How can I avoid being monitored online?

Updated:July 2016

Governments and other parties are developing sophisticated methods to access what you do online. Here are some ideas and technology to help you find a bit of private space.

FIRST, THE BAD NEWS: There is no way to avoid having your activity monitored online at all timesData is sent and received over networks in order for you to do what you want to, and there's no way around that. Internet service providers also keep records of IP addresses you visit. Your computer has identifying information about you, and your internet use builds up a profile over time that more narrowly defines you, your location, interests and associations. The longer an online session goes, the more specific a user's profile becomes. Parties with access to these different strands of information can start to see a more complete picture. 

Being private or anonymous online all the time would be exhausting, and if we're honest, that's not what you usually want to do with the internet, anyway. If you really want that kind of private space, then turn your computer off and leave the mobile at home. The internet was made for communication and sharing, and has a bias toward transparency that can be nice and refreshing except for the times that it's putting you at risk, of course.

NOW, THE GOOD NEWS: There are methods and technology to help you create the conditions for more privacy or anonymity for specific activities. This is the manageable and more achievable approach. Instead of thinking in terms of your overall privacy, look at the exact piece of information or activity that you're trying to protect. How are you going to handle just that one thing? That's what this page is going to help you achieve.


  1. What are you trying to accomplish?
  2. Is this about privacy or anonymity?
  3. Create your digital workspace for any activity


What are you trying to accomplish?

This is the first question to ask yourself. It's too easy to start loading your computer or mobile with various software and over thinking the situation. With each new thing you add to your device, you've added more complexity. You need to learn how it works, understand its bugs and quirks, and then (if it's a communication tool) get the other party to use it as well! Make sure you think specifically about what it is you're trying to protect, then you can identify the best method for that task.

Ask yourself:

  • Does this really need to be done using the internet or mobile phone? (if yes, keep move on to the following questions)
  • What is it specifically that you're trying to protect? (confidential data, source identities, your location, etc.)
  • Who would be interested in this information and why? (have they committed a crime, or are they involved in corruption, or would the information be damaging or embarrassing in some way?)
  • What methods could they use to get it? (could they access your internet or mobile service provider, hack your device, confiscate your equipment, use a court order, etc.?)
  • What would happen if they succeed at getting it? (your source or yourself could be arrested. Or, maybe they could kill your story, or use this confidential information against others. Assess the risks to yourself and anyone else who may be impacted.)

Is this about privacy or anonymity?

Based on your answers to the above, you can now respond to this question. Privacy and anonymity are separate things. It may be that you require a degree of both, but the tools and methods needed to achieve them can vary. Here's what we mean by both

  • PRIVACY: Here we are talking about the content of your communication, not your identity.
    EXAMPLE: You may want to have a private chat with your commissioning editor, but you don't want a record about what is said between the two of you that can be seen by others. To solve this, you and your editor decide to use a system that encrypts your messages back and forth. The internet service provider may be able to log with whom you're communicating, but has no access to what's said.
  • ANONYMITY: This relates to the fact that it's you who is doing something.
    EXAMPLE: Producing news is heavily regulated where you're working, and being seen communicating with a black-listed publication will put you at risk. You and your editor decide that you need to communicate with accounts that have no relation to your actual identities. Here, you're hiding your identity from the service provider. It can see that data is coming and going from a device or online account, but these don't have enough information in them to link back to the people using them. 

As you may be able to have figure out already, digital anonymity can be a much more difficult task. Depending on your project, you may need privacy at some points and anonymity at others. During the time you're dealing with a confidential source, you may need to take steps to not reveal that they're meeting with you and also protect the information they're giving you. But you need to determine which category you're primarily in before you can do the next step. Is it mostly about privacy, or anonymity? 

Create your digital workspace

This is where you're handling the situation you've identified above. Here you'll be downloading and trying out different software or just thinking of different tactics you can use. It's not a physical space, but more of the sum total of these three points below. You're creating a situation that enables you to do something more privately or with greater anonymity. This is your "workspace." You can use it again, should the situation require it, but you're creating it for this specific set of circumstances. Here's how to obtain it:

  1. Keep it simple: Everything is contextual to your situation, which is why the above questions were aimed at making it as specific as possible. Your goal is to produce your story, not become an expert in all the various security software that's available.
  2. The technology you pick should solve a problem you've identified: Over time, you'll build up a toolbox of the technology and tactics that work best for you, but you really want to adopt them only as necessary. Think of the problem or situation you're trying to deal with. When looking at what's available (more on that below), consider whether it's addressing that specific need.
  3. Our preferences in recommending digital security technology is Open source: This means that the code of the technology can be publicly reviewed by peers in the development community. It often means that it has a wider base of support, bugs are caught faster and it's more likely that the software is doing what its creators claim that it's doing. This isn't to say that closed source software isn't doing what it claims, just that there's no transparent way to verify it. It doesn't mean that open source software can't be hacked, either. It does mean that the threats can be more transparently assessed.

