| For me, the most important thing is to think about what data you’re sharing with third parties, and how that data might be abused. Or maybe that third party doesn’t abuse it themselves, but they’re vulnerable to someone else stealing it, and landing you back into HaveIBeenPwned yet once again (I think I’m up to 17 times on HIBP so far). I think about this any time I use a service like DeleteMe, or Optery, or 1Password, or any other third party service where I might be sharing potentially sensitive information. And I very carefully select the third party services that I use which might have sensitive data shared with them. Then I like to try to ensure that I minimize what data that I share with these third parties, especially data that is shared automatically — like a log of every single URL that I visit. I’m a lot more willing to use tools that work 100% locally and don’t share any data with any remote service, even if those tools do not provide all the same levels of service that can be provided by the remote service. For example, I would never voluntarily enable something like Microsoft Recall, but I might be willing to use a local-only program that recorded periodic snapshots of every URL that I visit and make that information locally searchable, so that I can roll the clock back and see what I may have been doing at some time in the past. The problem here is not that the data is collected, or that it is collected locally, but how that data might be able to be abused by others once it is shared with a third party. |