top of page
Search

Privacy Chapter 13 — Advanced Privacy Techniques: DNS, Encryption, NAS, Backups & AI Safety

  • Writer: Pallav Avatarit
    Pallav Avatarit
  • Nov 13, 2025
  • 8 min read

Updated: Nov 25, 2025



Let’s dive into some advanced privacy tips that can significantly enhance your digital security. These tips will cover secure data storage, file and media management, DNS options, alternatives to Google Photos, personal media storage using NAS, the 3-2-1 backup rule, and safeguarding against AI-driven data collection. While these might seem a bit advanced, I’ll explain everything in simple terms so you can easily understand and implement these tips.


Secure Data Storage and File Management:


End-to-End Encrypted Cloud Storage:

Storing your data in the cloud is convenient, but not all cloud storage services are created equal. Many popular services, like Google Drive and OneDrive, can access your data because they don’t use end-to-end encryption. This means your files are only encrypted on their servers, but they have the keys to decrypt them.





Why This Matters: Imagine your confidential documents or private photos falling into the wrong hands due to a data breach. With end-to-end encryption, your files are encrypted on your device and only decrypted on the recipient’s device, ensuring that no one else, not even the service provider, can access them.


Recommendations:

- Proton Drive: A secure cloud storage solution that uses end-to-end encryption.

- Tresorit: Another excellent choice for secure, encrypted cloud storage.


Cryptomator:

For those who prefer to stick with their current cloud service but want to add a layer of security, Cryptomator is a fantastic tool. Cryptomator is a free, open-source application that automatically encrypts and decrypts the data you send to the cloud. This means you can use any cloud service you like, but your files will always be protected.


Why This Matters: Using Cryptomator ensures that your data is secure regardless of the cloud service you choose. It encrypts your files on your device before they are uploaded, meaning that even if someone accesses your cloud storage, they won’t be able to read your files.


Secure DNS Options:


What is DNS?


Think of DNS (Domain Name System) as the phone book of the internet. When you type a website address into your browser, DNS translates it into the IP address of the server where the website is hosted. Most people use the default DNS provided by their ISP (Internet Service Provider) or Google’s DNS.


Why This Matters: While these default DNS options are secure against cyberattacks, they are not very private. Your ISP or Google can see every website you visit, which can then be used to build a profile on you, track your online behavior, or even sell your data to advertisers.


Secure DNS Alternatives:

- Cloudflare DNS (1.1.1.1): Known for its speed and privacy, Cloudflare doesn’t log your IP address and has strong security measures.

- Quad9 (9.9.9.9): Focuses on privacy and security, blocking access to known malicious sites and not logging your data.


Alternatives to Google Photos:


Why Move Away from Google Photos?


Google Photos is convenient, but it’s another service where your data can be accessed by the provider. Google uses your photos to improve its AI and for other purposes, which means your private images are not as private as you might think.


Secure Alternatives:


- Apple Photos with Advanced Data Protection: While Apple Photos by default is not that better as compared to Google Photos, Apple now offers end-to-end encryption, meaning your photos are only accessible to you and no one else, not even Apple.

- pCloud and Ente Photos: Secure cloud storage services that offers end-to-end encryption for your photos.


Personal Media Storage Using NAS:


What is NAS?


NAS (Network Attached Storage) is like having your personal cloud storage at home. It’s a device connected to your home network where you can store and access your files.


Why This Matters: By using NAS, you move away from third-party cloud storage, taking full control of your data. This means your documents, photos, movies, and series are stored securely in your own home, reducing the risk of breaches and unauthorised access.


Recommendations:

- Synology NAS: Synology offers user-friendly NAS devices with robust security features, allowing you to create your own secure, private cloud.


Streaming Media


While Netflix, Prime Video, and Disney+ are super convenient, they come with a price — and not just the monthly bill. These platforms track what you watch, when you watch, and how long you watch, building detailed profiles that can be linked across devices. In 2025, they’ve also become a nightmare for everyday users: rising subscription costs, shrinking catalogs, and even ads in paid plans.


If you’re tired of paying more to watch less, consider building your own streaming library. Tools like Plex, Jellyfin, or Emby let you host your own media server — storing movies and shows on a hard drive or NAS — and stream them to any device at home (or even remotely). You get complete control over your content with zero tracking, no surprise removals, and no ads.


Privacy Tip: Use your Synology NAS or any old laptop as a media server. With Plex or Jellyfin, you can stream your own collection just like Netflix — but without being watched while watching.


Self Hosting: Taking Back Control of Your Data


Self-hosting is one of the most powerful ways to reclaim privacy and digital independence. Instead of relying on Big Tech cloud services, you run applications on your own hardware—at home or on a small server—giving you full control over your data, uptime, configuration, and security.


What Self-Hosting Can Do:With self-hosting, you can replace many cloud services with private, local alternatives. Common use cases include:


  • Ad-blocking & network privacy: Tools like AdGuard Home and Pi-hole let you filter ads, trackers, and malware at the DNS level for every device on your network.

  • Remote secure access: Tools like Tailscale allow you to create a zero-config, encrypted mesh VPN so you can securely access your home services from anywhere.

  • Reverse proxy & SSL: NGINX Proxy Manager (NPM) or Traefik help you securely expose select services to the internet with HTTPS and domain-based routing. You don't have to remember 192.168.1.1:3000 ; you can simply give this a name.

