➡ Your online privacy is at risk due to various tracking methods used by big tech companies like Google and Facebook. They can identify you through your phone number, email, contact lists, and even your location. To protect your privacy, use different phone numbers and emails for different platforms, avoid using your real name where possible, and consider using a VPN or a de-Googled phone. Remember, having a pseudonym isn’t enough; you need to be aware of the many ways you can be tracked online.

➡ We offer products and services to help you keep your personal information private. Our latest product is the Brax III Privacy Phone, which doesn’t share your location or require a Google login. We also offer the Brax Virtual Phone, Braxmail, and ViceVPN, all available on our website, Braxme. Join our community of over 100,000 users discussing privacy issues daily.

In the first part of this series, I described a particular dilemma we have as privacy enthusiasts, which is to describe that pretty elaborate data repository I call the FOREVER database. The FOREVER database has everything. It has government data that tracks passports, social security, driver’s licenses, taxes, all the way to healthcare. Local governments even have data tied to sensors like license plate readers and surveillance cameras. Other sources have credit data, internet data tied to your real name, hackers data, social media. We’re all in it. And to be frank, within this landscape, there is no escape. I said in that video that I would refer to the FOREVER database as the KYC layer.

KYC, or Know Your Customer, is the government terminology for let’s ask for ID. So within the KYC layer, everything occurs fully identified by your real name, your birth date, your social security number, and your real address. The dance we have to do to retain internet privacy is to skim above this KYC layer wherever we are on the internet. And as long as we are above it, then in theory, we are safe from being identified. The main tool we use to write above the KYC layer is to use an alternate identity called a pseudonym. So on an intuitive level, we assume that as long as we don’t use our real name, then there’s nothing to connect us to the KYC layer.

However, as you will find out, this is actually more complicated than it sounds. And the reason is that those opposed to privacy will do everything to identify you indirectly if they can’t do it directly. If you don’t understand all the complications here, then you will have lost your privacy even more than before. Let’s do a deep dive into the second in the Privacy Masterclass series and find out why pseudonyms are not enough. Let me restate the premise here so we have a firm foundation. All of us, and I mean all of us, are fully in this KYC layer.

Unless you were Tarzan raised in the jungle by gorillas and had no human contact, then it is safe to say there is a cradle to grave record of you in the KYC layer. Young parents ensure that every newborn is embedded deeply in the KYC layer by early photos and videos in a child’s early life on Facebook. And schools embed kids in this layer by enforcing the use of real names in the internet via Google Docs and Chromebooks starting at elementary school. Now that you’re all grown up and are understanding the problems with the surveillance state and the surveillance economy, many of you want out.

So your first instinct is to not use your real name, but that knee-jerk reaction needs some real thought. First, the question isn’t really about when you should use a pseudonym, but when you should not. I encounter many followers who immediately, upon being interested in privacy, start to disconnect their identity from everything and anything on the internet. For example, people start hiding from their banks by changing their location via VPN, using voiceover IP phone numbers for two-factor authentication, changing addresses to a P.O. box and hiding their normal email. And this is for a bank. In general, I will state this.

Do not hide from any financial institution as they will find it suspicious. After all, it is your money they are safekeeping for you. So why are you obscuring your identity with them? Banks already know your social security number, but critically, banks report information you provide them to credit reporting agencies and to the IRS. So if you’re trying to hide a pseudonym, you’ve just lost it here since all the new identifiers you’ve just provided to the bank are now part of your KYC history. And will show up on your credit report. And once there, it is accessible to big tech and hackers.

This is a huge mistake. Hide in plain sight. This is an example where you should hide in plain sight. You do what normal people will do and not alter your identity in any way. If you have a real name Gmail, for example, this is the time to use that. This is also the time to use your well-known phone number. And of course, don’t be afraid to reveal your real address since they already have it anyway. This is not limited to just banks. Basically, you ask yourself if an entity already knows you. This especially means the government.

This could be your telephone carrier, your internet service provider, your car dealer, and credit card companies. But there’s more. Should you really hide even from PayPal, they already have your credit cards and bank accounts. What about your travel platform that arranges your flights and puts your ID on the boarding pass? We’re all expected to be in the KYC layer. We are surveilled and are expected to behave like normal people doing normal things. We have to succumb to this or we stand out like a sore thumb and attract attention. Attracting attention is not what you want with privacy.

Where we draw the line. As long as the activities are normal things and are not connected to our inner thoughts, ideas, likes and dislikes, then we give in. We have no choice. Privacy counts when we express our innermost thoughts. Typically, this is when we interact with others in social media. This is where we are the most vulnerable. For example, this could be political beliefs, religious beliefs, sexual preferences, your relationships, your enemies, your creative ideas, and discussing past and future personal actions. This to me is important to protect and intuitively you all understand the significance of this.

We already know from the past few years that when the internet knows what you think and they know who you are, then you will get attacked, manipulated, encouraged to do things you will likely regret, shamed, put down, and so on. In fact, based on behavioral data known about you, many players, including big tech companies like Palantir and Google, are operating psi-op operations to influence your vote, change what issues you believe in, and choose who you’re supposed to hate. So this is the moment when you need to exercise caution with revealing your identity. Your apparent identity could just be a typical 9-5 worker doing nothing, attracting attention, and not participating in social interaction over the internet.

