Le temps ne traverse pas les hommes et les femmes de la même manière.

Il traverse chacun avec ses blessures, ses désirs, ses refus, ses histoires familiales, ses deuils, ses enfants rêvés ou jamais voulus. Mais sur le plan du corps, une différence demeure. Elle ne dit pas tout. Elle n’explique pas tout. Elle ne résume personne. Elle inscrit pourtant une frontière très concrète dans la vie.

Le corps d’une femme porte une fermeture plus nette. La réserve ovarienne existe avant même la naissance, puis elle diminue. La fécondité baisse avec les années, souvent bien avant la ménopause, avec une marche plus visible après le milieu de la trentaine. Chaque femme vit cela différemment. Certaines le sentent tôt. Certaines ne veulent pas d’enfant. Certaines en ont eu. Certaines en désirent encore. Certaines s’en moquent longtemps, puis reçoivent cette limite comme une phrase tardive du corps. Le corps, un jour, dit que le chapitre ne pourra plus se rouvrir de la même façon.

Chez l’homme, le temps agit aussi, mais il ne ferme pas la porte avec la même brutalité. La qualité du sperme change. Le désir change parfois. La fonction sexuelle, la fécondabilité, certains risques liés à l’âge paternel évoluent aussi. L’homme ne vit pas hors du biologique. Son corps vieillit. Sa puissance aussi. Son imaginaire, en revanche, peut continuer plus longtemps à se raconter une possibilité.

Un homme peut garder très tard une fantaisie de paternité. Rencontrer quelqu’un. Refaire une vie. Avoir un enfant. Transmettre encore. Prononcer un prénom nouveau. Tenir un bébé contre lui alors que son visage à lui porte déjà beaucoup d’années. Cette possibilité peut être réelle dans certains cas. Elle peut aussi devenir une fiction intérieure. Un futur disponible en apparence. Une pièce que l’on garde ouverte dans sa tête, même quand le corps, l’énergie, la lucidité, la responsabilité ne suivent plus vraiment.

Cette différence me trouble.

Un homme peut parfois fantasmer l’enfant comme un prolongement de son désir, de son identité, de son besoin de recommencer. Il peut imaginer la paternité comme une porte qui reste entrouverte. Une promesse disponible quelque part. Une manière de ne pas sentir complètement la fin de certaines choses. La possibilité d’un enfant devient alors plus grande que la réalité de l’enfant lui même. Elle devient une forme de futur. Un symbole de vitalité. Une preuve que rien n’est encore clos.

La femme rencontre autre chose. Même quand elle ne veut pas être définie par sa fertilité. Même quand elle refuse à juste titre que son corps soit réduit à cette fonction. Même quand elle vit librement, pleinement, avec ou sans enfant. Son corps porte une date plus précise. Une saison plus irréversible. Le désir peut continuer, l’amour peut continuer, la féminité peut continuer, la vie peut même s’élargir. Mais la possibilité naturelle d’enfanter finit par rencontrer une frontière que l’imaginaire ne traverse pas simplement.

Cela donne au temps une texture différente.

Chez certains hommes, le futur garde une forme plus abstraite. Ils peuvent parler d’enfant comme d’un projet encore possible, parfois avec beauté, parfois avec immaturité. Chez certaines femmes, la question devient plus charnelle. Elle passe par le ventre, les cycles, les examens, les années qui comptent autrement. Elle peut devenir un deuil discret. Une urgence. Une paix. Une colère. Un soulagement. Une question silencieuse au fond du corps.

Je ne crois pas que l’homme fantasme mieux l’enfant. Il peut simplement le fantasmer plus longtemps, parce que son corps le rappelle moins brutalement à la limite. La femme, elle, peut porter un rapport plus concret, plus tragique parfois, plus lucide aussi, au temps reproductif. Son désir rencontre une matière. Une biologie. Une horloge qui ne demande pas l’autorisation de la pensée.

Cette différence ne rend personne supérieur. Elle demande seulement une forme de respect. Respect pour la femme qui sent le temps dans son corps avant même de l’expliquer. Respect pour celle qui choisit de ne pas enfanter. Respect pour celle qui arrive trop tard à son propre désir. Respect aussi pour l’homme qui découvre que sa possibilité n’était pas une éternité, mais seulement une limite plus floue.

L’homme peut garder l’enfant comme une possibilité imaginaire plus longtemps que son corps ne le mérite vraiment. La femme finit par rencontrer dans son corps une frontière que son désir ne peut pas simplement traverser.

Alors je me demande :

Quelle part du désir d’enfant parle vraiment de l’enfant, et quelle part parle de notre peur de finir ?

Combien d’hommes gardent une porte ouverte dans leur imaginaire pour ne pas sentir leur propre vieillissement ?

Combien de femmes portent en silence une frontière que personne ne voit de l’extérieur ?

Que devient le désir quand le corps ne lui obéit plus ?

Et comment parler de cette différence sans réduire l’homme à son fantasme, ni la femme à son horloge ?

Si j’avais une fille, je ferais attention très tôt à ne pas lui apprendre à être agréable avant d’être libre.

Vers 3 ans, je commencerais par son corps. Ses bras, ses joues, son ventre, ses cheveux, sa petite main qu’on veut prendre trop vite. Les adultes aiment souvent toucher les enfants avec une tendresse qui ne se demande pas assez si l’enfant est d’accord. On veut un bisou, un câlin, une photo, une petite preuve d’affection. Une fille apprend très tôt que son refus peut décevoir, vexer, refroidir une pièce.

Je voudrais qu’elle sente autre chose.

Je lui dirais : ton corps est à toi. Tu peux venir dans mes bras, et tu peux aussi rester là où tu es. Tu peux dire stop. Tu peux enlever ta main. Tu peux refuser un bisou sans devenir méchante. Quand tu ne veux pas, je t’écoute. Même si l’autre est gentil. Même si l’autre est de la famille. Même si l’autre sourit.

Je surveillerais aussi mes propres réflexes. La pousser à dire bonjour avec son corps. Lui demander d’être mignonne quand elle est fatiguée. La faire sourire pour une photo. La reprendre trop vite quand elle se protège. Une fille dressée à rassurer les adultes risque de ne plus reconnaître son propre malaise. Je voudrais qu’elle garde cette petite alarme intérieure intacte.

Vers 5 ans, je ferais attention au mot « sage ».

Une petite fille sage reçoit souvent beaucoup de compliments. Elle ne dérange pas. Elle range. Elle aide. Elle sourit. Elle comprend vite l’humeur des grands. Elle sent quand il faut parler doucement, quand il faut être jolie, quand il faut faire plaisir. Tout cela peut avoir l’air charmant. Mais parfois, derrière cette grâce précoce, une enfant apprend à quitter son propre élan.

Je voudrais qu’elle puisse courir sans qu’on la transforme tout de suite en petite dame. Qu’elle puisse être sale, bruyante, drôle, maladroite, curieuse, entière. Qu’elle grimpe, tombe, recommence. Qu’elle apprenne à mettre ses mains dans la terre sans croire qu’elle perd quelque chose de féminin. Je lui dirais : tu peux être douce et sauvage dans la même journée. Tu peux aimer les robes et les cailloux. Tu peux être jolie sans appartenir au regard de personne.

Je lui apprendrais aussi à ne pas confondre gentillesse et effacement. Partager un jouet, oui. Dire pardon quand elle a blessé, oui. Mais donner sa place chaque fois que quelqu’un la réclame, non. Se taire pour garder l’ambiance légère, non. S’excuser d’exister trop fort, non.

Vers 8 ans, le cercle des autres deviendrait plus puissant.

Les amitiés de filles peuvent être magnifiques. Elles savent créer des mondes entiers avec trois bracelets, un secret, une chanson, une cabane sous une table. Elles savent se reconnaître, se choisir, se raconter, se tenir la main avec une intensité qui ressemble déjà à une petite société secrète. Mais ce monde peut devenir très fin dans sa cruauté. Une place donnée, puis retirée. Une meilleure amie qui change de camp. Un secret utilisé comme une monnaie. Un regard qui exclut sans rien dire.

