The Privacy Iceberg (I'm deep)
This video explains online privacy using an "iceberg" metaphor: the surface steps are easy wins, and the deeper you go, the more effort increases while convenience drops. The creator emphasizes that you don't need to reach the bottom—just a few changes can significantly reduce how much data gets collected about you. It also includes a candid look at how easy it is to accidentally "connect the dots" and reveal your identity online.
1. The What and Why (What "Online Privacy" Really Means)
The video opens by framing privacy in a very human, everyday way. Offline, most people instinctively understand privacy: you don't share certain personal details with everyone, and you naturally limit who gets access to intimate information.
"Privacy is about not sharing certain information with certain people—not keeping it totally secret, but keeping a section of people out."
Then the creator adds the "online" part back in—and that's where things get messier. Online, we often don't treat our personal life like we would in the real world. We click, browse, buy, watch, comment—and leave behind a constant trail of data.
"When we navigate the vast internet, we leave a digital breadcrumb trail."
And importantly: that data typically doesn't vanish. It gets collected, stored, and often sold, helping companies (and sometimes governments) build detailed profiles of you—your habits, interests, and likely future behavior.
"Every click, search, product you buy… it all adds up. And that data doesn't just disappear. No—it's sold."
The creator explains the basic business model of many "free" platforms: you're not paying with money, you're paying with attention and data.
"If it's free, you are the product."
They use Facebook/Instagram as examples: advertisers are the real customers, and you're the thing being measured and targeted.
"Your attention, your behavior, your data—that is what's being packaged and sold."
This leads to the practical question the whole video tries to answer:
"What the hell can we do about it?"
Before jumping into tools, the creator introduces a key idea: threat modeling—a fancy-sounding term that's actually simple.
"Threat models… [are] basically just asking: 'What do I want to protect and from who?'"
They clarify their personal priority: beyond basic security (passwords, hacking, identity theft), they mainly want to keep data away from big tech tracking and monetization.
2. The Iceberg Idea (You Don't Have to Go All the Way Down)
Now the iceberg metaphor is introduced clearly: the goal is not to become a full-time privacy monk living in the digital wilderness. Even small steps can matter a lot.
"The point isn't to go all the way down to the bottom. Even a few small changes can improve your privacy a lot."
That sets a reassuring tone: start where you can, and only go deeper if it matches your needs and willingness to put in effort.
3. The Surface Layer (Easy, High-Impact Changes)
3.1 Browser: Stop the Most Obvious Tracking
The first "surface" recommendation is switching browsers—especially if you're on Chrome.
"I'm guessing a lot of you use Chrome—and that's not great."
They recommend privacy-friendlier options like Brave, Firefox, DuckDuckGo's browser, or Zen (the subtitles say "Sen," but context strongly suggests Zen Browser, a Firefox-based privacy/minimalism-focused fork).
Brave is used as the example: it blocks ads and third-party trackers by default, and also tries to reduce browser fingerprinting—a technique where sites can recognize you by your device setup (screen size, fonts, system configuration, etc.).
"Brave… blocks ads and third-party trackers by default."
"It also tries to protect against… browser fingerprinting."
The creator personally uses Zen because Brave feels "bloated" to them due to added crypto/AI features.
"Zen is… built on top of Firefox, but modified… [for] a more minimal and privacy-focused experience."
They emphasize that any of the mentioned options are a meaningful upgrade, and suggest using comparison resources to see how browsers "stack up."
3.2 Ad Blockers: Ads Are Often Trackers
Next is an ad blocker, specifically something like uBlock Origin.
"A lot of ads are actually just trackers running in the background."
They briefly acknowledge the ethical debate (some call ad-blocking piracy), but keep the focus on privacy and tracking prevention.
3.3 Password Managers: Stop Reusing Passwords
The creator admits they used to reuse "the same two passwords," which is extremely common—and extremely risky. If one site gets breached, attackers can use that password elsewhere (credential stuffing).
"If one of those sites gets breached, that password can be used to access everything else."
"It's basically one key to all the doors in your house."
A password manager fixes this by generating and saving long random passwords so every account gets a unique one. They mention Bitwarden, KeePass (local/offline style), 1Password, and say they use Proton Pass for convenience across devices.
"Instead of one password… you have a unique one for every single account."
3.4 2FA: Add a Second Lock
They recommend enabling two-factor authentication (2FA): even if your password leaks, a second code (often from an app) is required.
"Even if someone gets your password, they still need a second code to log in."
