5 min read

Finding your threat model

Finding your threat model

Defining your threat model is an important factor when it comes to navigating privacy. It acts as a target for you to work towards, gives direction, and places boundaries to work within to ensure you aren't spending time, money, and effort in ways that don't make sense for you. Because of that, it should be the first thing you decide on before you implement any privacy advice you see on forums, blogs, books, or what you see here on CupWire.  

There's no reason to spend time trying to learn how to set up and use Qubes or spring for an anonymous LLC because someone said that's what you have to do or else you aren't private and should give up.  For many people, all they want to do is to mitigate as much of Google's data collection as possible and that doesn't require the same playbook as a journalist writing about their oppressive government in a hostile country.

Like many things, people have differing opinions on what threat level certain things fall into but there's a few tiers that will give perspective about what it takes to reach certain breakpoints.  The goal for 99% of people is not to be completely anonymous, nor should it be.  Privacy is about controlling what information we want others to see.

To help illustrate the difference between private and anonymous, here's an example.

Private = knowing Bob uses Signal but not knowing what Bob is saying
Anonymous = not knowing Bob is using Signal at all

People tend to use those two words interchangeably when talking about privacy and it misleads a lot of new people in regards to what is and isn't necessary.  Some people care about being completely anonymous, especially when it comes to enthusiast forums, but most just don't want corporations stealing and abusing their data, and for good reason.

Most people don't care that someone knows they use ProtonMail. They care that ProtonMail isn't scanning and storing all of their emails and content to build profiles on them to later sell to the highest bidder or use it for targeted advertising.

With that said, we can't always have our cake and eat it to. Using GMail won't be private regardless of the app, VPN, or device you use it on. Same thing with Facebook, Discord, and many other popular services. These types of things are flawed at their core and using some kind of shell isn't going to stop the data collection.

For some, that's fine. For others, it's unacceptable. Everyone has a different tolerance about what is and isn't acceptable to them and that's okay. Just because someone doesn't have the same threat model as you does not make them wrong.

Below are what I believe to be the 4 major tiers and some examples of things we'd see people doing to land in them. This is not an exhaustive list, so don't believe that if you do these five or six things that you'll be 100% protected. This is merely to outline general threat models so you can get a better idea of what level of privacy you'd like to aim for and what it takes to get there. The further you go up the ladder, you begin to migrate from privacy over to anonymity.

1. I want to keep my information private from friends and family

This is straight forward and doesn't require any real change in your day to day habits. Putting a password on your phone and computer will keep digital information private. Not giving your friends your debit card or ID will help with the in real life (IRL) side. Generally, you most likely already do everything necessary to keep your information private from your friends and relatives.

Examples of actions in this tier:

  • Securing your phone/computer with a passcode
  • Not giving/lending your debit/credit cards to other
  • Not giving/lending your IDs to others
  • Not checking in (location wise) on social media and other services
  • Not signing into your personal accounts on devices you don't own

2. I want to keep my information private from corporations

This tier is where a healthy portion of people want to be, and should be, aiming for in some capacity.  This tier is also the one that has the largest amount of actions that could and/or should be taken.   Tier 2 requires moving away from the services provided by the Big 5 (Google, Facebook, Amazon, Microsoft, and Apple) and switching to options that either specialize in privacy or are used to mitigate the data collection.

This also is where you begin to be more mindful about your IRL information, such as who you're giving your name, phone number, and address to.  Signing up for and using reward cards at the local grocer are things you start to skip.  You start paying for items in cash instead of swiping your card.  You're questioning why Great Clips needs your address or zip code to get your hair cut.

Examples of actions in this tier:

  • Using Firefox instead of Chrome
  • Using StartPage instead of Google
  • Using Linux instead of Windows
  • Using multiple online retailers & local shops instead of Amazon
  • Using iOS instead of stock Android (ex: Samsung, LG)
  • You begin to use VPNs a majority of the time
  • Using a private messenger instead of SMS
  • Your cell phone is on a prepaid account with fake information
  • Using a virtual phone number
  • Using a PO Box/PMB
  • Freezing your credit
  • Removing and suppressing your information you find about yourself online

3. I want to keep my information private from private investigators, bounty hunters, and "hackers"

Most people usually are willing to dip their toes in this tier but jumping in with both feet requires some hefty commitment. Here, you start to only use specialized tools and deliberate habits that will shake up your day to day routine. You keep an eye on what information pops up about you online and actively seek to remove and suppress it.

At this stage, you're not giving out your real name or phone number anywhere it isn't 100% required (don't lie to the government). You have a fleshed out alias ready when anyone asks for your information and will give mis/disinformation when possible. Major purchases are in the name of others or an LLC.

Examples of actions in this tier:

  • You've suppressed all of your information on the web and continually monitor data brokers and other similar services
  • You actively spread mis/disinformaion regarding your name, address, and other personally identifiable information (PII)
  • Your vehicle isn't in your name
  • Your home isn't in your name
  • Your utilities aren't in your name
  • You're using a modified Android device
  • You're Linux OS has been hardened

4. I want to keep my information private from my city/state/alphabet agencies/foreign governments

This tier is essentially only possible by hard committing to be full blown anonymous and living a nomadic lifestyle.  Except for the very few and very privileged, you will not achieve this level of privacy.  Also, very, very few people are qualified to give advice at this level and is out of the scope of what CupWire covers.

Examples of actions in this tier:

  • You work for yourself or not at all
  • Everything is in the name of an anonymous LLC or trust
  • Use of electronics, such as phones and computers, are heavily hardened or not used at all
  • Extensive use of aliases
  • You're consulting lawyers or specialist for most matters

Again, this is not an exhaustive list nor are they hard tiers. The main goal is to give a simple breakdown of what threat models are so you can decide for yourself what you feel comfortable with and what to work towards. Keep in mind, privacy is not an all or nothing matter and is a gradual, continual process. Even changing a couple of your habits is a net positive as that means less of your information is out floating around in the wrong hands.

Want to join the discussion?  Check out this post, and others, over at the CupWire subreddit and leave a comment.