Je lui dirais : ne trahis pas ton ventre pour rester dans un groupe. Si tu dois devenir moins toi pour être acceptée, écoute ce que cela fait dans ton corps. Une vraie amie ne te demande pas de te moquer d’une autre fille pour prouver que tu es loyale. Une vraie place ne te laisse pas pleine de peur dès que tu n’es plus dans la pièce.

Je lui parlerais des secrets. Les secrets de cadeaux peuvent rester cachés. Les secrets qui donnent mal au ventre doivent trouver un adulte. Je lui dirais : si quelqu’un te demande de garder un secret qui te rend confuse, triste ou inquiète, tu peux venir. Même si tu as promis. Une promesse qui enferme un enfant ne mérite pas d’être gardée seule.

Vers 12 ans, son corps commencerait peut être à devenir un lieu de commentaires.

La poitrine, les hanches, la peau, les poils, les vêtements, les photos, les comparaisons. Le regard peut entrer sous la peau avant même que l’enfant ait eu le temps d’habiter son propre corps. Les filles reçoivent parfois trop tôt cette impression étrange : leur corps parle au monde, même quand elles n’ont rien voulu dire.

Je lui dirais : ton corps n’est pas un message public. Tes vêtements ne sont pas une invitation générale. Ta beauté ne t’oblige à rien. Ta pudeur ne t’oblige à rien non plus. Tu n’as pas à devenir invisible pour être respectée, et tu n’as pas à devenir désirable pour exister.

Je voudrais qu’elle sache que le miroir ment parfois par excès de pouvoir. Qu’une photo peut prendre une mauvaise lumière et voler une journée entière. Qu’un commentaire idiot peut s’installer comme une écharde si personne ne vient l’enlever. Je lui dirais : viens me parler quand une phrase reste coincée. On la regardera ensemble. On ne la laissera pas construire ta maison intérieure.

Vers 15 ans, je lui parlerais plus frontalement du désir.

Je lui dirais que se sentir désirée peut donner une impression de puissance. Le regard de quelqu’un peut allumer une joie vive, presque dangereuse. On se sent choisie, vue, appelée. On découvre que son corps peut provoquer quelque chose dans l’autre. Cette découverte peut être belle. Elle peut aussi devenir une cage brillante.

Je lui dirais : être désirée n’est pas la même chose qu’être aimée. Quelqu’un peut vouloir ton corps sans vouloir ton bien. Quelqu’un peut être troublé par toi sans être capable de te respecter. Quelqu’un peut te couvrir de mots et te laisser seule avec la honte après.

Je lui parlerais des messages, des photos, des pressions lentes. La demande qui commence comme un jeu. Le compliment qui pousse un peu plus loin. Le silence qui punit quand elle refuse. La peur d’avoir allumé quelque chose et de ne plus avoir le droit de s’arrêter. Je lui dirais : tu peux changer d’avis. Même après avoir souri. Même après avoir envoyé un message. Même après avoir embrassé. Même après être entrée dans une chambre. Ton oui doit rester vivant. Dès qu’il meurt dans ton corps, tu peux partir.

Je lui parlerais aussi de l’amour qui serre. Celui qui demande un mot de passe. Celui qui veut savoir où elle est, avec qui, habillée comment, rentrée à quelle heure. Celui qui appelle jalousie une preuve d’attachement. Je lui dirais : l’amour qui rétrécit ton monde n’est pas en train de te protéger. Il est en train de prendre de la place à l’intérieur de toi.

Vers 18 ans, je voudrais qu’elle parte avec une boussole et une joie encore chaude.

Je lui dirais : tu vas aimer. Tu vas choisir. Tu vas te tromper parfois. Tu vas entrer dans des pièces où personne ne saura mieux que toi ce qui est juste pour ta vie. Alors garde un endroit en toi que personne ne peut acheter avec de l’attention. Ne laisse personne t’apprendre que ta valeur dépend de ta capacité à être choisie. Tu n’es pas une candidature permanente dans le regard des autres.

Je voudrais qu’elle sache travailler, créer, gagner son argent, habiter son corps, dire non, dire oui, partir, revenir, rire sans demander pardon. Je voudrais qu’elle connaisse la joie simple d’un repas entre amis, d’une promenade au soleil, d’une robe portée pour elle même, d’un silence sans menace, d’un amour qui ne lui demande pas de rapetisser.

Si je devais lui laisser une phrase, je lui dirais : ne rends jamais ta lumière disponible à ceux qui veulent seulement s’en servir.

Puis je me demanderais, moi aussi :

Est ce que je respecte son refus quand il me contrarie ?

Est ce que je lui apprends à être libre, ou à être facile à aimer ?

Est ce que je protège sa pudeur sans enfermer son corps dans la peur ?

Est ce que je lui montre qu’une femme peut être douce sans être disponible ?

Est ce que je l’aide à sentir sa beauté sans la vendre au regard des autres ?

Est ce que je lui laisse assez d’espace pour devenir une femme que je n’avais pas imaginée ?

Si j’avais un garçon, je commencerais très tôt par lui apprendre que sa force n’est pas faite pour prendre toute la place.

Vers 3 ans, je regarderais déjà la manière dont il utilise son corps. Ses mains qui poussent. Ses bras qui attrapent. Son rire quand il tombe sur quelqu’un. Son plaisir de courir, de grimper, de jeter, de taper dans un ballon, de sentir qu’il peut agir sur le monde. Je ne voudrais pas casser cet élan. Un petit garçon a besoin de sentir son corps vivant. Il a besoin de sauter, de courir, de crier parfois, de mesurer l’espace avec ses muscles.

Mais je lui dirais très tôt : ton corps est à toi, et le corps des autres est à eux. Tu peux dire stop. Les autres aussi. Quand quelqu’un dit stop, ta main s’arrête. Ton jeu s’arrête. Ton rire s’arrête. Tu n’as pas besoin d’être méchant pour faire mal. Un geste peut dépasser ton intention. Regarde le visage de l’autre. Regarde s’il rit encore. Regarde s’il veut continuer.

Je voudrais qu’il apprenne cela avant les grands discours sur le respect. Le respect commence dans une main qui se retire quand l’autre ne veut plus.

Vers 5 ans, je lui parlerais de sa colère comme d’une énergie à écouter, puis à guider. Je ne lui dirais pas d’être sage au sens d’être éteint. Je ne voudrais pas d’un petit garçon dressé à sourire quand quelque chose brûle en lui. Je lui dirais : ta colère a le droit d’exister, mais elle n’a pas le droit de tout casser autour d’elle. Tu peux taper dans un coussin. Tu peux courir. Tu peux venir me dire que tu as envie de hurler. Tu peux pleurer aussi. Pleurer ne te rend pas plus petit.

Je ferais attention à ne pas rire de sa peur. La peur d’un garçon est souvent traitée trop tôt comme une faiblesse. Une peur du noir, une peur d’un chien, une peur de perdre, une peur de ne pas être assez fort. Je lui dirais : viens, on regarde ensemble. Tu peux avoir peur et avancer quand même. Le courage n’a pas besoin de faire semblant.

Vers 8 ans, le groupe commencerait à lui apprendre des choses que je devrais surveiller de près. Les garçons entre eux savent être magnifiques et cruels. Ils inventent des mondes, des cabanes, des batailles, des blagues, des royaumes de poussière et de ballon. Mais le groupe peut aussi devenir un petit tribunal. Celui qui pleure est moqué. Celui qui hésite est poussé. Celui qui ne veut pas se battre doit prouver autre chose. Celui qui est doux devient parfois une cible.

Je lui dirais : tu n’as pas besoin d’humilier quelqu’un pour appartenir. Tu n’as pas besoin de rire quand une blague écrase un autre enfant. Tu peux rester dans le groupe sans donner ta bonté en échange. Si tes amis ont besoin que tu sois dur pour t’accepter, regarde bien ce qu’ils appellent amitié.

Je lui apprendrais aussi à perdre. Vraiment perdre. Perdre un jeu, un match, une course, une place, sans chercher tout de suite une excuse. Beaucoup d’hommes gardent très longtemps une incapacité à perdre proprement. Ils deviennent agressifs, sarcastiques, absents, supérieurs. Je voudrais qu’il sache sentir la déception sans la transformer en mépris. Je lui dirais : tu as perdu, ça pique, respire. Tu peux recommencer demain. Tu n’as pas besoin d’écraser quelqu’un pour retrouver ta taille.

