How to Communicate Privately Online

Author: Deborah Belford

There are many reasons to have private conversations. By private conversation, we don't mean one where two or more people going to a secluded place to talk; privacy can happen online too. Yea, not minding social media platforms where data are discretely collected, it is possible to have private conversations and information shared where no logs or data would be collected or retained by any party. This is paramount in times like this when governments are buying personal data and criminals breach service providers to steal data. Pretty Good Privacy encryption, ProtonMail, and Encrypted Apps provide their users with the feeling and security of online private conversations.

1. ProtonMail

This email service expects that people will create a ProtonMail account. Your browser generates public and private RSA keys. The public key encrypts your email and other data, as a user. The private key allows you to decrypt your data and is symmetrically encrypted with your password.

ProtonMail offers two-way encryption by asking that, as a user, you create a ‘log in’ password for authentication and mailbox password which encrypts your mailbox and information and private encryption key. ProtonMail keeps the decryption keys in their encrypted form, making it impossible for even the developers to know user emails and passwords. Sending emails from a ProtonMail account to another can be automatically encrypted by a recipient, with their public key. Communication from a ProtonMail to a non-ProtonMail can be optionally sent in plain text or in an encryption form which can be viewed by the recipient with a user-supplied password. It is also possible to set the emails to self-destruct after a while.

2. PGP encryption:

The PGP encryption works to safeguard data on email systems, removable media files, hard drives, etc. and even cloud-based application. PGP allows you to also send an encrypted message to a recipient, using a recipient's public key. PGP does not require any special email creation; it works fine with any email server. PGP comes at a price and requires that you get an encrypted software, Gpg4win for Windows OS or GPGTools for macOS. Once the software is downloaded, your preferred communication application can then be added and the encryption protocols can be followed.

After installing GPG4win, check the installation file for ‘Kleopatra’ and launch it. With the 'New Key Pair' option, you can generate your public and private keys. Once all is set, you can start to send and receive encrypted messages.

3. Using Private Messenger or App

A standard private encryption app has open-source encryption. Taking Signal as a case study, all communications by default are encrypted as end-to-end. Conversations among Signal users have every content of every chat privately secured such that they can't be read by anyone else. Also, it is possible to time messages to self-destruct after a designated time to makes sure that conversations don’t get leaked. Furthermore, calls made with the Signal application cannot be listened to, even when there's nothing to hide. Although WhatsApp also uses open-source end-to-end encryption, some of its other features are not as secure as the Signal messaging app.