Here are some ways to prevent monitoring at different stages of activity on your computer...

Improve your web browser's privacy

Before adding extra plugins and extensions, actually go through your browser's settings. If you use Chrome, you will also want to see how much of your data is synchronized with your Google account. See what's already happening and adjust your settings accordingly. Once that's done, using a few browser extensions can help. Available on browsers such as Chrome or Firefox, these plugins can add security features to block pop-ups, spyware or cookies from downloading onto your computer, and limiting the amount of information your computer sends out about your online activity.

  • HTTPS Everywhere: A number of websites don’t use encrypted data requests when you access them. This plugin attempts to do just that, making every site you visit more secure as a result.
  • No Script: Many websites use programming scripts to add features and interactivity, but these scripts can also be used to install files on your computer or send you to websites you didn’t want to visit. With this add on, these are blocked, and you can voluntarily turn them back on if you trust the website.
  • Ghostery: Allows you to see which websites are tracking you and block them.
  • BetterPrivacy: Allows users on Mozilla to remove or manage cookies, including those enabled by Flash, Google and YouTube.
  • Self-Destructing Cookies: Cookies can be useful, but they can also work against you. This add-on for Mozilla deletes cookies as soon as you close a web browser tab and also avoids several types of non-deleting cookies and blocks them.

Most web browsers have a "privacy mode." Chrome calls it "incognito." In pretty much every case, the name is a misnomer, but that doesn't mean the function is entirely useless. It IS NOT hiding any of your activity online, or adding any security to your internet connection. IT IS removing your local web activity from the computer when you close your browser window. If you're worried about someone looking at your internet activity by accessing your computer, then this is a good method of countering that.


Use a privacy-first browser

  • The Tor Browser helps with both privacy and anonymity online. It can hide what you look at online from your internet service provider, and doesn't let a website know you're accessing it. It also blocks a lot of tracking codes. The Tor Browser works on Windows, Apple and Linux. Having this on stand-by is good practice for when you need to switch over to a more private connection to a web service. The Tor Network is free, open source and one of the strongest proxy services available online.
  • Firefox + the JonDoFox profile add on turns your browser into a more anonymous experience, hiding a lot of information your browser may be sharing about your activity. This takes a bit more set-up than the Tor Browser, though.
  • The Epic Browser is a quick and easy way to access the web, and includes a simple on/off proxy service to keep your connection to web services more private. Epic is based on Chrome. It includes a number of tracking blockers and doesn't save your activity locally. The proxy service is quite basic: you can either appear to be where you really are when it's off, and you appear to be somewhere in the U.S. when it's on.

Have a VPN service ready

As well as allowing access to blocked content, these services can be used by freelancers to browse privately, and thus avoiding being monitored online. For our information on proxies and VPN, check our section on that here..

Get the best out of your VPN: Once set up, VPNs can be as easy to use as flicking on and off a switch. Remember:

  1. Read user reviews of a VPN service before subscribing. Some are better than others.
  2. It's better to use a service not located in the same country where you're working.
  3. Make sure the VPN is not forwarding your internet traffic to one of its servers that may be near Your actual location (Example: If you're in Paris, select Amsterdam, or Ankara or some other location).
  4. It's advisable to check that what you're doing isn't illegal in the country where the VPN makes it appear you're working from.
  5. Remember that a VPN is only disguising your activity so much. If you're using it for social network sites or to send email, then those services may have other means through which your privacy can be compromised. Be careful what you post that could counter the reasons you're using the VPN. Using more privacy-friendly services mentioned elsewhere on this page and in our resources can help.

GET STARTED: Find a VPN service provider here.

Use the Tor proxy service

The Tor Project offers strong internet privacy and anonymisation for doing all kinds of things online with added security. We go into more detail about how it works on this page. There are tools for both your PC and your mobile that use the Tor Network. You can install Tor and make sure all your internet activity runs through it, or use specialised apps and plugins that do this for you. Here are some Tor solutions that could be useful for your digital security toolbox:

  • The Tor Browser (mentioned above)
  • Guardian Project Apps is for your Android or iPhone.
  • Tails is a full computer operating system that works from a DVD or USB drive. It runs all your activity through Tor, can operate a large number of computers and leaves no trace of activity when you're done.
  • Onionshare is a project we talked about here, allows you to privately share files with a recipient without uploading it to a server somewhere, and leave no trace behind after it's been received.
  • Torbridy is a plugin for your existing Firefox browser that can divert it's web traffic through the Tor network.