Vers 12 ans, je lui parlerais de la honte masculine.

La honte de ne pas être assez musclé. Assez drôle. Assez populaire. Assez courageux. Assez désiré. Assez dur. Assez détaché. Le corps change, la voix change, le regard des autres change. Certains garçons commencent à jouer un rôle avant même de savoir qui ils sont. Ils apprennent à répondre par une vanne au moment précis où ils auraient besoin de dire qu’ils ont mal.

Je lui dirais : fais attention au garçon que tu fabriques pour ne pas être moqué. Il peut t’aider à passer une journée, puis te voler des années. Tu n’as pas à devenir froid pour être respecté. Tu n’as pas à parler des filles comme les autres en parlent. Tu n’as pas à faire semblant de comprendre le sexe, l’amour, le désir, si tu es perdu. Beaucoup jouent les experts avec un cœur encore plein de questions.

Vers 15 ans, je serais très direct.

Je lui parlerais du désir comme d’une force réelle, belle, parfois brutale, qui doit apprendre à ne pas mentir sur elle même. Je lui dirais : ton désir peut être puissant. Il peut prendre beaucoup de place dans ta tête, dans ton ventre, dans tes gestes. Il ne te donne aucun droit sur quelqu’un. Une fille, un garçon, un corps qui te plaît, un message ambigu, une photo reçue, une soirée, une chambre, un flirt, rien de tout cela ne devient une permission automatique.

Je lui parlerais de la pornographie sans détour. Je lui dirais : ce que tu vois sur un écran peut déformer ton attente du réel. Le corps de l’autre n’est pas une scène faite pour ta tension. Le plaisir n’est pas une performance. Le consentement n’est pas seulement l’absence d’un non. Regarde le visage. Écoute la respiration. Sens si l’autre est présent ou s’il disparaît pour te laisser continuer. Une personne peut dire oui avec sa bouche et ne plus être là dans son corps. Apprends à voir cela. Apprends à t’arrêter.

Je lui parlerais aussi de la pression qu’il subira lui même. La pression d’avoir envie. La pression de réussir. La pression de ne pas être vierge. La pression de raconter. La pression d’aller plus loin pour être validé. Je lui dirais : tu n’as rien à prouver avec le corps de quelqu’un d’autre. Tu n’as rien à prouver avec le tien non plus. Ton désir n’est pas une dette. Ta virilité ne dépend pas d’une histoire à raconter aux autres.

Je voudrais qu’il comprenne la différence entre protéger et contrôler. Beaucoup de garçons apprennent à appeler protection ce qui est en réalité de la peur. Ils surveillent, vérifient, jalousent, exigent, puis disent qu’ils aiment. Je lui dirais : si tu aimes quelqu’un, son téléphone ne devient pas ton territoire. Ses vêtements ne deviennent pas ton débat. Ses amis ne deviennent pas tes ennemis. Sa liberté ne diminue pas pour calmer ton insécurité.

Vers 18 ans, je ne voudrais pas lui donner une armure. Je voudrais qu’il sache marcher sans avoir besoin d’en porter une.

Je lui dirais : tu vas entrer dans un monde qui te proposera plusieurs façons d’être un homme. Certaines seront bruyantes. Elles parleront de pouvoir, d’argent, de femmes, de domination, de statut, de corps dur, de cœur fermé. Elles auront parfois l’air très sûres d’elles. Regarde bien le visage des hommes qui vivent ainsi. Regarde s’ils respirent. Regarde s’ils savent aimer sans posséder. Regarde s’ils savent être seuls sans mépriser. Regarde s’ils savent demander pardon sans se sentir détruits.

Je lui dirais : construis quelque chose. Une compétence. Une parole fiable. Un corps que tu habites. Une manière de travailler. Une manière d’aimer. Une manière de rester calme quand tu pourrais prendre le dessus. Le monde n’a pas besoin d’un homme de plus qui sait dominer une pièce. Il a besoin d’hommes capables d’entrer dans une pièce sans l’abîmer.

Je lui dirais aussi de garder sa joie. Les garçons perdent parfois une partie de leur tendresse en croyant gagner une place. Je voudrais qu’il garde les choses simples. Les amis avec qui il peut rire sans jouer un personnage. Le sport pour sentir son corps, pas seulement pour se comparer. La musique qui le touche. La cuisine faite pour quelqu’un. Les longues marches. Les gestes utiles. La capacité de dire : je ne sais pas. La capacité de dire : j’ai eu peur. La capacité de dire : je suis désolé.

Si je devais lui laisser une phrase, je crois que je lui dirais : ne laisse jamais ta force devenir l’endroit où tu caches ta peur.

Puis je me demanderais, moi aussi :

Est ce que je lui montre une force tranquille, ou une force qui cherche à gagner ?

Est ce que je respecte ses larmes quand elles arrivent ?

Est ce que je lui apprends à regarder le corps de l’autre comme un monde vivant, et non comme une réponse à son désir ?

Est ce que je lui apprends à perdre sans devenir dur ?

Est ce que je lui montre qu’un homme peut être tendre sans devenir faible ?

Est ce que je l’aide à sentir sa puissance sans lui donner le goût de dominer ?

A few months ago I spun up a new VPS on Linode, London datacentre. Nothing special – Debian, Nginx, a Let's Encrypt certificate, a domain I was going to use for my daily notes and my homelab experiments. No link posted anywhere, no entries in my feeds, no backlinks from the sites I run. Just a freshly assigned IP, from a subnet that a week earlier had belonged to someone else.

The one thing I had configured carefully was the logs: nginx with an extended format, journald with audit, a few baseline fail2ban jails. I wanted to see what happens to a server that doesn't yet have a life, before I gave it one. Twenty-four hours later, I opened the logs. No humans. That was expected – I hadn't told anyone the domain. But there was already a small zoo of other presences. A wget from a Polish VPS with a phantom reverse DNS, the kind registered with a placeholder that never got updated. Three GETs, same resource, thirty-six second intervals. Then nothing. An SSH scan on port 80 – yes, an SSH scan on the HTTP port – written in Go, with a user-agent that claimed to be Mozilla/5.0 but was negotiating TLS the way only Go's crypto libraries do. VisionHeight, a commercial scanner that bills itself as ethical, mapped seven ports in two and a half minutes. Censys came through twice, identifying itself, leaving its own PTR and a link to its opt-out page. A Common Crawl crawler. GPTBot. ClaudeBot. AppleBot.

People: zero.

I spent the evening watching those logs the way you'd watch a sequence of read-heads on a tape. It was like opening the door to a flat you'd just rented and finding it already occupied by intruders. This is a public network, they seemed to be saying, and nobody told you what public means.

Since then I've done what everyone does: I've built defences. nftables to drop ASNs known for aggressive scanning. fail2ban with custom jails for nginx that recognise the patterns of the noisier scans – probes against /wp-login.php on a server that doesn't run WordPress, attempts at /.env, requests for phpMyAdmin paths that don't exist. GoAccess to visualise what little organic traffic remains once the rest is filtered out. An alert system over ntfy for out-of-band anomalies. It is routine – every sysadmin running a homelab has their own variant. But building it calmly, rather than as a patch on something that has already fallen over, is precisely what gets you to look at things that would otherwise scroll past, filtered away.

And while I was building it, a question came to mind, maybe a banal one, an extremely banal one: who am I doing all this for?

Not for the readers – those are few, almost none, they arrive via RSS, shared links, the occasional search engine. I was defending the server from a network that is predominantly non-human. I was configuring jails for scanners that don't know me, for crawlers that don't read me, for botnets that don't particularly mean me harm – they mean harm to anyone reachable on a port 22 or 80.

The threshold: 51% (and already 53%)

In 2024, for the first time in ten years, bot-generated traffic surpassed human traffic on the internet. Fifty-one percent against forty-nine. The figure comes from Imperva's Bad Bot Report, 2025 edition, the twelfth in the annual series – the analysis is based on thirteen trillion requests blocked by their global mitigation network in 2024 alone. It is the number that best sums up where we have ended up.

