Small Business & Privacy series
Significance of Privacy Avoid the traps Privacy Toolbox

A Privacy Toolbox for SMEs FR

The article Privacy toolbox for SMEs is the third and last of a trilogy on privacy for small businesses, a series by Irene Silberstein. A carefully selected and commented set of expert privacy tools.

Privacy toolbox for SMEs

I wrote this series for businesses with an online presence and websites' owners: small and medium companies, retail, expert, freelancer, creator, publisher, adviser, agencies, artist and many more.

to protect you and your clients

Although there are multiple categories and tools, this is a selective and limited toolbox.

Average reading time: 20 minutes.
No time to read now? No problem.
Get access to our resources and freely download the article

Your email (secure), anonymize if you wish, (Example: AnonAddy (2nd Window).

Selection criteria applied to Inputs:

---How trustable a provider or application is

---Trying the service or solution

---The author's skills, ethics, and network

---Prospective moves in the wake of the current times

---Advices from excellents guides by Reclaim The Net, Restore Privacey, Privacy tools or even Zapier, Kinsta and others.

A strict selection, which is definitely not exhaustive.

As soon as new tools are selected,

I will update the published version of the Privacy Toolbox

About prices:

Some of the recommended solutions are open-source, not all;

Some are freely available, or when you find it useful you can donate;

Some have a cost, frequently a tiny cost.

So they rely on various sustainable models.

Email Email

Email end-to-end encrypted

Tutanota

I recommend Tutanota for end-to-end encryption E2E covering all parts of email, very secure processes, 1Euro/month for private use (or free). Emails between Tutanota users are automatically encrypted and do not leave the server, based in Germany with a strong German data authority. However Germany is known to cooperate with the NSA.

https://tutanota.com/

Mailfence

Free or slightly more expensive than tutanota and easy to use, Mailfence is an interesting alternative: Based in Belgium, with strong privacy laws and no track record of cooperation with surveillance agencies, Mailfence offers one-click OpenPGP encryption; between Mailfence users, email are automatically encrypted and do not leave the server. Mailfence uses a standard implementation of OpenPG, which makes it easy to communicate, on the one hand with Mailfence's users and with other PGP users that don't use mailfence.

https://mailfence.com/

ProtonMail

More expensive than Tutanota or Mailfence, Proton also provides full end-to-end encryption, and a good set of features. Proton is based in Switzerland and this makes it less reliable than Tutanota or Mailfence, as the US obtained that Switzerland entered the said privacy shield. In this context, proton announced in 2021 they had to obey a court order from France.

https://protonmail.com

Runbox

Fully private email without automatic encryption, anyway compatible with encryption, Runbox email hosting offers fast webmail with excellent support and servers in Norway. 83 Euros for two years and the third year for free, particularly high limits for alias, custom domains and many features, pop, imap, smtp, server and email reputation via spf, dkim, dmarc.

https://runbox.com

Email Anonymity at user end

Anonaddy

Which is of course at user's choice

Anonymous email forwarding

Unlimited random unique email aliases

Open-source Browser add-on, downloadable for Firefox and Chrome

and multiple features.

Free or 1Euro /month

https://anonaddy.com/

Collaboration, chat, visioconferencing Collaboration

Signal

Signal is a multi OS chat app built for privacy and security, free and open-source managed by a non profit supported entirely by donations. Signal offers a secure chat application, voice and video. installable on your desktop, it can work entirely with keyboard shortcuts. Signal uses your existing mobile phone number and requires that you install it on your Android or IOS device. On the mobile device, Signal allows voice and video and both insecure sms/mms and secure signal messages between signal users.

Secure messages show a closed lock icon

You can find more on the support page

https://support.signal.org/hc/en-us/articles/360007318691

https://signal.org/

Tox qTox...

Free and open-source, Tox is a distributed, peer-to-peer voip, instant messaging and video-conferencing protocol that offers end-to-end encryption. The stated goal of the project is to provide secure yet easily accessible communication for everyone. Operating system: Windows, Linux, OS X, Android, iOS, FreeBSD, OpenIndiana, Sailfish OS.