  • Personal dashboards: Tools like Homer, Heimdall, or Dashy help you organize and access all your self-hosted apps from one clean interface.

  • Media servers: Plex, Jellyfin, or Emby allow private, on-demand streaming of your own content without ads, tracking, or removals.

  • Backup & sync: Services like Syncthing, Nextcloud, or Immich give you private alternatives to cloud file storage and photo storage.


Why It Matters:Self-hosting reduces reliance on third-party platforms, minimizes data exposure, and gives you true ownership of your digital life. Because your data never leaves your environment unless you choose to expose it, the privacy advantages are enormous.


What You Need to Get Started:

  • A basic NAS, mini-PC, or an old laptop

  • A stable internet connection

  • Docker or Docker-Compose (optional but recommended)

  • A domain + DNS provider if you want remote access

  • Time, curiosity, and patience


While self-hosting requires maintenance and basic technical skills, it is one of the most effective long-term strategies for privacy-conscious users. Even running just one or two services (like ad-blocking + Tailscale) can meaningfully improve your privacy. We will discuss self-hosting in detail in future blogs.


The 3-2-1 Backup Rule:


To ensure your data is safe from loss, follow the 3-2-1 backup rule:

- 3 Copies: Keep at least three copies of your data.

- 2 Different Media: Store the copies on at least two different types of media (e.g., external hard drives, cloud storage).

- 1 Offsite: Keep one copy offsite (e.g. NAS).


This strategy helps protect your data against various risks like hardware failure, theft, and natural disasters.


Privacy-Focused Keyboards:


When it comes to mobile devices, the keyboard you use can significantly impact your privacy. Let's explore the privacy aspects of the most popular keyboards and discuss some privacy-focused alternatives.


Google Keyboard (Gboard)


Gboard comes pre-installed on most Android devices. It’s feature-rich, offering excellent predictive text, voice typing, and integrated search. However, these conveniences come at a significant cost to your privacy. Gboard collects a substantial amount of data, including everything you type, which is sent back to Google for analysis and improvement.


Privacy Concerns: Google’s business model relies heavily on data collection. By using Gboard, you’re allowing Google to access your typing habits, personal conversations, and search queries. This data is not only stored but also analysed to build detailed profiles on users, which can be used for targeted advertising and potentially shared with third parties. Essentially, every keystroke is monitored, putting your privacy at risk.


Microsoft SwiftKey


SwiftKey is another popular keyboard available for both Android and iOS. It offers advanced predictive text, multilingual typing, and swipe typing. However, like Gboard, SwiftKey collects data to improve its predictions and user experience.


Privacy Concerns: SwiftKey, owned by Microsoft, also gathers data on your typing habits. While Microsoft has strong privacy policies, the collection and analysis of your data still pose significant privacy risks. Every word you type is recorded and sent to Microsoft servers, where it can be stored and analysed. This means your private messages, passwords, and other sensitive information are potentially accessible to Microsoft.


Apple Keyboard


Apple’s Stock Keyboard is the default on iOS devices. It’s known for its simplicity and reliability but lacks several features found in third-party keyboards:

- No swipe typing (introduced in later versions but not as advanced as competitors)

- Limited predictive text capabilities

- No integrated search

- Less customisation options


Privacy Advantage: Despite its feature limitations, Apple’s keyboard is a better option privacy-wise. Apple prioritises user privacy and ensures that your typing data is processed locally on your device rather than being sent to cloud servers. This means your private conversations and personal information are not accessible to Apple, making it a more secure choice compared to Gboard and SwiftKey.


Privacy-Focused Alternative


For those seeking more privacy, here are some alternatives:


Typewise: Typewise is designed to offer a high level of privacy by processing data locally on your device rather than in the cloud. It features a unique hexagonal keyboard layout, which has a learning curve but can be more efficient once mastered. However, it doesn’t support all languages, which can be a limitation for some users.


Fleksy: Known for its speed and customisation, Fleksy has a strong privacy policy, ensuring that your typing data is not collected or stored.


Grammarly Keyboard: While Grammarly focuses on improving your writing, it has a clear privacy policy and does not store your data after analysing your text for grammar and style improvements.


The Importance of Choosing a Privacy-Focused Keyboard


Using keyboards like Gboard and SwiftKey might seem convenient, but the trade-off is your privacy. Every keystroke, whether it’s a personal message, a search query, or even a password, can be monitored and analysed. This data collection poses significant privacy risks, making it essential to consider more privacy-focused alternatives.


Choosing a privacy-focused keyboard ensures that your data stays on your device and isn’t sent to external servers for analysis. This reduces the risk of data breaches, unauthorised access, and profiling by companies.


The Rise of AI and Implications for Personal Privacy:


As AI technology continues to advance, companies are using vast amounts of data to train their AI models. This data often includes personal information collected from various sources, including your browsing history, emails, social media activity, and more.


These days, AI assistants like ChatGPT can make everyday tasks easier—drafting emails, summarizing articles, planning trips—but they often send your private data to big tech servers. Fortunately, there are two highly private AI options that keep your data safe:


- Host your own LLM: If your system can handle local AI models like Mistral, Deepseek or Gemma, you can use LM Studio or other UI based applications to run your own LLM without internet.

- Use a truly private online AI: Proton’s new assistant Lumo stores data with “zero‑access” encryption, which means even Proton can’t read your chats or use them for training AI. Apart from that you can use Brave's Leo Assistant to answer your queries privately.





Comments

bottom of page