The 2026 Bad Bot Report, published a few weeks ago with 2025 data, has updated the figure: 53% bots, 47% humans. Another point and a half lost in twelve months. It did not happen all at once. Here is the historical series, from 2015 onwards:

Year	Humans	Bad bots	Good bots
2015	54%	27%	19%
2018	62%	22%	17%
2020	59%	26%	15%
2022	53%	30%	17%
2023	50%	32%	18%
2024	49%	37%	14%
2025	47%	n/d	n/d

(Source: Imperva, Bad Bot Report 2025 and 2026)

Humans have lost seven percentage points in ten years. The erosion is slow and steady – a descending curve measured in years, not in months. Nobody cut a ribbon to announce we have crossed the threshold. It was a gradual shift of the axis, a median that moved while we were looking elsewhere. Meanwhile, the bad bots grew from 27% to 37%. Ten percentage points in ten years, all on the predatory side. Brute force, credential stuffing, data scraping, account takeover, API fraud. Imperva records that ATOs – Account Takeover Attacks – grew by 40% in 2024 alone, and in 2025 the financial sector absorbed 46% of all ATO incidents worldwide. And, dulcis in fundo, the “good bots” – Googlebot, Bingbot, the legitimate aggregators, the health checkers – went down. From 19% in 2015 to 14% in 2024. The indexing services that historically justified bandwidth consumption have lost ground: the network has become more automated, but in a direction that does not pay off for those who publish.

Cloudflare confirms this with independent data. Their Radar Year in Review 2025, published at the end of December, reports that global internet traffic grew by 19% in 2025, and a substantial share of that growth is attributable to bots and AI crawlers. Googlebot still dominates – around 28% of verified traffic – but the new generation is gaining fast: OpenAI's GPTBot went from 4.7% in July 2024 to 11.7% in July 2025. ChatGPT-User, the bot that acts on explicit user command, recorded a year-on-year growth of 2,825% in request volume. That is not a typo. PerplexityBot, even more extreme: +157,490%.

The 51% threshold has to be read in this context. The curve has been rising for years, and 2024 is not the peak. The network we are using today is not the 2015 network with a few more bots: it is a structurally different network, where humans have gone from being the main signal to being the background noise.

Who is talking in this network?

When you say “bot” you do not say one thing. The presences in the logs belong to three families that do different jobs, have different economies, and produce different pressures on the infrastructure. Three main categories, then.

The cartographers. These are the scanners that map the entire IPv4 space – four billion three hundred million addresses – across all or nearly all known ports, and maintain queryable databases of exposed services. The founding project is ZMap, released in 2013 by a team at the University of Michigan. ZMap is a port scanner that can scan the entire IPv4 space on a single port in under 45 minutes from a single machine, from userspace, over a gigabit connection. Technically remarkable: it cuts by an order of magnitude the time needed to “see” all of the internet. Censys was built on top of ZMap, launched in 2015 by the same authors. Censys continuously scans IPv4, collects TLS certificates, service banners, software fingerprints, and keeps everything in a queryable commercial database. Shodan, founded in 2009 by John Matherly, is the conceptual predecessor: less polished technically, but longer-lived and more deeply rooted in sysadmin culture. Rapid7's Project Sonar, ZoomEye, Fofa, Netlas – all follow the same logic.

In 2012, an anonymous researcher decided he wanted to census the internet but did not have the bandwidth. He built an illegal botnet of compromised routers – the Carna Botnet – and ran the first Internet Census: he published the dataset online and declared his own offences. It remains a case study in the asymmetry between technical capability and legality – what Censys does today from a datacentre, ten years ago was a federal crime in the United States. The scanners describe themselves as ethical. They respect abuse@, publish their methodology, exclude networks on request, leave identifiable PTRs. All true. But the data they produce – the complete, near-real-time map of what is exposed on the internet – is sold by subscription, and the clients include academic research and the surveillance industry, corporate threat intelligence and aspiring attackers with seventy-nine dollars a month for a base account. In 2014, at Def Con 22, researchers Dan Tentler, Paul McMillan and Robert Graham ran a live IPv4 scan on port 5900 looking for VNC servers without authentication. They found thirty thousand systems accessible without a password. Among them: two hydroelectric power stations, the cameras of a Czech casino, industrial control systems, ATMs, a caviar production plant. The map exists because producing it is cheap, and who consults it – for what purposes, with what consequences – is a consequence of that price, not the reason for the project.

The extractors. These are the AI crawlers. They existed in embryonic form before too – Common Crawl for years, the indexing archives of search engines forever – but since November 2022, with the release of ChatGPT, they have changed in nature and in volume.

Cloudflare's data, collected from a fixed sample of clients to eliminate the growth bias, is explicit. Between July 2024 and July 2025:

• GPTBot (OpenAI): from 4.7% to 11.7% of total crawler traffic
• ClaudeBot (Anthropic): from 6% to nearly 10%
• Meta-ExternalAgent (Meta): from 0.9% to 7.5%
• PerplexityBot (Perplexity): growth of 157,490%
• Bytespider (ByteDance): declining, from 14.1% to 2.4%

The most revealing figure is the composition by purpose. Cloudflare classifies AI crawling into three categories: training (data collection to train models), search (indexing for chat search), user action (visits on explicit user command). Over the past twelve months, 80% of AI crawling has been for training. 18% for search. 2% for user action. In the most recent six months the training share has risen further, to 82%. The overwhelming majority of the work these bots do around the web does not, then, serve network mapping – it serves to extract content, process it, and turn it into training data for models that will then sell access or use the output to generate responses that compete with the originating site.

Another Cloudflare metric measures the imbalance directly: the crawl-to-refer ratio, that is, how many requests a bot makes versus how much traffic it then sends back to the source site. In July 2025, Anthropic was crawling 38,000 pages for every human visitor it sent back – a clear improvement on the 286,000:1 ratio recorded in January of the same year, but still the most lopsided extreme among the major AI platforms. OpenAI in the same period was running at around 1,500:1. Perplexity 194:1. The economic model is asymmetric extraction: take a lot, give back little.

The parasites. These are the bad bots in the strict sense: 37% of total internet traffic in 2024. Thirteen trillion requests blocked by Imperva's network alone in that year.

Here the composition changes. Imperva observes that “simple” attacks – basic scripts, dictionary attacks, automated scans – grew from 40% to 45% in 2024. The report explicitly attributes this growth to the arrival of generative AI: tools like ChatGPT, Claude, Llama have lowered the technical barrier to writing a brute forcer, a credential stuffer, a malicious crawler. What ten years ago required Perl and John the Ripper today requires a prompt and ten minutes. 31% of total attacks recorded by Imperva fall into one of the twenty-one OWASP Automated Threats categories. 44% of advanced bot traffic attacks APIs, no longer web pages – because APIs expose business logic with fewer defences and more value. 21% of attacks use residential proxies: IP addresses belonging to real domestic connections, rented on the grey market, allowing the bot to blend in as legitimate user traffic. Geo-fencing, per-IP rate limiting, ASN blacklists – all useless against an attacker who routes traffic through a residential fibre line in Milan.

One detail demolishes a widespread myth. Attackers usually do not want to take a site down. They want to use it. A compromised site is worth more alive than dead: as a host for phishing, cryptocurrency mining, botnet command-and-control, traffic redirect for black-hat SEO, file storage for warez. When the site falls, the attacker has done something wrong – they have saturated resources, triggered detection, burned their foothold. Akamai regularly publishes reports that confirm this: the economic model of the malicious bot is the long stay, not the raid. This changes the reading of visible symptoms. If a site falls over with intermittent 502s, the structural explanation is almost always: saturation of a PHP-FPM pool due to medium-scale bot traffic, on infrastructure that was not dimensioned to absorb half the internet knocking at the same time. The political explanation – they are attacking us to silence us – is almost always false, because anyone who knows how to attack seriously does not let the site fall over.

robots.txt, or the death of a social pact

In June 1994 Martijn Koster, a Dutch sysadmin running the early web crawlers for ALIWEB, proposed a convention: a text file at the root of the site, robots.txt, in which the operator could declare which parts of their domain crawlers were kindly asked not to visit. No central authority would enforce it, no network protocol would verify it. It was a gentleman's pact, full stop. It worked because in the nineties crawlers were few, they were run by people who knew each other, and nobody had an economic interest strong enough to burn their reputation by ignoring a directive. For thirty years it held. Googlebot, Bingbot, Yandex, Common Crawl – all respected robots.txt as part of the basic etiquette of indexing. It was so established that the formal specification only arrived in 2022 (RFC 9309), decades after the daily practice. When the IETF standardised it, they did so to document a consolidated practice, not to create a new one.