Tox is interesting to communicate and share documents with your family and friends or to build a secure and strong communities with your clients, partners, providers... without exposing anyone's data.

At practical extent, Tox needs that your choose the client interface you prefer. My choice is Qtox, which is features-rich and truly easy to set up and use.

qTox is a powerful client based on Qt, intuitive and fast that runs on Windows, Linux, MacOS and FreeBSD and offers text messaging, audio and video calls, screen sharing and file transfers. it supports text and audio group chat, as well as Identicons as avatars.

To understand the Tox project

https://tox.chat/about.html

To download Tox https://tox.chat/

To choose a client interface

https://tox.chat/clients.html

To donwload Qtox https://qtox.github.io/

Tox Wiki https://wiki.tox.chat/users/faq

Veeting

Virtual meeting rooms

Veeting is another perfection that brings everything we need to collaborate online. End-to-End encrypted, extremely secure zero-cookies environment and because of this, dazzling fast. For individuals, home offices and businesses. Their moto is "Web collaboration made simple". Lots of features: scrinshare, whiteboards, presentations, multi-OS, multi-browsers, real-time chat, display and share supporting documents, live slideshows calendar, meeting agenda, on-demand recording. Reasonable pricing for a complete studio: 5 meetings for 20 Euros/25 CHF or your own room for the month for 36 Euros or 39 CHF.

https://www.veeting.com/

Securesafe - store, edit and share business documents

Securesafe is a mature one-click secure proven solution for teams or team-client project management. It offers a wealth of useful features: apart from zero-knowledge and full privacy, it can retrieve document despite spelling errors in search; it offers desktop, smartphone and browsers versions, secure send, deep links, file sync and versioning, member management, and more at a reasonable cost per user. Aapplications designed in such a way that even our own employees can never access client data. Their solution complies with all GDPR guidelines and they got their approach externally audited several times.

https://www.securesafe.com/en/business/overview

https://www.securesafe.com/en/business/pricing

Web Browsers Web browsers

Epic

Epic browser is a serious secure private browser freely available for windows and android, not yet for Linux unfortunately. For a Windows user not too techie, it is possibly the easiest choice for a secure private browser.

https://www.epicbrowser.com/our-key-features.html

Brave

Brave browser is a fast private browser freely available for Windows 64-bit,Windows 32-bit,macOS Intel,macOS ARM64andLinux

It offers trackers protection and useful information on shielded items. It resists attacks and I consider it very secure and private as long as you do not install any extension.

https://brave.com/

Vivaldi

Vivaldi browser, which took the turn for privacy, is progressively going to replace old Opera browser as it It now offers many features, of which some original ones. I think it is not yet as secure as was Opera, but it is on its way. For me, Opera is still secure but the great talents of their developers are now missing after Opera was sold.

https://vivaldi.com/

Waterfox

Waterfox, a clown of mozilla Firefox offers an helpful function, major difference: it continues supporting old extentions as well. However it follows Firefox updates with some delay. Although Waterfox is quite secure, especially with the addition of an anti-tracker, it it not the choice to resist attacks. For Waterfox, I use Ghostery anti-tracker, which alwayrs helped clarify my findings about visited websites.

https://www.waterfox.net/

Test browser for privacy

EFF (Electronic Frontier Foundatio) provides a handy online tool to test your browser for privacy

https://coveryourtracks.eff.org/

A recognizable fingerprinting is a weakness.

VPN

Although I can currently advise for a few of them, I am still testing. An article from Windscribe Blog highlights the difficulty to advise for VPN:

"Windscribe blog

Consolidation of the VPN industry spells trouble for the consumer"

By Yegor Sak 16 September 2021

https://blog.windscribe.com/consolidation-of-the-vpn-industry-spells-trouble-for-the-consumer-57e638634cf0

Writing about the huge acquisitions in the VPN industry and their obvious implications, Yegor Sak highlights how gullible we are to rely on "Reviews"

Simple facts to discover about conflict of interest in the kingdom of money...