But remember that the private you is empowered to do and say anything. Pseudonyms Pseudonyms are alternate names we give to ourselves on the internet. Sometimes it is helpful to have multiple pseudonyms to represent different characters you portray. For example, a hyper-political you could be a different person from the you that’s interested in travel or music. Obviously, the more pseudonyms, the harder it is to consistently portray the character you want to portray. Likely you will mix it up, so I don’t recommend having many. There are many social platforms that do not allow pseudo-anonymity. A big example of this are dating apps.

They want to KYC you to gazoo because they have liability issues with giving potential sexual predators access, for example. Facebook, of course, is the primary real-name platform that does not allow a pseudonym. Well, actually, it allows it, but this is the biggest mistake. Facebook keeps a link between past and current names and profile photos. So if you change any of it, they will all be linked together and it will show up on Google search. Back to your real name. Starting with this and reasons I will give later, Facebook is a big no-no. If you ever want privacy, you will need to abandon Zucking Zuckbook.

LinkedIn is another place where you don’t put a pseudonym in. If you can help it, I would minimize what is on LinkedIn. Connecting pseudonyms to real identities. Big Tech will not let you get away with using a pseudonym unhampered. Remember that they make money from having you as the product. So Big Tech tries at every opportunity to match you or your pseudonym to a real identity. Or absent that, they will treat your pseudonym as a stable identity they can track. This means that you need to be aware of the common links used to determine your identity beyond the name.

Their goal is to force you to provide data that then will be used to identify you indirectly. Here are the common tools they use to do this. One of the most common requirements now on internet platforms is the use of two-factor authentication or 2FA. But this concept has been warped from the original intent of stopping hackers to getting your real phone number. You know that their intent is to find your real identity when sites start banning voiceover IP numbers as a phone number you can use. What is the point of such a band? The only point is that they want to KYC you.

This is particularly true of Facebook and really all of meta. I can name many other sites with such a band including Google, Telegram, Twitch and Discord. What is the actual problem with using a voiceover IP phone number that has texting capability? Nothing really. It is a valid method of getting text messages but they ban it because they know your real phone number has your real name. Most regular long-term phone numbers, particularly in the US, are fully documented with your full ID and your social security number and are on your credit report. These, by the way, have already leaked publicly via the Equifax hack so it is no mean feat to correlate phone numbers to real people’s names.

Plus, there are plenty of third parties, the social media aggregator sites, who compile these. Then Big Tech often has access to them anyway because of financial relationships with you via credit cards used on app stores. Knowing this, the best defense is still to use a number that is different from your normal number for 2FA purposes. Contact Lists Certain platforms have a direct source of phone numbers. The number one player in this realm is Facebook. Facebook uploads contact lists from people you know daily. So if your primary number is in someone’s contact list, which of course will be the case, and you use the same number for 2FA, then you are zocked.

Your real name will pop up on their contact list. This will be crowdsourced, since basically your name will appear in many, many contact lists using that number. Again, using a different phone number for 2FA soft disks. Yes, your main phone number will be known, but your current pseudonym will not be tied to that normal number. The other player with massive control of contact lists is Google via Gmail. Anyone you’ve ever communicated with on email is known to Google, so they taint your regular email. Relationship Maps Platforms like Facebook have additional risks. In addition to using your phone number as a tool to identify you, the contacts themselves are an ID to you.

Since every contact on Facebook is fully identified with their phone numbers, real names, locations, and crowd verified, they become the news around your privacy. Basically, your identity is based on your relationship to the people around you. Many will verify your connections by stating you are a brother, sister, cousin, classmate, co-worker, and so on. While this is already obvious on Facebook, it is not obvious on Instagram or WhatsApp where you decided to use your pseudonym. I state this emphatically here. When you’re on meta, all your interactions on Instagram and WhatsApp are connected entirely to your identity on Facebook.

And if you decide to delete your Facebook account, then your identity will be derived from the relationship maps of your contacts on those platforms. Thus, there is actually no privacy when using the so-called encrypted messaging apps like WhatsApp. Metadata reveals who you are talking to and will also be apparent why you’re talking in secret, based on relationships on Facebook or like thereof. There’s no way to escape this because for one, two FA phone numbers on meta need to be real mobile phone numbers. Email Another major identifier that will break your pseudonym is email. If you use the same email address for multiple platforms, what could happen? Well, if you use the email for banks, credit cards, or car loans in the past, then expect that email to be on your credit report.

To remind you again, Equifax, the credit reporting company, was already hacked, so unless this is a recent email, then your past emails matched to your real name and address is already part of the public domain. Email is a common vector of attack for hackers because unfortunately, the majority of people use the same email as a login to multiple accounts and often using the same password. Your email with your name is harvested regularly by social media aggregator sites, so you should assume that your email is already searchable on the internet. The solution is to use a different email for each platform where possible.

