78 Comments
User's avatar
R S Clark's avatar

I’m going to have to read this more than once for it to all sink in, but I really appreciate the info you’ve laid out.

MisterFuzzyGuy's avatar

The Permission slip link takes you to the Consumer Reports Page, but be careful. The link "Permission Slip App" on the consumer reports page takes you to https://joindeleteme.com/permission-slip/ which will try to upsell you a the paid delete.me service

Mark Ramm's avatar

When I published "Make Yourself Expensive) https://transparencycascade.org/resources/data-footprint/ my #1 free recommendation was Permission Slip — the Consumer Reports opt-out app.

Within hours, readers flagged something I'd missed: **on May 28, Consumer Reports handed Permission Slip to DeleteMe — a paid service.** The free app I recommended is now a funnel to a subscription.

If you use it, decline the "PLUS" upsell.

Mark Ramm's avatar

Good point!

Mark Ramm's avatar

I have updated the article.

Jeri's avatar

I went straight to the Play Store and installed it, read the user agreement and it said it will charge you. So I uninstalled it.

Mark Ramm's avatar

There is still core free functionality, but you are right the DeleteMe operating acquisition opens a real hole in this advice. I am thinking about how I can best help. Perhaps we need an actually free version.

Dorian's avatar

The most important line here is not “protect your privacy.”

It is “make yourself expensive.”

That turns privacy from a moral slogan into a market structure problem.

Data brokers win because the marginal cost of harvesting, matching, and reselling a person is close to zero. The state can then buy what it would otherwise need to legally compel.

The counter-move is not purity. It is margin pressure.

Remove records. Break identity links. Reduce metadata. Poison confidence. Make the dataset less clean, less complete, and less cheap to use.

Surveillance is a volume business.

Resistance starts by ruining the unit economics.

Mark Ramm's avatar

Exactly! "The whole apparatus runs on volume economics: collect everything, sell it in bulk, keep the marginal cost of each record near zero. That’s the weakness. You don’t have to make the surveillance machine blind. You just have to make it expensive."

Cranky Grandma's avatar

Thank you. Thank you for sharing this information and putting it all together for us. I've been on Proton for 2 years, eliminated use of Google apps, and use Duck Duck Go, and thought that might be enough, but sensed there was more to do.

Steven Morrison's avatar

Your work here is MUCH appreciated. Thank you.

Sheryl Allen's avatar

Thank you for this information I to will have to re-read or get some help with some of it but truly appreciate all you have stated in your sub stack

Amelia Colwell's avatar

Thank you for this info! Super helpful. A potential caveat for Signal: the government used Signal chats for an indictment of protestors/activists recently: https://www.mprnews.org/story/2026/06/17/ice-protester-charges-attorneys-activists-react

Mark Ramm's avatar

Yes, none of this prevents all attack vectors. Signal chats are encrypted, but the metadata is not. In the EU, Proton, which has the same vulnerability, has turned over metadata that exposed patterns of communication of activists.

There is no silver bullet, but there are actions we can take to make ourselves harder to track, more expensive to manipulate, and that matters at the personal scale, and if we do it together it matters at the societal scale.

Matthew D Aucoin's avatar

Kash Patel is a remarkable coward and an absolute whore.

Rachel Cadiz's avatar

Useful guidance with the additional benefit of decreasing the need for data centers- every broker is storing redundant bytes…

Alan Williams Cass's avatar

Greatly appreciate your work.

I have begun my “clean-up”

Thank you,

Sarah Lee's avatar

My oldest took a cyber security class in high school and has since become hyper vigilant in managing his online presence. He's since started helping me. I navigated to Proton but am still extricating myself from Google. Also switched to Vivaldi as a browser. Apps are the hardest because so many are convenient. It's definitely a process but better to just start somewhere and keep going!

Sara's avatar

I’m in the process of switching from Gmail to proton now. I’m confused, are you recommending Proton mail? Or not?

It seems like it’s better than Google because it’s not reading all of your content all the time by default. But if a government agency went to them to ask for your info specifically, they would give it to them? But wouldn’t every other email service as well?

Mark Ramm's avatar

Right — every provider can be compelled to give up metadata (to/from, timestamps, and with Proton, subject lines and any recovery email/IP they're ordered to log). The difference is the body. Google can read and hand over what you actually wrote; Proton mathematically can't, because they don't hold the keys. So it's not "nobody can ever touch your data" — it's "the contents are off the table, and the metadata request has to go through Swiss courts and be specific." For most people switching off Gmail that's a large, real upgrade. Just don't put anything in a subject line you'd hate to see in a warrant.

Sara's avatar

Thank you! This all so helpful.

Fran Macadam's avatar

But if you correspond with those who have gmail, your correspondence is exposed in their emails read by Google.

Fran Macadam's avatar

But if you correspond with those who have gmail, your correspondence is exposed in their emails read by Google.

Sara's avatar

Yes. It’s such a crazy game we have to play.

Cora Tait's avatar

Apparently proton VPN doesn’t log traffic. It’s essential in a lot of countries now (such as the uk) so Americans should be aware they may need one very soon

Dru Ish's avatar

Thanks so much for this.

Just to let you know, the “Consumer Reports found 12 of 16 VPNs made misleading claims like “complete anonymity.”” link is not working. I’d love to read what you were linking to

Chopinsheart's avatar

This approach is the best of America; my dad never went to the university but taught himself smart investing enough to secure a good retirement for himself. He did not accept the limitations of retirement pay from his manual job. No one could believe someone like him could figure it out; but he did. What you’ve posted here is pretty amazing. I’ll subscribe/pay as soon as I can.

Mark Ramm's avatar

Your dad sounds like exactly the kind of person this is written for — someone who didn’t accept that the system’s complexity was a reason to stay out of it.

That’s the whole argument of the piece: the surveillance economy counts on people assuming it’s too complicated to fight. It isn’t.

Thank you for sharing that, and no rush on the subscription — the free version is always here.

LCJ's avatar

How about Brave browser? I also heard DuckDuckGo is no longer as secure?

Mark Ramm's avatar

Duck Duck Go did have an incident where they allowed Microsoft trackers, but after public pressure they have since reversed course and blocked them. So, the track record is not perfect, but at least they are better than Google and Bing.

A.J.'s avatar

I use Vivaldi. Any issues you're aware of?

Mark Ramm's avatar

Vivaldi is a genuinely good choice — strong built-in blocking, no telemetry, privacy-focused team. The one caveat is it’s Chromium-based, which keeps Google’s engine dominant, but as a practical daily browser it’s solid.

Mark Ramm's avatar

On Brave: I covered it in the piece with some reservations. The built-in blocking is aggressive and effective, but it has baggage — it was caught silently inserting its own affiliate codes into crypto-exchange URLs users typed, and it runs a cryptocurrency rewards scheme. The privacy protection is real; the business model around it gives some people pause. If you’re not doing anything crypto-adjacent and you’re aware of the tradeoffs, it’s a reasonable choice. Just go in with eyes open.