This is why it is so difficult to advise for VPN.

Search engines Search engines

The interest of alternative search engines is how much privacy you get of course;

another question is: how efficient is it for searching?

This also depends on what you search for.

in terms of privacy, our current selection includes

Epic

Epic Search is a good engine, encrypted, private and secure, paying no-ad search engine. Usable from any browser. ($2.5 /month Sep 2021)

https://epicsearch.in/

SearchEncrypt

I am indebted of Search Encrypt to Kingsta.com Blog. Quite fast, encrypted, SearchEncrypt is one of the private alternatives.

https://searchencrypt.com/home

MetaGer

MetaGer is a meta searchengine that aggregate results from multiple search engines with good results and guarantee confidentiality. MetaGer relies on donations to be able to continue. They also offer a membership in their association "association for free access to knowledge".

https://metager.org/

Swisscows

Somehow different, Swisscows offers a family-friendly private search engine and a VPN. Swisscows does not monitor nor store any data. But as DDG, Swisscows relies on ads, in particular from Bing, but also offers a paying version.

https://swisscows.com/?

DDG, Duckduckgo

As DDG uses Bing which is highly "sanitized", I consider that it lowers the interest of DDG as search engine. To use for common queries.

https://duckduckgo.com/?q=

Gibiru

I am indebted of Gibiru to Reclaim the Net.

Gibiru announce full privacy. They use Google API to generate private results based on Google index, which seems normal; but they also use Google adsense. To use for common queries only, as Gibiru might refuse or not answer to some queries.

https://gibiru.com

As alternative Search engines having their own index

Let's add

Quant

I include Quant because it has its own index, which for research might have importance.

https://www.qwant.com/

Ecosia

The search engine that plant trees. Christian founded Ecosia is a social business founded in 2009 after a trip around the world. They engage to protect privacy.

https://ecosia.org

For Technical or Legal queries

Epic SearchEncrypt Quant Swisscows DDG MetaGer

For Open information Queries

Epic SearchEncrypt Swisscows

For esoterism, religion, history

Gibiru

File Storage File storage

Cryptomator - Secure Storage on disk

Cryptomator is a free-to-use open-source to which you can contribute or donate.

You can see the differences between boxcryptor and Cryptomator below

https://cryptomator.org/boxcryptor-alternative/

Application runs on the PC or smartphone at user end. Cryptomator supports All OS plus Unix systems (Linux, BSD).

GDPR compliance instructions

https://cryptomator.org/gdpr/

Filen - Secure storage on Cloud

Zero-knowledge end-to-end encrypted cloud storage. Price depends on storage capacity, starts free up to 10 Gb, Fast, open-source, self-funded. Tier IV ISO 27001 certificated high security datacenters located in Germany.

Nice to use if you have enough memory in your PC.

https://filen.io/

Let's cite in this section SecureSafe already described that in some circumstances offers an excellent solution.

Spideroak one backup - Secure storage on Cloud

Zero-knowledge end-to-end encrypted cloud storage. The application is speed, large amounts of data available. However, to use a permanent mirroring of folders and files you need a good Internet connection. High security data center located in the US. Nevertheless their practice of data privacy is excellent. Starts at 150 GB for $6 per month.

https://spideroak.com/one/

Analytics and tag manager

Clearly businesses urgently need to turn to ethical and privacy-aware providers for analytics and tag manager.

Privacy-aware, and regulation compliant analytics and tag managers exist, either free or at a tiny price. Out of my research, of about 20 applications, I could select four of them: Matomo... Plausible Simple analytics Unami

Matomo

Matomo is certainly the most feature-rich, flexible and proven analytics solution today, with multiple servers' locations worldwide for hosted, and an open-source version on premises, free for analytic with other features, such as white label, search engines keyword performance, etc. provided on demand at cost.

