thebiballerina: ballerina dancing in front of large crystals (Default)
the_bi_ballerina ([personal profile] thebiballerina) wrote2024-03-16 12:38 am
  • Add Memory
  • Share This Entry
Entry tags:

Cybersafety and Privacy (Particularly in Online Fandom)

This post will contain fandom-focused cybersafety advice, useful resources for safety in online fandom, and general resources on cybersafety, online privacy, and cyberstalking. I originally wrote up this guide for the Land of Myth Discord server, so thank you in particular to my fellow moderators there, who helped make this much more comprehensible.

Advice for Safety and Privacy in Online Fandom

This is a list of cybersafety advice, focused particularly on safety in online fandom and communities.

The collaborative nature of fandom means that we may often want to use services for purposes such as sharing text documents or surveys. Keep in mind that personal information such as your email address or the name associated with those accounts might be visible when sharing.

Here are some strategies I use to preempt this issue:

  • Before sharing a link, access the link in a private browsing session where you are not logged into any accounts, so you can see what it will look like to other people who use the link. This way, you can check to see if any personal information is inadvertently visible. Be sure to check any linked profiles on the page, as well as the page itself.
  • Check the settings and FAQ/support pages for the services to see if there are any options to reduce the visibility of your personal information. Some services may have private sharing options or profile settings that alter the public visibility of your information. For others, the visibility of certain information is unavoidable. Know which information is absolutely necessary for an account on the service, which information is optional to a profile, whether the information can be changed or removed after it is added, and their Terms of Service regarding what counts as misrepresenting yourself.
  • Make accounts on privacy-friendly services, whenever possible. Look for ones with comprehensive privacy policies, particularly those vouched for by cynical IT experts or members of privacy-focused organizations like the Electronic Frontier Foundation. (As it turns out, many admirably skeptical people blog about this exact subject.Cory Doctorow is one of my favorites. He is on Tumblr. [Edit: [personal profile] falkner has helpfully pointed out that there is also a Dreamwidth feed for Doctorow's blog at [syndicated profile] doctorow_feed.]) The more the service is structured to protect your data, and the less unnecessary information they collect in the first place, the better. Privacy-friendly services do not only exist for the sake of principles or to protect against larger-scale corporate or government surveillance; their privacy and security practices are also an added layer of protection for your personal safety against individuals. (Think of it this way: If a corporation is willing to sell your personal data, they aren't going to care whether those data brokers serve governments, advertisers, or databases that private citizens can access. If a corporation is unwilling to protect your data from government overreach, they are also unlikely to protect your data from an individual abusing their position of power in government or industry. Even individuals who wouldn't personally think to misuse their access to information might be willing to share that information to "help" someone out when a situation is misrepresented to them. Organizations with good data protection practices can help reduce this possibility.)
  • Avoid using accounts connected to your legal/offline identity for online communities. The less overlap there is, the less likely one can be connected to the other. While a complete disconnect is unlikely without some serious technological know-how, try to keep overlap to areas where the connection is apparent only to people you really trust or organizations who are not personally connected to you (and ideally have strong privacy policies in place). In addition, further compartmentalization between online identities may be advisable for accounts that don't need to be connected to each other; that way, one part of your online life being compromised is less likely to compromise every part of your online life.

The compartmentalization of offline and online identities is important in both directions; while people online knowing personal information is generally considered a more pertinent danger, you also may not want people who know your offline identity to be able to find you online. This is especially important to keep in mind if you share information online that you aren't ready to share with everyone you know offline, or may be unfairly judged by employers or others in your communities for activity they consider inappropriate. (This is particularly true if you create queer content, sexually explicit content, or anything else that may be stigmatized in your offline communities. Just because people shouldn't be punishing you for harmless activities you do in your free time, doesn't mean they won't; even formal protections against that sort of consequence may not protect you from informal or hard-to-prove actions.)

It is also important to note that anyone who knows you offline and has access to your fandom spaces has the potential to share identifying information about you in those online spaces, whether intentionally or inadvertently.

