Let me start with something uncomfortable: you are being tracked right now. The site you’re reading this on, the device you’re using, the network you’re on — each one is a data point feeding into profiles you’ve never seen, built by companies you’ve never heard of, sold to buyers you’ll never know.

That’s the default. And the default is profitable — for everyone except you.

Privacy isn’t about paranoia. It’s not about hiding criminal activity or going off-grid. It’s about one simple thing: who controls your data. Right now, the answer for 99% of people is “not them.” Corporations control it. Advertisers use it. Governments can access it. And you signed away the rights in a 47-page terms of service you never read.

The good news? You can change this. Not completely — no one can — but enough to matter. I’ve spent years building a privacy stack that doesn’t require you to be a developer, live off the grid, or give up modern convenience. It requires something simpler: intentionality, layer by layer.

Here’s exactly what I use, why each piece matters, and what it actually protects you from.

This is my real tech stack: 9 layers of real privacy

01 · NextDNS — Network layer

Every time your browser loads a page, it makes dozens of DNS requests — tiny lookups that translate domain names into IP addresses. Most people use whatever DNS their ISP provides, which means their ISP logs every single domain they visit. Every. Single. One.

NextDNS replaces your default DNS with a privacy-first, configurable resolver that blocks tracking domains, ad networks, malware, and surveillance scripts before they even load — at the network level. This means the block happens before the request leaves your device. It’s not an ad blocker that hides elements on the page. It’s a firewall that refuses to even resolve the domain.

You can configure custom blocklists (over 40 curated lists covering ads, trackers, malware, phishing, and more), see real-time logs of every DNS query your devices make, and block by category. It works across all apps on your device — not just your browser. That fitness app phoning home to 12 ad servers? Blocked. That smart TV calling surveillance domains every 30 seconds? Blocked.

Why it matters: DNS is the most overlooked privacy attack surface. You can have HTTPS everywhere and still have your ISP building a complete profile of your browsing habits through DNS. NextDNS closes that gap at virtually zero cost — free up to 300k queries/month, then €1.99/mo for unlimited.

🔗 nextdns.io

02 · Proton VPN — Network layer

Even with HTTPS, your ISP, coffee shop router, or mobile carrier can see which domains you visit and when. A VPN encrypts all your traffic between your device and the VPN server, masking your IP address and making it significantly harder for network-level observers to build a profile on you.

But here’s the critical nuance most people miss: a bad VPN is worse than no VPN. Many free VPNs monetize by logging and selling your traffic — they’ve simply replaced one surveillance infrastructure with another. Proton VPN is different: it’s based in Switzerland (one of the strongest legal privacy frameworks in the world), independently audited, fully open source, and has a strict no-logs policy that has been tested in court.

Proton VPN also has a feature called NetShield that adds DNS-level ad and malware blocking on top of the VPN — a second layer of filtering that complements NextDNS. Their Stealth protocol can even bypass VPN blocks in restrictive networks.

Why it matters: Your IP address is a persistent identifier. It reveals your location, your ISP, and can be cross-referenced across sites to track you even without cookies. Masking it — consistently — removes a major tracking vector.

🔗 protonvpn.com

03 · Proton Mail — Communications

Gmail is not an email service. It’s an advertising intelligence system that happens to also deliver your email. Google processes the content of your messages to build behavioral profiles, improve ad targeting, and train its models. When you use Gmail, you are paying for email with your personal information — and so is every person who emails you, without their consent.

Proton Mail uses end-to-end encryption for all messages between Proton users — meaning the encryption and decryption happens on your device, and Proton’s servers never see the content of your emails. Not even Proton can read them. For messages to non-Proton users, you can send password-protected encrypted emails that expire automatically.

Proton Mail supports custom domains, has a clean calendar and Drive integration, and doesn’t show ads. It’s a complete Google Workspace replacement for people who don’t want to trade their communications for cloud services. Proton is incorporated as a foundation in Switzerland and has been audited by independent security firms.

Why it matters: Email is the backbone of your digital identity. Your inbox contains your bank statements, medical records, contract negotiations, and personal relationships. Encrypting it isn’t paranoid — it’s basic digital hygiene.

