10 Basic Steps to Digital Privacy


I understand the importance of using a private browser and privacy respecting email service. But:

Lets say in my Gmail, the only thing I receive is random spam, or the only thing I receive is banking and healthcare related emails.

In Google Chrome, or Edge, the only thing I do is log into accounts. No web browsing, no watching Youtube, no research, and no online shopping on those browsers.

These activities don’t reveal too much about my interests and personalities. Receiving spam, doing banking and healthcare, and logging into my accounts, are all activities most people do. Those activities don’t set me apart from the crowd, or give away too much data that can be used for advertising.

Is there something I’m missing? Can I use Chrome and Gmail for these generic activities? I know it all depends on my threat model, but if I’m trying to stop Google from building a sophisticated ad profile about me, are those activities okay? I do prefer the security of Chrome and Gmail.

To be clear, I would use Protonmail and Brave browser for watching Youtube, online shopping, and personal communication with friends, as these activities reveal a lot about my personality.

One of the frustrations about Google’s tracking is that it’s unclear exactly how much data they are collecting and how exactly they are using the data to track. You seem to be assuming that Google’s tracking is purely interest-based. However, we know that targeted advertising goes beyond interests. Medical conditions and financial status can certainly be used for targeted advertising. And while nearly everyone may visit the doctor and have a bank account, not everyone has the same medical or financial portfolio. Google does claim that they no longer use the content of your emails to track you (they used to though, and there is no technical reason they can’t still do so, we just have to take their word). Even so, email metadata contains a ton of information that can be used for tracking. To take a healthcare example: you just started receiving emails from a reproductive specialist? Even without reading those emails, Google knows you are likely pregnant or trying to conceive. If the subject line is included in the metadata Google uses, they have access to even more information. Your bank has sent you an email with “late payment” in the subject line? Google knows your credit score is about to take a dip.

I don’t want to discredit the real security benefits using Google has, the company has an excellent security track record. But given your threat model of trying to prevent targeted advertising-based tracking, I think even using a Gmail account for “mundane” activities gives up more information than you may realize. And while Google’s security record is good, I’m not convinced it is so much better than Proton’s (though I lack the expertise to make the comparison in any serious way).

As you are assuming your are in the largest category in googles categories the “normal” category. If this is true and I bet it is not your going to be targeted as you are.
The way I see it. The only way to not loose is to not play the game.
You mentioned professional use of google. I can understand looking for a job, feeling overwhelmed but who you use for email will probably not make a difference.
I imagine most jobs which require a professional email will supply you with one. I am lucky that mine is nickname.last_name@mycompany.com I only use it for company related emails in fact I am changing the email for 401k and health insurance. Too much cross contamination.

Sorry this off topic.

Hmmm… didn’t think of it this way. Thank you for the insight.

How much data would be revealed about me if I only received spam in my Gmail? I’m assuming not much, if the spam is irrelevant to me.

User tracking isn’t done to send you spam, it’s done to make real time ad auctions. When you go to a website where all the content loads, and 10-15 sec later all the ads load, what’s real time auctions.

This is why they do the tracking, they need to know which user is accessing which ad space, this is what allows them to make the auction.

When you access the website, Google will give your profile to all the bidders, without the profile there couldn’t be an auction all users would essentially be equal in value. The profile is what is known as the audience taxonomy, you can look it up, it shows the type of data typically collected.

It does contain some personal information, but the waste majority is purchase history and purchase intent. They don’t really care about you as a person, all they care about it how likely it is that you are going to make a purchase, that is what determines how valuable you are.

If the account is just for spam emails that are totally irrelevant to you, then I’m not sure how much Google can get from that. But then again, why would you have such an email account?

Im hanging on to my gmail accounts in case i need access to that account to resolve an issue. As well i hope i am blocking some one from connecting my PII to those email accounts and creating the exact gmail account which they are in control of.