Thus it is important to be careful with who, if anyone, you trust with that, and establish consistent communication with those people about your boundaries in regards to that information.

It is the prerogative of adults to make their own decisions regarding how much of a line they draw between online fandom activity, their offline personal life, and their professional life. Some people may associate their real-life identity with fandom, especially those who have their fandom and professional lives entwined (such as professional artists or people who maintain fandom-focused websites) or who are very active in offline fandom. This isn't necessarily a bad thing (though I would strongly discourage it in cases where it isn't necessary), but it should be an informed choice made with careful consideration of the way it will impact the various areas of one's life, preferably only once one is an adult. It can be very difficult or impossible to "put the toothpaste back in the tube" with regards to the exposure of personal information, so erring on the side of caution with online privacy leaves you with more personal control in the matter, both now and in the future.

Resources for Safety and Privacy in Online Fandom

The following resources can help with following some of the advice above.

Here are some specific services and software that support online privacy, and privacy-friendly alternatives to services that are frequently of use in online fandom.

  • The Firefox browser has the Firefox Multi-Account Containers add-on, which lets you have multiple accounts on the same website open at the same time, in separate "containers". This is very useful if you want to have separate fandom and real-life accounts on the same service.
  • Facebook Container add-on uses the same technique as the multi-account containers, but specifically isolates Facebook and related sites (such as Instagram) to prevent Facebook/Meta from tracking your activity around the web, which it can do on a significant portion of websites on the internet.
  • Document collaboration/sharing and surveys:
    • For a comprehensive list, I suggest switching.software's lists of file collaboration tools, file sharing tools, and survey/form tools.
    • NextCloud is a good complete office suite, often with plenty of free storage available (depending on the instance you sign up for). Notably, it has a mobile app. It does require an account, but does not necessarily have to attach your email to shared files. (For an example of what shared, though not editable, files look like, you can see the files shared for my Easy Fanfic Library project.) I've personally used it and have no complaints for the portions of the service I have used. However, I have found that the commenting interface has sometimes been ineffective or difficult to use when sharing documents. NextCloud's file options include text, spreadsheets, slideshows, notetaking/diagrams, and forms (with an add-on).
    • CryptPad is another office suite. Notably, it doesn't even necessarily require an account to use, though registering lets you keep your documents more permanently. CryptPad's file options include text, spreadsheets, slides, forms, diagrams, code, and Kanban.
    • EtherPad is a collaborative text editor which also can work without requiring an account.
  • Email Providers: Another option to consider for extra layers of safety is a separate email for use of fandom purposes, and for your fandom-associated accounts.
    • Switching.software has a list of privacy-friendly email providers (including some free ones).
    • ProtonMail: A leader in privacy-focused email. The free version has some limitations (most notably on the number of folders/labels you can create), but nothing that has limited its use for me. Free accounts now include up to 10 hide-my-email aliases. They also have other services, including file storage (though storage space for free accounts is limited), a calendar, a password manager, and a VPN (including a free version). It also works with Tor, the privacy-focused web browser, and has an official onion website for Tor users. (This page has an explanation of what that means.)
    • If you are especially attached to using Google services, creating a separate Google account could work. Unlike Discord, it is not against Google's Terms of Service to have multiple accounts. (As long as you don't create them with bots and aren't using them to break Google policies, circumvent limitations on your original account, or misrepresent your identity for the sake of social engineering.) However, it may be easier to connect your legal identity to accounts on less privacy-friendly services like Google. (Also, from personal experience, Google disabled my account without notice or explanation multiple times, and the timing suggests it may have been because I accessed their websites from a privacy-friendly browser. I did successfully appeal those decisions and get my account restored, but I rarely use it anymore because of the risk.)
    • Firefox Relay lets you create "mask" emails which you can use to sign up for services without giving them your real email, both as a way to protect your identity and to curb junk mail. The free version offers up to five mask emails. It is similar to the hide-my-email aliases which ProtonMail now offers as a built-in service, but Firefox Relay can be used to forward to accounts at any email provider.
  • This entry lists sites/directories I use to find alternatives to various software programs and applications.