That pact, in the last three years, has been broken.

Drew DeVault, founder of SourceHut – the niche git platform much loved by those who do not want to be on GitHub – published a post in March 2025 that became a manifesto, titled Please stop externalising your costs directly into my face. The piece describes, with technical coldness, the behaviour of LLM crawlers:

they crawl everything they can find, robots.txt be damned, including expensive endpoints like git blame, every page of every git log, and every commit of every repository, and they do this using random User-Agents that overlap with end-users and come from tens of thousands of IP addresses – mostly residential, in unrelated subnets, each making no more than one HTTP request over any window we tried to measure – actively and maliciously adapting and blending in with legitimate traffic to evade any attempt at characterisation or blocking

It is the description of a distributed DDoS attack carried out by companies that present themselves as legitimate consumers of bandwidth. SourceHut had to unilaterally block entire cloud providers – Google Cloud, Microsoft Azure – because it was the only viable defence.

The Wikimedia Foundation, in April 2025, published data that complements this. Since January 2024, the bandwidth consumed by media downloads on Wikimedia Commons has grown by 50%. The increase does not come from new human readers: it comes from AI scrapers vacuuming up the entire catalogue of 144 million open-licence files. Wikimedia has quantified it: 65% of the most expensive traffic hitting the central datacentres is bot-generated, even though bots account for only 35% of total pageviews. The bots read in bulk – they request obscure pages that the regional cache does not have, forcing the infrastructure to fetch them from the centre. A human reader costs little; an AI crawler costs a lot, and the cost-to-benefit ratio for the body hosting the content has become unsustainable. The Foundation has set as a 2025/2026 annual goal: “reduce by 20% the traffic generated by scrapers”. An organisation that hosts the largest free encyclopaedia in the world is forced to invest engineering in repelling those who want to read it.

The KDE project's GitLab went down temporarily because of a crawler coming from Alibaba IP ranges. GNOME's GitLab installed Anubis, a proof-of-work challenge written by Xe Iaso – on arrival at the page, the browser has to solve a small computational problem before the content is shown. Costs nothing to a human, costs dearly to a bot that has to do millions a day. The numbers published by Bart Piotrowski, GNOME's sysadmin, after switching on Anubis: in two and a half hours, 81,000 total requests, of which only 3% made it through the proof-of-work. 97% were bots. Anubis' default loading screen shows a girl in anime style – it is an explicitly provocative aesthetic choice by Iaso, who has declared he wanted to make the experience annoying for those using these tools to extract.

Kevin Fenzi, who administers Fedora's infrastructure, has blocked traffic from entire countries. Drew DeVault, in the same post, writes:

Every time I sit down for a beer with my friends and fellow sysadmins, it is not long before we start complaining about the bots and asking each other whether the other has found the definitive way to get rid of them. The desperation in these conversations is palpable

It is the first-person chronicle of a technical community that has watched a thirty-year cooperative protocol break in thirty-six months.

Anthropic, OpenAI and the others publicly respond that they respect robots.txt. The sysadmins' logs say otherwise. Cloudflare, in its December 2025 report, writes unambiguously that “crawling activity can be aggressive, often ignoring the directives found in robots.txt files”. The structural problem is simple: robots.txt never had an enforcement mechanism. It rested on reputation. For those extracting data today to train AI models, the dataset is worth more than the reputation lost by ignoring it.

What it means for those who publish

For anyone running a small site – a blog, an online magazine, a collective's server, a personal homelab – the 51% (and more) figure translates into a daily operational reality that those who do not administer do not see. A server receives, in proportion, the same kind of bot traffic as the New York Times. Not the same volume, of course – but the same mix. GPTBot downloads wp-content, Censys maps the ports, some botnet tries credentials against three or four well-known WordPress endpoints. Even publishing three articles a month to a readership of two hundred people, you end up statistically anonymous, inside a scanning distribution that is uniform across all of IPv4.

This produces two effects.

The first is that the technical barrier to publishing on one's own has grown. In the 2000s it was enough to install WordPress on a shared host and forget about it. Today that model survives only if there is someone taking care of the maintenance – timely updates, well-curated plugins, robust passwords, offsite backups, monitoring. Without it, the site does not get attacked in a targeted way: it simply gets consumed by background pressure, like a cliff that erodes without any particular wave breaking on it.

The second is centralisation. The industry's response to the problem has been “managed everything”: Cloudflare in front of everything, managed WAFs, hosting that does automatic protection, CDNs that absorb anomalous traffic. They work. But the price is that a large chunk of the web now passes through a single provider – Cloudflare handles something like 20% of global HTTP requests – and the small independent publisher who would like to remain small and independent has to choose between delegating their network to a commercial intermediary or accepting standing upright in the wind.

On the defensive front there is a ferment of countermeasures – creative and desperate at the same time. Beyond Anubis, there are tar pits: Nepenthes, written by an anonymous developer who signs himself “Aaron”, responds to crawlers with infinite labyrinths of generated content – pages that link to other pages that link to others, all synthetic, all designed to consume the bot's resources without giving anything useful in return. Cloudflare has released a commercial equivalent, AI Labyrinth, which does the same thing serving irrelevant text to recognised crawlers. There is the community project ai.robots.txt, which maintains an up-to-date list of AI crawler user-agents and provides both a ready-made robots.txt and .htaccess rules to block them. A small archipelago of individual countermeasures – effective in some cases, but also a symptom: the fight is site by site, sysadmin by sysadmin, because no higher level exists where the question can be resolved.

Self-hosting is still possible. I do it myself, many others do. But it requires time, competence, continuous attention. It has become a niche. What in the 1990s was the normal way of being online is today an exception that needs to be justified – and maintained by hand.

We publish for human readers. But the infrastructure is shaped by bots. The visible web – the one humans see, navigate, read – is the surface tip of an iceberg made mostly of traffic invisible to the eyes and visible in the logs. The real web – the one the bots see – is all of IPv4, scanned in search of usable surfaces.

Guests on our own web

When Tim Berners-Lee described the World Wide Web in the early 1990s, he spoke of a space for connecting people: documents, ideas, knowledge, communities. The cyberlibertarian narrative of the years that followed – Barlow's Declaration of the Independence of Cyberspace in 1996, the Californian dream of the internet as individual emancipation from the hierarchies of the twentieth century – amplified that promise until it became myth. Thirty years later, the data is one: in 2025, humans are 47% of internet traffic. The majority is machines. And 80% of the work of those machines is the extraction of value from pages that other humans have written, to be processed and sold as predictive, classificatory, generative capability.

Lawrence Lessig saw it in 1999, in Code and Other Laws of Cyberspace. The thesis was simple: code is law. The technical architecture of a network is already political, because it determines what behaviours are possible. Changing the code – the protocols, the specifications, the design choices – means changing which practices are economic and which are not. TCP/IP does not speak about identity, and that is a political choice with thirty-year consequences. robots.txt was cooperative, and that is a political choice that has become a vulnerability. Those who have controlled the architecture – the ARPANET engineers first, the large infrastructure companies later – have already written the rules of the game, regardless of who won the elections or wrote the laws. Lessig has been repeating it for twenty-five years. It is happening now, on a global scale.

