in addition to Nextcloud. That’s an excellent combination and also removes your account from the few global email hyper-pools. For those who would like even more confidentiality and privacy, there are dedicated email providers such as Posteo and Tutanota. I don’t use them personally as I have my own email server for internal email, but I’ve heard from people that use them that they really like it.
Messaging
Which brings me to one more cloud based service I use heavily: Mobile messaging and voice calling. If you don’t want to run a messaging server at home, you can always get an account at one of the many free Jabber servers on the Internet and then use end-to-end encrypting programs such as ‘Conversations‘ on Android or ‘ChatSecure’ on iOS. Between Conversations clients, end-to-end encrypted voice and video calling is possible and I use it on a daily basis, both over Wifi and over LTE. A great experience! Getting a Jabber account takes a bit of effort. If that’s too much for someone I recommend using ‘Quicksy‘ from the F-Droid or Android Play store. ‘Quicksy’ is a ‘Conversations’ variant from the same main developer and comes with a Jabber server, a link to the user’s phone number and auto-detecting contacts from the address book. That’s not as private as running a Jabber server at home or signing up to a public Jabber server, but a good compromise for some people. And above all, Quicksy is not in the game for the data but for privacy.
An Operating System You Can Trust
And last but not least, we also need to talk about operating systems. Running Windows on a PC counteracts all attempts to keep your data private, as you as the user are no longer in control what kind of data the operating system collects and sends off to its owner. Yes, owner, because you don’t own a copy of Windows, you are just ‘allowed’ to use it. Apple products perhaps range a bit better on the privacy scale, but if you really want to regain digital sovereignty, a Linux OS such as Ubuntu or its derivatives is a good choice on the PC. It’s easily installed these days from a USB stick and one can get help in many places if one is scared to take this step.
On the mobile end of things, it’s a bit more difficult to re-gain control. The first step to take is to remove the Google ID on the device or, when getting a new device, not registering one in the first place for it. Google still sends telemetry home but it’s better than nothing. This step looses you access to the Google Play store and you have to go for alternatives. A good alternative is the F-Droid store, which offers free and open source applications you can trust. And in case something is missing, the Aurora-Store app you can download from the F-Droid store gives you access to apps on the Google Play store as well without the Play-API getting a Google ID. And if you are a bit more adventurous, you might want to go for an Android smartphone that can be flashed to LineageOS. That’s a bit harder to do and perhaps a bit scary as well if you do it for the first time, but it’s the only way to cut all your ties with Google on the mobile device.
So here we go, these are my suggestions. Start small and work your way down the list as you go to reclaim more and more sovereignty again for yourself and your data!
Of course it requires a little learning, but if you can spare the 3€ a month for a decent VPS, and the 5€ a year for a domain name, getting Nextcloud and XMPP messenging (and so much more) up and running can be done relatively easy and comfortable using Yunohost. There is also Freedombox, but I haven’t tried it myself yet.
I know complexity is the reason why those fancy centralized solutions like Facebook, WhatsApp, Twitter, G-Suite, Dropbox and whatnot are so famous, but gaining Digital Sovereignty imho apparently means doing things sovereignly… so you need to learn things… just like you need to learn to drive if you don’t want to use public transport 😉