🔗 proton.me/mail

04 · Proton Authenticator — Access control

Two-factor authentication (2FA) is not optional anymore — it’s the minimum bar for any account you care about. But not all authenticator apps are created equal. Google Authenticator, until recently, had no encryption and synced your TOTP codes to Google’s cloud in plaintext. That means the second factor protecting your accounts was being stored by the same company whose data practices you might be trying to avoid.

Proton Authenticator is end-to-end encrypted, open source, and syncs across your devices without exposing your codes to anyone — including Proton. It’s integrated with the broader Proton ecosystem but works as a standalone app. You import your existing 2FA codes via QR scan and you’re done.

The key principle here: your second factor is only as secure as the infrastructure storing it. If your authenticator backup lives unencrypted in someone else’s cloud, it’s not a second factor — it’s a second vulnerability.

Why it matters: 2FA is the single highest-impact security action most people can take. But the implementation matters. Encrypted, open-source authenticators ensure your second factor doesn’t become a liability.

🔗 proton.me/pass/authenticator

05 · Password manager — Access control

The average person reuses 5–7 passwords across dozens of accounts. This is not a character flaw — it’s a rational response to an impossible cognitive load. You cannot memorize 80 unique, 20-character random passwords. Nobody can. The solution isn’t to try harder. It’s to use a tool designed for exactly this problem.

A password manager generates cryptographically random, unique passwords for every account. It stores them in an encrypted vault that only you can unlock with one master password (or biometrics). It autofills them when you need them. When a site gets breached — and sites get breached constantly — the attacker gets only that one password, which works nowhere else.

Top options:

• Bitwarden — open source, self-hostable, free tier is genuinely excellent. This is my family option, they don’t want to pay for a password management solution.

• 1Password — polished UX, great for teams and families. I started with 1Password a lot of years ago.

• Proton Pass — integrated with the Proton ecosystem, end-to-end encrypted. I moved from bitwarden to proton.

Avoid browser-native password managers — they tie your credentials to a browser ecosystem and have weaker security models.

Why it matters: Credential stuffing attacks — where stolen username/password pairs from one breach are tried against thousands of other sites — are responsible for the majority of account takeovers. Unique passwords per site make you immune to this entire attack category.

🔗 bitwarden.com · 1password.com · proton.me/pass

06 · Jitsi instead of Google Meet — Communications

Video calls are rich data. Who you speak with, when, for how long, what topics come up in captions and transcripts — this is valuable profiling data for advertising platforms. Google Meet, Zoom, and Microsoft Teams all collect and retain metadata from your calls. For Google specifically, this data integrates directly into your advertising profile.

Jitsi Meet is a fully open-source, browser-based video conferencing platform. No account required. No download required. You create a room, share the link, and start the call. End-to-end encryption is available for 1:1 calls, with server-side encryption for larger groups. You can self-host your own Jitsi instance for maximum control.

For teams that need more structure, Signal is excellent for 1:1 or small group calls. The core principle: choose tools where the business model doesn’t depend on mining your communication data.

Why it matters: Meetings contain strategic information — negotiations, product plans, personnel discussions. Running them through ad-supported infrastructure is a business risk, not just a personal privacy concern.

🔗 meet.jit.si · signal.org

07 · ASUS router with NextDNS + VPN at network level — Infrastructure

Here’s the problem with per-device privacy tools: they require setup on every device, every time. Your phone, your laptop, your smart TV, your partner’s devices, your guests — each one is an unprotected endpoint unless you manually configure it. Most people configure one device and consider themselves done.

The solution is to move privacy enforcement upstream — to your router. ASUS routers running AsusWRT-Merlin firmware support native VPN client configuration (so all network traffic exits through your VPN by default) and DNS-over-HTTPS directly to NextDNS. Every device that connects to your WiFi is automatically protected — without touching each one individually.

Smart TVs are particularly aggressive data collectors, phoning home constantly. They have no meaningful privacy settings. Router-level DNS blocking silences them completely without any modification to the TV itself. The router becomes your household’s privacy enforcement layer.

Why it matters: Most smart home devices have no privacy settings worth using. Router-level protection is the only way to control their data transmission. It protects devices that don’t support VPN apps — which is most of them.

🔗 ASUS routers on Amazon · AsusWRT-Merlin

I bought this Router Asus

08 · Self-hosted server on Hetzner — Sovereignty

This is the layer that separates the privacy-conscious from the privacy-sovereign. Everything else on this list reduces your exposure to surveillance. This one eliminates the dependency entirely — for your business-critical operations.