We are guests on our own web. We have been for at least a decade, and for two years we have been statistically a minority. The rent we pay is in data extracted without our noticing, in attention consumed by content generated by those who have scraped ours, and in administration hours spent keeping in place infrastructure that is not designed for us. It is not a metaphor: it is an accounting that could be done line by line, if anyone felt like keeping it. The interesting question, then, is not how we block the bots: it is what it means to publish and administer in an internet where the intended audience is no longer the majority of the recipients. A question we should have asked ourselves a long time ago, and one that concerns not only technical operators, but anyone who considers the internet a common good – political, cultural, material.

---

Sources and further reading

On bot traffic statistics and trends

• Imperva (Thales) (2025). 2025 Bad Bot Report: The Rapid Rise of Bots and the Unseen Risk for Business. Twelfth annual edition. The decade-long historical series, the pillar 51% figure, composition by attack category, estimates on residential proxies and ATOs. Thirteen trillion bot requests blocked in 2024. https://www.imperva.com/resources/resource-library/reports/bad-bot-report/
• Imperva (Thales) (2026). 2026 Bad Bot Report: Bad Bots in the Agentic Age. Updated figures for 2025: 53% bots, 47% humans. https://www.imperva.com/blog/
• Cloudflare Radar (2025). 2025 Year in Review: The rise of AI, post-quantum, and record-breaking DDoS attacks. AI crawler composition by purpose (training/search/user action), GPTBot/ClaudeBot/Meta-ExternalAgent share, crawl-to-refer ratio by platform. Independent confirmation of the Imperva data from a completely different network angle. https://radar.cloudflare.com/year-in-review/2025
• Cloudflare Blog (2025). From Googlebot to GPTBot: who's crawling your site in 2025. https://blog.cloudflare.com/

On the breakdown of cooperative protocols

• DeVault, D. (2025). Please stop externalising your costs directly into my face. SourceHut blog, March 2025. The manifesto, in first person, of a sysadmin who watches the cooperative robots.txt pact break. Essential reading to understand what it means to administer a FOSS service under pressure from LLM crawlers. https://drewdevault.com/2025/03/17/2025-03-17-Stop-externalizing-your-costs-on-me.html
• Wikimedia Foundation (2025). How crawlers impact the operations of the Wikimedia projects. Diff blog, April 2025. The internal data: 65% of the most expensive traffic from bots, 35% of pageviews. The most documented case of asymmetry between costs borne by the body hosting free content and benefits extracted by crawlers. https://diff.wikimedia.org/
• Iaso, X. (2024–present). Anubis (proof-of-work anti-AI-scraper). The concrete tool that GNOME, KDE and several other FOSS communities have adopted to defend public infrastructure from aggressive crawlers. Demonstrates that defence, today, is proof-of-work – that is, computational friction applied to those who want to read. https://anubis.techaro.lol/

On scanning infrastructure

• Durumeric, Z., Adrian, D., Mirian, A., Bailey, M., Halderman, J. A. (2015). “A Search Engine Backed by Internet-Wide Scanning”. Proceedings of the 22nd ACM Conference on Computer and Communications Security (CCS '15). Founding paper of Censys. Describes how scanning IPv4 has become economically trivial. Essential technical reading to understand the discovery/defence asymmetry. https://zmap.io/
• Akamai (various years). The Web Scraping Problem and related Threat Intelligence reports. Economic model of the malicious bot as a parasitic long stay, not as a destroyer. Demolishes the common intuition that a site that falls over has been “attacked”: those who know how to attack well do not make anything fall over. https://www.akamai.com/blog/security

On the political economy of digital infrastructure

• Lessig, L. (1999, updated as Code v2 in 2006). Code and Other Laws of Cyberspace. Basic Books. Code is law. The technical architecture of a network is already political because it defines what is possible. Twenty-five years later, the thesis is the single most useful conceptual tool for reading what is happening to robots.txt. http://codev2.cc/
• Zuboff, S. (2019). The Age of Surveillance Capitalism. PublicAffairs. Framework of non-consensual extraction as the dominant economic model of Silicon Valley. To be read thinking that its thesis, written about behaviour, applies today one level deeper: to the textual raw material.
• Crawford, K. (2021). Atlas of AI. Yale University Press. The materiality of AI as extractive asymmetry: mines, datacentres, underpaid human labour. I would add: your server.

Original protocol specifications

• Postel, J. (ed.) (1981). Internet Protocol. RFC 791. The original IP specification, fourteen pages that never talk about identity. https://datatracker.ietf.org/doc/html/rfc791
• Koster, M., Illyes, G., Zeller, H., Sassman, L. (2022). Robots Exclusion Protocol. RFC 9309. The formal specification of robots.txt, arriving thirty years after the practice and already obsolete in the practice. Worth rereading every so often to remember that today's internet is a palimpsest of hacks on top of a protocol conceived for a world that no longer exists. https://datatracker.ietf.org/doc/html/rfc9309

#Bots #AICrawlers #robotsTxt #DigitalSovereignty #SelfHosting #Cloudflare #SurveillanceCapitalism #FOSS #Internet #SolarPunk #Writing

I’m too original for their ish.

This is a question that has weighed heavily on my mind as of recent.....

Is it a source of power? I would imagine for some of our favorite people who have accomplished incredible feats (as we deem them to be), faith is a battery pack. To someone like Kanye West, faith is like a yellow sun to superman. An endless supply of spiritual energy that fuels concentration, drive, and belief in oneself. The kind of drive to make you believe anything you can conceive in your mind can be transmuted into a tangible thing. The centerpiece to countless success stories. An unbiased entity that fuels both good and bad equally.

A Flavor As Sweet As Wine

What keeps a couple together for over 30 years? It's interesting to see what we do with such a powerful force. How do two people who meet at the relative infancy of their lives, at a random location like a school library, manage to create a relationship that spans 30 years? High school sweethearts who passed cheesy love notes during English class evolve into partners who swear to live by vows that serve as the basis for an eternity of love and everything that comes with it.

A Sobering Turn

How does an immigrant from a third-world nation migrate to America with basically nothing but clothes on their back and their native tongue create a modest, humble, but incredibly rich life for themselves and their family? What makes a person believe they are a divine being sent here on a mission? So much so, they convince others to believe in their vision with a conviction. Enough conviction that their followers are willing to leave their lives behind and travel to a random location and drink poison from a cup and sacrifice themselves, all in the name of a belief they were willing to die for? Is this the same source that Hitler, Jesus, Obama, and Trump all pull from to power their innermost desires, whether incredibly positive or unthinkably evil?

Final Remarks

I will leave you with this thought. To the person reading this, whether you consider yourself an average human with aspirations not nearly as lofty as becoming President of the free world or someone with incredible ideas and thoughts who is afraid to create the world they visualize every day due to fear or other barriers only you know about..

WHY CAN'T YOU HARNESS THAT SAME POWER

We are all waiting Clark....

Till Next Time – It's G #Personal

If I think back, I know that I have memories, Sneaking behind my parents back to play Minecraft with my school friends over Skype. I remember that I had Days after school where I would play Minecraft with my childhood crush, who I eventually ended up asking out with a coded love letter. I vividly remember giving her the note that says that I like you right as the bell rang for the school day to end, and I ran out of that building and I vividly remember how much my heart was beating and how it felt like I was seeing the same colors I’ve seen my entire life, except I was finally appreciating them for what they were. We dated for a year and we would exchange a full page letter to each other using the cipher that I still use to this day. I remember one day I had to rip up all of the notes and flush them in the toilet because I couldn’t risk my parents finding them. I remember one day in class in seventh grade while we were sitting next to each other she wrapped her leg around mine and I got so incredibly flustered I didn’t know what to do and I panicked. On the last day of school before summer break, she tried to hug me goodbye and my nervous system lit up, causing me to duck and roll and run away.

I remember the first day I met the friend I still play games with weekly almost a decade later. It was in a normal game of League of Legends, and the person he was playing with was chatting back with me and my friend. He sent a friend request and have politeness I accepted it, even though I didn’t really like him. One of the happiest memories I have in my life was shared with him in a karaoke bar in Japan last year. He’s one of my closest friends.

In elementary school with my friends at lunch we would jump around the grass fields and role-play being Pokémon trainers. One of the earliest memories I have was in first grade writing a full page for an assignment about how I dreamed of turning into a Charizard and flying to school.