Use more privacy aware services

Aside from reading web pages, services are what you're using the internet for. These include emails, chats, voice calls, storing your files somewhere, or accessing a social network. Many of these require a lot of data about you in order to work. But if your aim is to leave less of yourself exposed online, here are some ways of doing it.

For more private emails: find an alternative to Gmail, Yahoo or Outlook web mail. Those services are interested in your data and that of your contacts. Signing up can be an involved process requiring a lot of information. Gmail, for example, is tied to everything you do on Google. Sharing your Gmail address often comes with a lot of other personal information from your Google account. Find a privacy-conscious email service. Some are paid, others are run by nonprofit organisations. Here are some that come highly recommended.

For Instant chat: Off-the-Record (OTR) Messaging allows you to have private conversations over instant messaging services that can hide your identity and the conversation your having. Cryptocat and ChatSecure are some options. For the best options, EFF will bring out a brand new scorecard to rate secure messaging tools - version 1.0 is here but bear in mind it is already out of date.

For more private voice and video calls over the internet: Jitsi is a secure alternative to software such as Skype. It's open source and there's also a web browser version called Jitsi Meet. For just voice, Ostel is another method that works with a variety of different devices.

For backing up your work: Apple, Google, Microsoft, Dropbox are just a few examples of how big and competitive the online cloud file storage market is. Online storage is a great back up tool in case your device is lost, stolen or gets broken. It's got another good advantage: sometimes it's a nightmare risk to leave something on your physical computer than it is to save it somewhere online. But if your goal is to avoid being compromised online while using these systems, then you need to both conceal your activity and use a privacy-first service.

  1. Use a VPN or Tor to connect to your online file storage space. This can help protect you from being monitored by anyone with access to your internet service provider and deciding how they might try to intercept your activity.
  2. Consider an easy method pload your files into your secure email account — a different account than the one you use to contact people. Don't send it anywhere or add a 'To' email address. Save it in "drafts." Don't keep the account details on your computer. Download them back when you're in a secure place to do so. Even here, it's better to locally encrypt the files first.
  3. Look for a system that encrypts locally, on your machine, before it uploads content, and then only lets you decrypt it once it's downloaded again. Tahoe-LAFS is a free and open decentralised cloud storage system, that offers strong encryption and is resistant to a variety of hacking attacks. Syncany is a system that can work kind of like Dropbox and keep your backed up files, updates on all the computers you're syncing, but it's an open source, private and strong encrypted method.

Use encryption

Actually, you probably already do. When you visit websites with "https" in the URL or log into your online banking, or use any number of services, there are encrypted exchanges of data going on. Encryption is about making the content of your data private, and only accessible to those with the keys to them. We've got an entire page on different ways you can use it, here

Encryption is a method to protect digital information from anyone who shouldn't have access to it. Encryption scrambles the data, rendering it unreadable for someone who doesn't possess the key and corresponding password to unscramble it. You can encrypt local files on your computer, things you want to store online, or your entire computer hard drive. End-to-end encryption is a method of securing your communication with someone else. In this situation, your messages are scrambled, and the only people who can read them are those who have the correct keys and passwords.

Having an email encryption key ready is useful for when a source asks for it. Encryption keys also help verify that you're the real recipient or sender of an email. Here's how to encrypt your email.

Avoid malware, viruses and other attacks.

We've got an online resource page dedicated to different kinds of attacks and how to avoid them, so we won't go into that subject in depth here. If a hacker can install software on your computer, then they can potentially capture and monitor all your activity regardless of any other steps you take. In short, you're attacked when:

  • You download an infected file somewhere on the web.
  • Someone gets you to reveal enough personal information to get into your accounts or log into your computer.
  • Someone targets you through email, chat or social networks and convinces you to download a file. This is a method of social engineering.

The advice here can seem quite simple: Don't do those things. In practice, it's actually much more difficult. It requires you to maintain a level of skepticism whenever you're about to click on something, and ask yourself how it is that you know this is what it's claiming to be.

Stay focused

The internet is a fun and useful thing and a great deal of your professional life revolves around using it. Sometimes it can be easy to get too caught up in issues around privacy and anonymity and forget why you're using it in the first place. Remember that as a freelance journalist, you're likely to be developing a public online profile through your work. By assessing what you're going to do, before you do it, you can decide how many of these tools or tactics are needed.

Find out more

Get a comprehensive listing of privacy tools here.


Thanks to freelance journalist Emma Beals, Tor Project researcher Runa Sandvik and mobile technologies researcher Bernard Tyers for contributions to this section. Image credit: Thomas Stellmach.

Created: July 2013

Help us be a better resource!

Give us feedback about this page. What was helpful here, or what could be included to make it more useful?

Create a comment
Create a Comment
  • Security code

This website uses cookies. For more information about these please click here.
By continuing to browse you consent to the use of cookies