I run a private VPS on Hetzner — a German provider with strong privacy practices and excellent price-to-performance. On it, I self-host:

• Twenty CRM — open-source CRM, replaces Salesforce/HubSpot

• DocuSeal — open-source document signing, replaces DocuSign

• Plane — open-source project management, replaces Jira/Linear

• Obsidian with Syncthing — local-first knowledge base, replaces Notion

None of this data touches AWS, Google Cloud, or Microsoft Azure. My business relationships, contracts, project plans, and knowledge base live on infrastructure I control, in a jurisdiction with strong data protection law, on a server I pay for directly.

Setup takes a weekend and some basic Linux comfort. The payoff is permanent: no vendor lock-in, no surprise price increases, no terms-of-service changes that give the provider rights over your data, and no risk of your business data being used to train someone else’s AI model.

Why it matters: The cloud is just someone else’s computer. That’s not a metaphor — it’s a legal and technical reality. Self-hosting moves your most sensitive business data to a computer you actually control.

🔗 hetzner.com · twenty.com · docuseal.co · plane.so

09 · Sealmetrics instead of Google Analytics — Data sovereignty

Every website running Google Analytics is making a choice — often unconsciously — to donate their visitors’ behavioral data to Google’s advertising infrastructure. Every page view, every scroll, every click your visitors make is logged and used to improve Google’s targeting models. Your traffic funds Google’s intelligence. And you get a free dashboard in return.

But here’s what most marketers don’t realize: Google Analytics with consent mode only sees 40–60% of your actual traffic. Users who reject cookies, use ad blockers, or browse in privacy mode are invisible. Your ROAS calculations, your funnel analysis, your channel attribution — all based on a partial, biased sample of reality.

Sealmetrics is a consentless, cookieless analytics platform. It captures 100% of web traffic without cookies, without consent banners for analytics, and without feeding data to third parties. It works by measuring human events — actual user interactions — rather than setting tracking identifiers. Fully compliant with GDPR and the ePrivacy Directive.

For ecommerce businesses especially, this matters enormously. Your real ROAS is almost certainly better than Google Analytics is telling you — because a significant portion of converting users are invisible to cookie-based tracking. Sealmetrics shows you the full picture.

Why it matters: Using Google Analytics while building a privacy stack is contradictory. You’re protecting yourself while surveilling your own customers. Sealmetrics closes that gap — accurate analytics without compromising your users’ privacy or your compliance.

🔗 sealmetrics.com

“Privacy is not about hiding. It’s about who has power over your information — and therefore, over you. When corporations know more about you than your own government, the power imbalance isn’t abstract. It shapes what you see, what you buy, who you vote for, and what you believe is possible.”

Reading list: the intellectual foundation

Three books that will permanently change how you think about this topic.

Privacy Is Power — Carissa Veliz The strongest philosophical case for why privacy is a political issue, not a personal preference. Veliz — an Oxford philosopher — dismantles the “nothing to hide” argument completely and explains why surveillance capitalism is incompatible with democracy. Start here.

1984 — George Orwell You’ve heard of it. You may have read it in school. Read it again now, as an adult who carries a tracking device in their pocket and has a microphone-enabled speaker in their kitchen. The surveillance state Orwell imagined didn’t arrive as a dystopia — it arrived as a convenience.

V for Vendetta — Alan Moore & David Lloyd Not just a graphic novel — a meditation on what happens when populations trade freedom for security. Moore’s core argument: totalitarian systems don’t require force if the population consents through passivity. Building a privacy stack is, in a small way, an act of refusal. That matters.

You don’t need to implement all of this at once. Start with one layer — NextDNS takes 10 minutes to configure and immediately protects every device on your network. Add Proton Mail when you’re ready. Move one project to self-hosted infrastructure when it makes sense.

The goal isn’t to become invisible. It’s to make mass surveillance economically and technically expensive enough that it stops being trivial. Right now, tracking you costs fractions of a cent. Every layer you add increases that cost. Enough people doing this shifts incentives at scale.

And if you run a website or an ecommerce business: look at your analytics setup. If you’re using Google Analytics, you’re part of the problem you’re reading about. There are better options.

If this post made you think differently about your digital life — forward it to someone who still believes privacy is about hiding something.

It’s not. It’s about owning something. Your attention, your data, your identity. They belong to you. Act like it.