[This is a multiple-part series – go here for the full list]
Welcome to my series on reducing my Google footprint, where I explain how to de-Google your life. So far, I’ve explained how to asses your Google privacy “damage” and staunch the “bleeding” of further information. Then I explained how to replace Android, Google Chrome and Google Search. And the next installment covered Gmail and Gcal (and Google Contacts). Those are the biggies, but there’s still more to cover.
De-Google, Step 5: Google Meet/Chat/Hangouts/Talk
Honestly, I don’t know how many people use this messaging service. Google’s changed the name and functionality several times over the years. Note that if you use Facebook Messenger, WhatsApp or Telegram, this section is for you, too.
But thankfully, this is another no-brainer: just use Signal. It’s by far the most popular and private messaging, voice and video chat app out there, and for good reason. It’s easy to use, it has a nice user interface, it has all the important features (group chats, voice chats, and video chats) and even some nice-to-have things like emojis and GIFs. And it’s all 100% end-to-end encrypted, all the time, by default – the way it should be.
Yes, there are others. If you and all your friends and family are iPhone users, then Apple’s Messages app is actually pretty private and secure – but chances are good you know people who don’t carry iPhones. WhatsApp used to be decent, but then Facebook bought them. If you want to move to a secure, private messaging app and actually have other people to chat with, then Signal is the best option right now.
De-Google, Step 6: Google Authenticator
Google Authenticator is the Kleenex of multi-factor authentication apps. So many online accounts specifically call out Google Authenticator when you go to set up two-factor authentication (2FA) that you’d be forgiven for not knowing there were others. But in reality you can use many other apps for this. The generic name for this type of app is a Time-based One Time Password (TOTP) generator, which admittedly doesn’t roll off the tongue. But if you are given the choice of using Google Authenticator, you can use any TOTP app. (And if you’re using SMS or text for your 2FA, you really should switch to TOTP.)
For a long time now, I’ve used and recommended Authy as a Google Authenticator replacement. It’s a very nice app and it (crucially) gives you a way to back up your TOTP “seeds” (the QR codes or passcodes that you use to initialize 2FA for each account) to the cloud. This is something Google didn’t use to offer and still doesn’t go a great job with. But if your phone is lost, stolen or destroyed, you absolutely need a backup plan – and cloud backup is by far the most convenient.
One drawback to Authy is that you can’t export those TOTP seeds. If you want to switch to some other TOTP app, you’ll have to reset each and every account. That is, you’ll have to log in, disable 2FA (which usually requires 2FA auth) and then turn it back on with the new app. Open source TOTP apps like FreeOTP don’t lock you in.
But here’s a pro tip for you that will let you work around this and also give you a nice backup of your TOTP seeds. When presented with the QR code, print it out and save that somewhere. You can then use it later, if you need to, to set up another app. You can use it to let your partner sync up their TOTP app with yours if you share an account.
De-Google, Step 7: Google Maps/Waze
Your location can tell a lot about you. One study found that most people can be identified using just four locations throughout the day. Thankfully, we can use permissions on our smartphones today to restrict location info to apps that don’t need it or only need it temporarily. (Learn how here: Apple, Android.) But for mapping and navigation apps, your location is obviously required.
For Apple people, the choice is pretty easy: just use the built-in Apple Maps app. It’s come a long way since those early days where it had several problems. The driving directions and traffic data are good. I see no reason not to use this.
However, for Android users, I honestly haven’t been able to find a solid, privacy-respecting in replacement for Google Maps. (FYI, Google owns Waze. It’s a great nav app, but it’s not worth the privacy nightmare.) OsmAnd seems to be popular, and it offers offline mode, which is nice. The “Osm” stands for OpenStreetMap, which is a great web-based maps service and is the source of data for OsmAnd.
For car navigation, there are two more options: a standalone GPS navigation device (like a Garmin or TomTom) and built-in navigation software from you car manufacturer. From a privacy standpoint, a separate GPS device is your best bet, though if it has live traffic updates through a connected phone app or something, it may still be collecting your personal location info. But worse yet, most modern cars have built-in cellular data connections, whether you pay for this or not. And car makers are using this to track you and probably monetize your data. But that’s a whole other story.
De-Google, Step 8: YouTube
One more for today: YouTube. It’s both easy and difficult. If you’re an actual video creator – that is, you want to post videos on the web for others to see – then there are several privacy-respecting alternatives to YouTube (which is owned by Google) like PeerTube and NewPipe. Honestly, I just use Vimeo, not because they’re super privacy-focused but because they have the functionality I want and they’re not Google.
Next Up: Google Drive & Google Docs
My next article will probably be the last one in this series. I’ll cover Google Drive and Google Docs, which can be really tricky to replace. But I have solid suggestions. Stay tuned!
I’ve created a nice summary page for all of these articles, including links to more resources.
Need practical security tips?
Sign up to receive Carey's favorite security tips + the first chapter of his book, Firewalls Don't Stop Dragons.
Don't get caught with your drawbridge down!