3.5 Cleanup: Reduce Your Digital Footprint
Finally, a "proper cleanup" means reducing old exposure:
- Delete accounts you no longer use
- Remove unnecessary apps
- Review privacy settings occasionally
- Limit permissions like location, microphone, camera
- Turn off tracking where possible
- Make social accounts private when appropriate
"This is all pretty low effort, but it will make a noticeable difference."
4. The Big Trade-Off (Privacy vs. Effort vs. Convenience)
Before going deeper, the creator explains the main "physics" of the iceberg:
- Deeper = more privacy
- Deeper = more effort to maintain
- Deeper = usually less convenience
But they add an important nuance: often the pain is mostly during the switching cost—learning, setting up, and adjusting. After that, many tools feel normal.
"Once you actually make the switch, a lot of these tools work pretty much the same."
"The deeper you go, the more you're trading initial convenience for long-term control."
This idea becomes the bridge into the next layer: swapping out core services.
5. Below the Surface (Switching Everyday Services)
5.1 Search: Stop Feeding the Google Profile
They suggest switching from Google to alternatives like DuckDuckGo, Startpage, or Brave Search.
Startpage is framed as privacy-first:
"Startpage… calls itself the world's most private search engine."
The key issue with Google is that searches can be tied to your account, history, and location, contributing to profiling and targeted ads. Privacy search engines aim not to store your history or track you across the web.
"It's the same internet—just a bit less of your data being collected as you roam around."
5.2 Messaging: Use End-to-End Encryption (and Accept the Social Friction)
For messaging, they recommend Signal (and mention Telegram) over Messenger or SMS. The big concept here is end-to-end encryption, meaning only the sender and recipient can read the messages—not even the app provider.
"Signal… uses end-to-end encryption by default."
"Only you and the person you're talking to can actually read the messages."
They point out the real-world problem: messaging apps require network effects—you need your friends/family to switch too.
"To really work, you have to convince the people you talk to to switch as well."
"I've certainly not succeeded at that."
5.3 Email: Choose Providers That Don't Scan for Ads
They recommend privacy-focused email like Proton Mail, Tutanota, or Mailbox, describing them as designed around not scanning emails for advertising and often offering encryption features.
"They're… built around the idea of not scanning your emails or using them for advertising."
Migration can take effort, but many providers offer migration tools. Also, you can still email people using Gmail/Outlook—so you're not isolated.
"You can still receive and send emails from people who use Outlook or Gmail."
5.4 VPN: Helpful, Not Magic
They explain what a VPN (Virtual Private Network) does: it routes your traffic through another server so websites see the VPN server's IP instead of your home IP, adding separation.
"Instead of your real IP, websites see the IP of that server."
They mention privacy-focused choices like Proton VPN, Mullvad, and IVPN, but emphasize the big caveat:
"VPNs are not some kind of silver bullet."
"You're… shifting trust rather than removing it completely."
Then comes the sponsorship: they use Proton VPN and highlight two reasons:
- Open source (code can be inspected and independently verified)
- No-logs policy (they claim they don't keep records of what you do)
"Fully open source… [means] the service can actually be independently verified."
"No-logs… means they don't keep records of what you're doing online."
They also mention a built-in blocker for ads/trackers and easy one-click use—while repeating the key point:
"Not a silver bullet—just one tool in the stack."
6. Deep Waters (Bigger Lifestyle Shifts)
Here the creator marks a transition: earlier steps were mostly swapping apps; now the changes become more "fundamental" and require more effort.
"This is where things start to change… fundamentally."
6.1 Switch Operating Systems: Linux for More Control
They suggest moving from Windows/macOS to Linux, describing it simply as giving you more control, generally less built-in tracking, and less dependency on big ecosystems.
"Linux… gives you a lot more control over what your system is doing."
They don't go deep here, but point viewers to their other Linux videos.
6.2 Mobile OS: GrapheneOS for Reduced Tracking
On phones, they mention GrapheneOS (a privacy/security-focused Android-based OS, typically for Google Pixel devices), describing it as removing built-in tracking and increasing control.
"GrapheneOS… removes a lot of the built-in tracking and gives you more control over your phone."
6.3 Prefer Open Source Apps (Often Free and Comparable)
They recommend replacing mainstream apps/services with open source alternatives—like LibreOffice or OnlyOffice instead of Microsoft Office.
"Open source alternatives are often just as good as more proprietary options."
"Most of them are free."
6.4 Self-Hosting: Remove the Middleman
Then they go deeper: self-hosting—running services on your own hardware instead of a company's servers.
"Instead of relying on some company's service, you run the service yourself on your own hardware."