Resources on Cybersafety, Online Privacy, and Stalking

I marked articles as "general" if I think the information is useful to people from a variety of countries, but from an organization focused on a specific country. Specifically international and country-specific resources will be marked as such.

  • International - For information on safety specifically aimed at Discord users, I highly recommend the articles in Discord's Safety Library.
  • International - Stalking Resources Page: This is includes resources for a variety of countries, including Australia, Austria, France, Germany, Italy, Malaysia, Russia, Switzerland, Taiwan, Turkey, Vietnam, the UK, and the USA.
  • International - Coalition Against Stalkerware: The rest of the site may not be as applicable to online communities themselves, but I highly recommend reading at least a little bit about what stalkerware is for the sake of personal cybersafety. (The basic definition is, "[s]talkerware refers to tools – software programs, apps and devices – that let another person, often a partner or family member, secretly monitor and record information about a person’s phone activity.")
  • General - "Online Safety Basics" and "Share with Care: Staying Safe on Social Media" are good general tips for online safety and privacy.
  • USA - National Cybersecurity Alliance: "The National Cybersecurity Alliance is a non-profit organization on a mission to create a more secure, interconnected world. We advocate for the safe use of all technology and educate everyone on how best to protect ourselves, our families, and our organizations from cybercrime."
  • General - "Tools for Safer Browsing" is a good general article, and the section on "Techniques for Compartmentalizing your Online Identity" will be particularly useful to people in online fandom. "Online Privacy and Safety Tips" has some particularly good advice about safety with creating new accounts, multiple emails, and relay services.
  • USA - Safety Net Project, by NNEDV (National Network To End Domestic Violence): "Exploring technology safety in the context of intimate partner violence, sexual assault, and violence against women."
  • General, but with some Australia-specific information - "Being Web Wise": This article from Safety Net Australia is a good overview about how personal information about you can get online. Most of the article is globally applicable, but some of the information about public records and legal recourse is Australia-specific.
  • Australia - Safety Net Australia Project, by WESNET (Women's Services Network): "Managed by WESNET’s Safety Net Australia team, this website discusses technology, privacy, and safety in the context of intimate partner violence, sexual assault, and violence against women." Counterpart of the US-based Safety Net Project.
  • Canada - "Technology Safety and Privacy Toolkit" from BCSTH (BC Society of Transition Houses) Technology Safety Project: "The Technology Safety and Privacy Toolkit is an online toolkit for Canadian women experiencing technology-facilitated violence to learn how they can increase their technology safety and privacy." The Technology Safety Project is a Canadian counterpart of the Safety Net Project.
  • USA - SPARC (Stalking Prevention, Awareness, and Resource Center: SPARC is very USA-focused, but some of their advice articles may be more universally applicable.
Flat | Top-Level Comments Only
vriddy: Cute dragon hatching from an egg (Default)

[personal profile] vriddy 2024-03-22 05:14 pm (UTC)(link)
Super helpful, signal boosted! Thank you for this list.
thebiballerina: ballerina dancing in front of large crystals (Default)

[personal profile] thebiballerina 2024-03-24 01:36 am (UTC)(link)
You're welcome. Thank you for sharing it!
falkner: [Ensemble Stars] [Kanzaki Souma] (KT ☆ Uepillakuma)

[personal profile] falkner 2024-03-23 07:14 am (UTC)(link)
Thank you for putting together this useful post! I just wanted to add that there is also an RSS feed for Doctorow's blog that can be followed on DW! Link: [syndicated profile] doctorow_feed
thebiballerina: ballerina dancing in front of large crystals (Default)

[personal profile] thebiballerina 2024-03-24 01:23 pm (UTC)(link)
You're welcome! Thank you so much for pointing out the existence of that feed! I probably should have checked for that when I was altering this post for Dreamwidth. I'll edit the post to mention it.
Flat | Top-Level Comments Only