Use a real name or old email for government sites, banks, credit card companies, and family. In other words, limit real name emails to people who already know who you are. An assigned email to a pseudonym is a good strategy. Now, email is a very significant problem with Google and that is because 80% of all emails is likely Gmail and Google sees the great majority of email traffic in the entire world. They already know every contact you’ve sent an email to and why, but there’s more. Even if you have multiple Gmail accounts, they will be connected to you as I will describe momentarily.

Some of you experienced a block on a platform when you’re using a VPN. A recent example of this is YouTube. Many of you watch YouTube videos without logging in and they let you, but if you use a VPN, they say, nope, no access for you. Now, why is this? The reason is that they use your IP address as an identifier. So, let’s examine a typical scenario more closely. Let’s say you have two Gmail accounts and one is your real name, JohnDo at gmail.com. Then you make a new Google ID that is meant to be used as a pseudonym, which will be Forrester at gmail.com.

The problem is that when you log into Google, they record the IP address you have at the time of login. So, they will know your IP address is the same for both Gmail accounts. Thus, they know you are the same person. And if you log into Google without a VPN, they can then surmise who you are anyway, so turning off the VPN is not a good trade. Instead, I would keep using the VPN with Google and create a new Gmail that’s untainted, not connected to anything else. Google, by the way, does not allow voiceover IP numbers, so they will demand a 2FA phone number to identify you if you create a new Gmail.

So, to handle this, use either a passkey or a YubiKey as your 2FA. They will take that instead of a phone number. 24-7 location Another threat that is more specifically an issue with Apple and Google is very precise 24-7 location tracking. If you have iOS or a Google Android, then expect that your locations are always being tracked and recorded non-stop. Here’s a specific case where this ruins your pseudonym strategy. You log into Google with your pseudonym account forster at gmail.com. Then on another device, you log in as johndo at gmail.com. But even if you had a VPN on, both would reveal the same exact location within 6 feet.

On Apple, the location would be in inches. The reason this is possible is that mobile phones running a standard OS will always be connected to Google and Apple and emits a constant exact location that you can never turn off. In other words, if the phone is on, a pseudonym approach is bound to fail. If you have multiple identities, but they all point to the same location, then you are zucked. You need a phone that doesn’t have a constant location tracking or not use the phone. Device identifiers Now this gets worse. Not only does Apple and Google track your location, but they know the specific unique identifier emitted by your device.

Your device has many unique identifiers that may have already been matched to you in the past. For example, a phone has the IMEI identifier and there are other identifiers like MAC addresses, MZ, advertising ID and so on. But let’s just look at the IMEI. Since the phone is logged into Google and Apple as well if it’s an iPhone, then both Apple and Google can see the IMEI and can use it as an alternate identity. Google knows your Google ID and Apple knows your Apple ID. Once a match is made, you’re zucked. Even if you try changing your login, the IMEI has already been matched to a location.

Unfortunately, the threat of location tracking and device identifiers are tied to your choice of phone. There’s no way around this on a normie phone. And now you know. Now you know why having a pseudonym is not enough. If you’re not aware of the many tracking methods available to Big Tech and especially from Apple and Google, then you don’t even realize that your anonymity is very vulnerable. Admittedly, the biggest threat here comes from Google that is actively bent on identifying who you are and frankly, you can see why they’re the toughest to beat. But let’s summarize what we learned so far.

First, decide if an internet platform already knows your real name. If so, then don’t use any identifiers tied to a pseudonym. Next, pseudonyms should be created using a VPN or Tor so they’re not recorded with your known IP address. If you use an email login, then you should use a different login for every platform. Or at least one that is different from the one you use with your real name. And you should have emails not associated with Gmail. If you have to supply a phone number for 2FA, hopefully you used a different phone number than the one attached to your real name, financial institutions, and friends.

If you expect to remain anonymous, then either you do not use a phone to do these anonymous actions or you have a de-Google phone. This would then hide both locations, device identifiers, and also not have a login to Apple or Google. There’s a lot more detail, but this is a starting point to strategize a move to gain privacy. Folks, this channel is completely community supported. We do not have sponsors, and it is you that keeps it going. Thank you to all the people who support us via Patreon, Locals, and YouTube memberships. I don’t publicly acknowledge you for privacy reasons, but you are appreciated.

Mainly to support this channel, we offer products and services which are focused on our goal of achieving personal privacy. One of the newest products is the Brax III Privacy Phone. Unlike your typical phone, this does not reveal your location and has no Google login. It is a community project involving multiple companies and is currently on indiegogo.com and also to be made available on BraxTech.net. We also have other products that you should check out. We have the Brax Virtual Phone, which is a no-KYC phone service. We have Braxmail, which allows for unlimited aliases and many domains. We have ViceVPN, which is used to protect your IP address.

All these are on our site, Braxme. Join the well over 100,000 users that are there talking about privacy issues daily. Thank you for watching, and see you next time. [tr:trw].

See more of Rob Braxman Tech on their Public Channel and the MPN Rob Braxman Tech channel.