"Servers are just computers."
They explain the core privacy value: it's not just choosing a "better company," it's removing the middleman entirely.
"You're… removing the middleman entirely."
They share personal experience: setting up a small homelab (a bunch of computers used like a mini home data center), using Proxmox (virtualization platform), and running Pi-hole (network-wide ad blocking) on an old netbook.
"I'm still very much a beginner… but I'm having a lot of fun."
Self-Hosting 101 Steps (as described)
They outline typical steps at this level:
- Move away from big cloud storage
- Replace Google Drive/iCloud with home storage such as a NAS (Network Attached Storage)
- Use self-hosted platforms like Nextcloud or TrueNAS
"Your files live on your own hardware instead of on someone else's computers."
- Take control of DNS
- Pi-hole: blocks ads across your whole network
- Unbound: lets you resolve DNS queries yourself instead of sending them to Google/ISP
"Unbound… lets you resolve DNS queries yourself."
They warn (repeatedly) that this gets deep fast:
"It's quite the rabbit hole."
But also frames it as a shift from merely choosing privacy tools to actually reclaiming ownership over parts of your digital life:
"You move from just using… privacy-oriented tools… to actually reclaiming and owning parts of your digital life."
7. The Bottom (Anonymity, Isolation, and "Getting Weird")
Now the tone changes: the "bottom" is where it's not just privacy—it's about separating identity from activity online.
"Let's get a bit weird here…"
"It's about trying to separate who you are from what you do online."
7.1 Tor: Make Tracing Much Harder
Instead of just switching browsers, you might use Tor, which routes traffic through multiple relays (layers), making it much harder to trace traffic back to you.
"Tor… routes your traffic through multiple layers, so it's much harder to trace."
7.2 Privacy-Focused Operating Systems and Isolation
They mention using operating systems designed for privacy and isolation—subtitle references "Tails or Qubes" (the subtitle text is messy, but context clearly indicates Tails and Qubes OS).
"Operating systems like Tails or Qubes… designed specifically for privacy and isolation."
7.3 Identity Compartmentalization (Different "Versions" of You)
At this depth, you start using separate identities:
- Different emails
- Different accounts
- Possibly different personas
- Avoiding links between them ("compartmentalization")
"Using different emails, different accounts, maybe even different versions of yourself… and making sure that they don't connect."
7.4 The Creator's Mistake: How Easy It Is to Dox Yourself
They share a personal example of how they failed at separation. They Googled their full name and found expected professional items (university employment, teaching, exhibitions, conferences).
"That was kind of expected. I don't mind this."
But they wanted their YouTube identity separate from their professional career. Even without ever posting their full name or university, they had revealed small details across videos: first name, city, and that they work/study at a university. Using just those clues on a new device, they were able to find their university teacher page—and from there, their full name, and then private social profiles.
"Throughout my videos, I've… revealed what my first name is, which city I live in…"
"Using these three pieces of information, I found my teacher page… Now, you have my full name."
The lesson is clear: even small "harmless" details can combine into a complete identity trail.
7.5 Payments Change Too
At the bottom, even financial behavior can shift:
- Cash
- Prepaid cards
- Privacy-focused cryptocurrencies
"Instead of just using your normal card, you might use cash, prepaid cards, or privacy-focused cryptocurrencies."
Eventually, the creator notes, you're barely "using the internet" the normal way anymore. At some point it becomes a different lifestyle—aiming for anonymity, not just privacy.
"Somewhere along the way, it stops being about being more private and starts becoming a completely different approach to being online."
"You want anonymity."
And then the final joke-bottom:
"The very bottom here is just to move to a cabin in the woods and call it a day."
8. Closing Notes (Beginner Perspective + Invitation)
The creator wraps up by clarifying they're not a cybersecurity expert—just a beginner sharing what they've learned and what they messed up.
"I don't have a background in cybersecurity… I'm a total beginner."
They'll link resources they found useful and invite viewers to comment with advice and suggestions. They also thank viewers, channel members, and the sponsor again.
"If you have any good advice or suggestions, please leave a comment. I'd be happy to read through them."
Conclusion / Final Thoughts
The "privacy iceberg" message is that you don't need perfection: even surface-level changes like a better browser, ad blocking, password management, and 2FA can dramatically improve your privacy. Going deeper (privacy email, Signal, VPNs, Linux, GrapheneOS, self-hosting) increases control—but also effort and complexity. At the bottom, it shifts into anonymity and identity separation, where small leaks can connect your entire online life—so being intentional matters.
Need a summary like this?
Get instant summaries with Harvest