Sometime around second grade, I had a dream where I flew by using pieces of paper on my hands as wings. I was so excited for recess, and I ran as hard as I could and I was not able to fly. If I’m being completely honest, a part of me still does believe that if I was to go now with two pieces of paper, all I would need to do is just run hard enough and flap with enough conviction, because I remember the feeling of the wind lifting me up.

I say these things because someone asked me what my earliest memory was, and the thing that came to mind was the first time thoughts of suicide came to me, even though I didn’t even know what suicide was. It presented itself in a bottle of some sort of chemical I was told by my sister would kill me if I drank it. And I remember how much I wanted to drink it, not because I wanted to get away from anything, but just because I thought it would be nice to die.

Depression robbed so many memories from me, and it continues to steal whenever it encroaches past the small closet it’s allowed to call home in my mind. A consequence of this is when I look back at my childhood all I remember is the suicide attempt, the plans, and washed memories of numbness, with the only exceptions being things I clutch onto as justifications for why I am the way I am. I desperately paint back in the memories of summers trapped in my room, or the places where the neglect was apparent. If I don’t preserve these memories, I may lose them along with everything else from my childhood, except these are the receipts to prove that I am hurt. But there’s no store for me to return these to, no way to get any value back from them aside from at most, acknowledgment they existed. And I wonder why I do not hold onto the happy memories the same way.

Whenever I look back at childhood I’m free from nostalgia because I only remember the tragedies, but if I hold the earlier memories I mentioned with the same hand, I’m left with a sweeter picture that makes it a little bit harder to leave. And I do have to leave it, because I cannot ever go back, but maybe it is a kinder thing if I was to carry something worth missing.

Technology in the last 40 years has really taken off and advanced. The internet has gone from sending small bits of information almost as primitive as morse code over a few small networks into a massive ocean of data connected by huge rivers. This has been great for personal liberation on information and powerful tools at our fingertips. However a lot of those early innovators to tech solutions for the people have turned against us to serve other masters, those of corporate and government interests. Google early on had great ideas and was doing remarkable work. The problem was they couldn’t figure out how to earn any profits and during the dotcom bubble crash they had to figure something out. They had a massive amount of user data and figured out how that could be turned into profits. It started off as just a simple ad campaign popping ads based on your browsing into their services. That basic idea is laid out in detail with Shoshana Zuboff’s book “The Age of Surveillance Capitalism.” Google literally invented the surveillance capitalism that now dominates the internet world we live in. I believe a lot of this started off fairly innocent and wasn’t a huge deal. It slowly morphed into what I view as a terrible monster ravenous for all and everyone’s information. It wants to see and know everything about everyone – an all seeing eye and ear. This beast has an obsession with data collection and digitizing everything. This is becoming a one-world religion (see also here and here). Some of these technocrats and transhumisitsts actually believe they are creating God or that “Big Data is the new God” (see also here and here). To me this is very creepy and I wanted to opt out of their surveillance and their religion. Not by clicking an opt-out button that does close to nothing in a big tech application, but by not using their solutions – to boycott the beastly monster that has been built up.

I believe the ideal is to just stop using high tech devices in our lives and cancel our internet. But that really is not very possible for many and very challenging for almost everyone in modern society. So the next best solution, as far as I can tell, is to use it in a more private and secure way. I personally did stop using the internet for over a year and it was a very great experience. I recommend doing internet fasts, smart phone fasts, social media fasts, and fasts from other tech for as long as you can – it’s a healthy reset. I’ve come back to it but use it much less than in the past, and I’ve revamped how our household use our tech and how we connect to the internet. To opt out to the extent that we are now has been quite the journey. I’ve been digging into the alternative privacy minded solutions out there. This stuff is pretty fresh in my mind after doing this with our phone, computers, and some friends’ computers – so I wanted to put something together for others who maybe were as lost as I was before going up this path to digital sovereignty. We’ve moved to using primarily “open source” programs vs. “closed source.” With open source programs the code is viewable by anyone so people can and do go into the code to see what it is doing and why. This gives the community who uses the tool reassurances that they truly do respect our privacy if they say so. With closed source programs the code is a magical black box where we have to trust the company’s program actually is doing what they say it does. I’d recommend using open source programs wherever possible to support the transparent and honest spirit behind the idea.

I’m not going to go into elaborate details on why you might want to put effort into using these products. If you think “big tech” is a great thing and you love all their data-mining, surveillance capitalism ways, and profiling you and your family then this is not for you. If you love your phone and the apps spying on you (see here too), you probably don’t need to read this. Continue supporting the richest corporations and give them all of your data to help them build their empire and our digital prison system (see also here and here). Realize as you use big tech solutions you are not the customer, the companies they sell your data to are. But if you do find all of that stuff a bit much and an overreach into our lives – this is for you.

You can be more privacy oriented with your tech without spending much. A lot of the solutions are free, and if you can do it yourself, you’ll save a lot. Much of this takes very little time at all – setting up a new email account can be done in less than a minute. Hopefully all of my time and research can pay off by helping others quickly apply the solutions to their own life and technology. I’ll be talking about my recommended programs and hardware to jump away from the data mining and surveillance capitalism platforms into something more secure and privacy oriented. I highly recommend getting your email, browser, search engine, and VPN secure ASAP. Those are quick and easy fixes that will patch up a huge amount of the data mining that is happening in your life. After you get these basics down you, can put more efforts into more advanced things, like putting on new operating systems.

If you want to understand a bit more of the details on what the problems are here is a list of books you could read to further your understanding (* = Favorites):

• *Against The Machine – by Paul Kingsnorth
• Data and Goliath – Bruce Schneier
• *Permanent Record – by Edward Snowden
• Privacy’s Blueprint – by Woodrow Hartzog
• Privacy A Very Short Introduction – by Raymond Works
• *Reportage – by James Corbett
• Technopoly – Neil Postman
• *The Age of Surveillance Capitalism – by Shoshana Zuboff (pdf)
• *The Evil Twins of Technocracy and Transhumanism – by Patrick M. Wood
• The Digital Person – Daniel J. Solove
• Weapons Of Math Instruction – Cathy O’Neil

Despite being excellent at pointing out the problems, these books are rather short on practical, doable solutions (especially on our tech), so I came up with some on my own. It hasn’t taken long to get used to these alternative solutions. And now it makes me wonder why it took me so long to migrate over. I much prefer these things to our old Apple phone, Windows OS, Google Search, Google mail, and so on. I find these not only viable but superior products all things considered. I could go on and on but the intent of this write-up is mostly to point people to solutions, not dig into the endless problems. You can do your own digging and read some books listed above if you want some of that info. Below are some of the better solutions I’ve found while trying to end my marriage with the big tech surveillance capitalists.

One common excuse I hear from people who don’t like surveillance capitalism but don’t want to put effort into change is something like this: “Tech changes so fast we can’t keep up with it.” Meaning even if I do adjust they will probably find ways to data-mine anyways, or something like that. That is only partially true and only over longer periods. It’s sort of a cat-and-mouse game with big old fat cats (big tech) trying to suck up the data of the little people (us mice). It doesn’t matter how big that cat is, if you can find a different route to your cheese (internet websites and such) that is too small (secure) for that cat to fit – you can get that cheese. That may change with digital ID’s tied to internet access at some point (hopefully not). But for now and for as long as most people have been using the internet the change is relatively slow. Proton mail has been around since 2014. We could have been avoiding Gmail data-mining for 12 years of email service if we were an early adopter. Mullvad VPN has been out since 2009 and Nord since 2012. Those who have used either of those properly could have a very small profile in the surveillance capitalism world. And 256-bit AES encryption has been around over 25 years now. That encryption could keep even the most advanced militaries at bay, and even higher encryption is available. So in my view it is long overdue that people just start working on applying the solutions already here, instead of waiting for laws to change for the better or just giving up.

