Most of us already understand this intuitively. You close the bathroom door. You don't read someone else's letters. You choose what to share with a doctor versus what to share with a colleague.

The difference online is that those choices are often made for you, by default, without your awareness.

When you use an app, visit a website, or send a message, information about what you did, when, where, and how can be collected, stored, and shared, sometimes by the company you're dealing with, sometimes by third parties you've never heard of. Privacy is about being able to reduce how much of that happens, and to whom.

Wanting privacy doesn't mean you have something to hide. That framing is often used to dismiss privacy concerns, but it doesn't hold up.

People who close their curtains aren't necessarily hiding crimes. People who use private browsing aren't necessarily doing anything wrong. People who want their medical history kept between them and their doctor aren't being suspicious.

Privacy is about maintaining control over your own information, regardless of whether that information is sensitive or ordinary.

These three words often get used interchangeably, but they mean different things

Privacy is about limiting who can see your information. You might share your real name and location with a service, but expect that information to stay private, not shared with advertisers, data brokers, or other parties.

Security is about protecting information from being accessed by people who shouldn't have it at all. A secure connection means you can trust you're actually talking to the service you think you are, and that no one else can intercept the conversation.

Anonymity means acting without a persistent identity, in a way that can't be linked back to you. Tools like Tor are designed to help with anonymity by making it harder to trace who is making a request.

You can have privacy without anonymity. You can have security without privacy. Understanding which one you're actually trying to achieve helps you make better decisions about what tools and habits are worth the effort.

• Reducing how much of your behaviour is tracked across websites and apps
• Limiting what companies and data brokers know about you
• Protecting sensitive information, health, finances, relationships, beliefs, from being exposed without your consent
• Making it harder for advertisers to build detailed profiles of your habits and preferences
• Giving you more control over your own digital presence

Privacy practices reduce exposure, but they don't eliminate all risk.

• If you share information with a service voluntarily, privacy tools can't undo that choice
• Privacy protection depends on the tools and services you use actually behaving as they claim
• Systemic data collection, the kind built into platforms, operating systems, and infrastructure, requires more than individual settings to address
• Social engineering (someone convincing you to share information directly) bypasses technical privacy measures entirely

Better privacy often involves some friction. You might need to switch apps, adjust settings, or accept that some features require data you'd rather not share.

The right level of privacy protection depends on your situation. A journalist protecting a source has different needs to someone who mostly wants less targeted advertising. There is no single set of tools or habits that fits everyone.

Cookie banners and privacy settings often create the appearance of control without providing much of it in practice. True privacy is usually built into software by default, it shouldn't require you to navigate five screens of options to opt out.

• Think about what information you share, with whom, and whether that feels right
• Adjust the privacy settings in the apps and services you use regularly, not because they solve everything, but because defaults are often set to share more than necessary
• Consider using a browser that limits tracking by default (Guides & Wiki has more on this)
• Use messaging apps that encrypt conversations end-to-end when the people you're talking to are open to it

You don't have to make every change at once. Small steps in the right direction are worth taking.

Privacy as a concept has been discussed in law, philosophy, and technology for decades. A few threads worth following if you want to understand it more fully

The control problem. Cookie consent forms and privacy dashboards give a sense of control, but they're often designed to discourage using it. Real privacy protection shouldn't require constant individual vigilance, it should be the default, not an opt-in.

Data as infrastructure. Information about you doesn't just stay with the company that collected it. It can be bought, sold, merged with other datasets, and used in ways you never anticipated. Data collected for one purpose often ends up serving another.

The aggregation problem. Individual pieces of information can seem harmless, your name, your employer, your neighbourhood. Combined, they can reveal much more than any single piece would suggest. This is why privacy isn't just about protecting your most sensitive information.

• Threat modeling, how to think about what you're actually trying to protect
• Metadata, the information that travels alongside your content
• Encryption, what it protects and what it doesn't