The hosted version (at 1 Euro per domain per month) offers a full analytics suite with tag manager, heat map and a wealth of useful features. Also it supports both logs analysis and Javascript, distinctly or in synergy. Respectuous of client's privacy and data ownership, Matomo obviously complies with regulations worldwide.

https://matomo.org/

Compare features:

https://matomo.org/features/

Plausible

Open-source project dedicated to making web analytics more privacy-friendly, with a monthly fee of 6 Euros, Plausible intends to reduce corporate surveillance by providing an alternative web analytics tool which doesn’t come from the AdTech world. independent, managed by two developers full-time, self-funded and and sustainable by the users' subscription fees, incorporated in Estonia. Minimal data collection in general, server in European Union to ensure strict laws on data privacy. They do not track and collect any personal data or personally identifiable information, All the data is in aggregate only and Plausible does not track people across their devices.

https://plausible.io/

Simple Analytics

They say: "the essentials: page views, referrers, top pages, and screen sizes."

"No cookie banners, GDPR, CCPA, or PECR to worry about."

"When a service is free you are the product. We won't ever sell your data. As a result, we need to charge". Based in the Netherlands, they charge 19 to 59 Euros monthly.

https://simpleanalytics.com/

Unami, Mike Cao

Open-source, free, fast, minimalistic, Unami offers its users to own their analytics. Umami collects only the metrics you care about and everything fits on a single page. Simple analytics, unlimited websites, light weigth, mobile friendly, privacy-focused.

https://umami.is/

Privacy management and cookies Privacy setup

Unfortunately, an in-depth research revealed the difficulty to advise at technical and legal extent for a truly ethical and privacy-aware service or tool for privacy and cookies management(!) .

Free generator available

However, currently I can recommend a free tool that may serve as a template to help you figure your needs. This helpful tool does not integrate what you may need for compliance with the many local regulations.

https://www.privacypolicygenerator.org/

However, I recommend to manage the permanently moving legal jungle using a specialized assistance. Although such legal services exist, the very best ones are not necessarily compatible with the size, financial and human capacities of a small business.

To address this shortcoming, we are currently considering to launch our own integration. This new tool would help provide a quick audit and follow up, and an ethical privacy-aware solution to address state, national and regional regulations.

If you need a follow up on this single topic, please register here.

Promising Concepts

Web Monetization

Another interesting concept is brought by A JavaScript API which allows the creation of a payment stream from the browser to the website. Web Monetization is being proposed as a W3C standard by the Web Platform Incubator Community Group.

How does it relate to privacy?

The idea to allow the creation of a payment stream to the website resolves one of the main reason why trackers are used for advertising: paying for content or tools. The web monetization concept does not imply to learn anything from the buyer. So its adoption would generate and sustain privacy-aware monetization.

We will launch our test beds soon. Current test test beds rely on Coil, interledger, the Puma browser and a wealth of plugins components.

IPFS

IPFS is an interesting concept for the renewal of the web : A distributed system for storing and accessing files, websites, applications, and data.

IPFS knows how to find information by its contents, not its location.

To see how it works, follow the below URL.

https://docs.ipfs.io/concepts/what-is-ipfs/

Theta

Depending on the prospects and stakeholders, Theta might become of interest for privacy

https://www.thetatoken.org

About the author Irene Silberstein

Information specialist and web pioneer, Irene offers an extensive experience in information strategy, research and analysis. She manages iSkiv Ltd, a UK limited company, to learn more, see Irene Silberstein

Privacy-aware, Zero cookie policy

We apply a strict zero-cookie policy. Simpler, cleaner, this is our all-times choice. We don't track you, we don't sell your data. To protect our visitors' privacy, our analytics are processed by Matomo [2nd window]

Security-aware, Secure transactions

Transactions on this website are SSL encrypted. We take all precautions in our power to secure your data where we need to process and store them for the service you request.

Learn more about our policies [2nd window]