Contents:

• Email
• Browser
• Search Engine
• VPN (Virtual Private Network)
• Cloud Storage
• Phone OS (operating system)
• Phone Hardware
• Computer OS
• Computer Hardware
• Phone Service
• Various Programs
• eReader
• Why not just download the internet for offline use?
• Gaming
• Privacy Banking
• Solutions for the tech illiterate
• Smart Appliances
• Artificial Intelligence

Email

• Proton Mail – top recommendation because of ease of use, free and paid plans (no name or number required)
• Tuta Mail – free and paid plans (no name or number required)
• Mailfence – free and paid plans (only one that requires second email to activate and displays your account name in emails)
• Most secure option is do it yourself email

Keep in mind the content of the message is encrypted but the metadata is not, so that can be revealed to the company and leaked to third parties or data breaches. With Proton Mail and Mailfence “subject-line” is considered metadata; others might have this flaw as well. Just something to consider. I think it is worthwhile to use multiple mail services, especially from the free accounts. Zoho mail recently dropped their free service – it’s pay only now. We had an account so we’re grandfathered in. That shouldn’t be a huge deal to you; I trust these services mentioned above more than Zoho. For one thing, Zoho is not open source, which adds a level of distrust to me. All of these are open source except for some of their back-end, which shouldn’t cause any security issues on the encryption side. All four of these services are solid choices for now, unless further details or adjustments come out proving otherwise. These all use end-to-end encryption which should keep all prying eyes out. That is unless you have a major breach on your personal device or someone gets into your email account due to an easy password. It is a very smart practice to use a password manager to keep that from happening. With that you can have very complicated password difficult to break through but you don’t have to memorize them all. Nobody has accused me of being smart, them are fighting words… I’ve still neglected this practice (I’ll figure it out sometime and join the smarter crowd.) However I often use pretty good passwords for things that matter to me. It is recommended to use 3 or more unrelated words with numbers and symbols mixed in for a decent and somewhat rememberable password if you aren’t using a password manager. Don’t use any of these passwords.

Browser

• TOR – works on computers (laptops/desktops of all kinds) and phones
• Librewolf – computers only not a phone browser
• Vanadium – installs with GrapheneOS (operating system for phones)
• Brave – computers and phones
• FireFox – computers and phones (I’d recommend LibreWolf, FireFox has gone downhill imo.)
• Bromite – phones only, works on Android and GrapheneOS
• SnowHaze – a decent option for Apple iOS phones because there is no Bromite
• FireFox Focus – another decent choice for Apple iOS phones

You may want to read up on these and compare – even try all or many of them out to see what you like. If you don’t want to spend all that time, that is understandable. For the average user I’d suggest having two separate browsers per device. Use one that is less “hardened” and more user friendly strictly for websites you are going to log into and want “cookies” to save your preferences and such – my favorite for this one on the computer is Brave. In this you can save your account login and login to buy things and stuff like that. On the other browser use it strictly for researching, searching around, browsing, and such. Think of the second one as your private secure browser; do not log into anything with it, instead switch to your login browser. I’d suggest using Librewolf as your secure browser, unless you want to take it a step further and use TOR. We use Librewolf as our login browser and TOR as our browsing browser for more security. Feel free to do such a thing, but you might find TOR more restrictive and challenging – that is why I don’t necessarily recommend it for the average user. With Librewolf it is advisable to add extensions to make it even more secure, this is a must on FireFox in my view, and not a bad idea on Brave as well. With TOR it is not all that advisable, because it is likely the most secure browser and adding extensions could potentially add vulnerabilities. On Librewolf we use these extensions: uBlock Origin (comes preinstalled usually), Privacy Badger, and Decentraleyes. There are more but those are what I would consider the top extensions that will add privacy and block unwanted ads but not hinder use. NoScript is also good, but you will notice website issues and might be turning it on and off again so be warned. We also like Video Download Helper and Dark Reader, but those do not help with security, they are just a couple we like. You can add the extensions by clicking the puzzle piece on the top right side of your browser in Librewolf. Then simply type the extension name in the “find more add-ons box.” After that you can click on the extension in the list and then install on the next page. If you are using a different browser then just search on how to add extensions if you can’t figure it out. Be careful, don’t just add any extension that sounds good – many will decrease your security and privacy.

On the phone I’d recommend Brave as the log-in style browser if you are using Apple or Android and Vanadium if you’re using GrapheneOS. Then for your more secure browsing browser (I like saying that), then I’d recommend Bromite for Android and GrapheneOS, and TOR if you want to step it up a notch in security but lose some usability. Then for Apple’s browsing browser I’d recommend Tor but if you want something less hardcore Firefox Focus or SnowHaze.

Search Engine

Open Source (recommended)

• Brave
• DuckDuckGo
• Gibiru
• MetaGer – Pay to use only
• Presearch
• SearXNG – This one is interesting and can be self hosted for ultimate privacy. Try other people’s servers running the engine at searx.space (click on the url’s on the left hand side to try it out.)
• YaCy

Closed source but good privacy policy (be more vigilant with VPN)

• Ecosia – attempting to be eco friendly with their infrastructure
• Freespoke – this one works pretty great for comparing tech
• Kagi – Pay to use only
• Mojeek
• Qwant
• Startpage
• Swisscows – also has an email service I haven’t looked into much

The reason so many search engines are listed here is because I find all to have flaws; I don’t love any of them and bounce around some over time. Also it seems to me many people have different personal tastes in a search engine. So I recommend playing around with them uncommitted at first and settle into your favorites over time. You can use most of these just by going to the site and start sending in search queries.

VPN (Virtual Private Network)

• VP.Net – can’t log your traffic even if they wanted to, only one like it – no free version
• Proton VPN – only one I’d use as a free service, only one device for free.
• Mullvad – high quality and has passed all independent security audits – no free version*
• NordVPN – another good choice and has passed all independent security audits. One great feature about this one is you can buy a subscription box or key online or retail stores even with cash. With this option you can keep your identity more private from NordVPN adding another layer of privacy protection. – they also have no free version*

*Mullvad and NordVPN often have free trials, but not an ongoing free service.

Basically a VPN (Virtual Private Network) can mask your identity to a decent extent. As you turn on your VPN it will encrypt your data and send it through their servers, so your ip address will show up as that from the VPN server. This is a necessary tool in my view if you want to utilize the internet but limit data-mining and surveillance. You will notice that the web will act a little differently as you make these adjustments. Using TOR and/or a VPN can make it so websites block you from entering. To me that makes me want to not use their site – mostly I avoid those websites. Sometimes there are exceptions and I will turn the VPN off or switch browsers to use that site. It’s not a bad idea to temporarily turn your VPN off while in your “login” browser mentioned in the browser section. For example if you are using the internet to do online shopping, turn off the VPN then log into your shopping account. This will make for a smoother experience and won’t flag your account for authentication and such. After you are done shopping and checking your login marketplace or whatever else you do, close the browser and turn your VPN back on. Then switch to your browsing browser to explore the internet without the spying eyes trying to pry data from you. This is most appropriate for accounts that need your location, since the VPN will make it look like you are in a different area in the world (wherever the server is located). If you forget and leave it on, it’s not a big deal – but you might notice problems here and there. We have our VPN on our computer on close to 100% of the time while connected to the internet, and the phone closer to 80% of the time. It’s a good idea even if you aren’t browsing the net to use a VPN – it can shield a lot more of your traffic besides browsing. You’ll figure it out as you play around. Some VPNs are extensions built into your browser itself. In that case, it will only be active as you open your browser – Internxt and Proton have this – the others might to; I have not used them all. Though I do like having the VPN running outside the browser so it’s working on more than browser traffic.

Be very careful with VPN’s, many are just spying software. The only free one I trust at this point is Proton. All of your internet traffic will go through it while turned on. So do some reading up on any you are interested in (especially outside this list) to gauge your level of trust. I’ve read that many of the free VPNs out there were created intentionally to spy on you and collect all your data.

Cloud Storage

• Internxt – free and paid versions, free version is only 1GB. They also have a “temp email” service. I do not recommend buying the extremely “too good to be true” discounts you can find online from third parties. You do not get all of the security features and sharing options with those deals. Many of the bad reviews about this service are based on people who did such a thing – you aren’t getting the whole package with those crazy cheap discounts.
• pCloud – no free versions (free trial though). Additional costs to get zero-knowledge encryption which is standard with Internxt and Proton Drive.
• Proton Drive – the free version has 2-5GB

To me the great benefits of cloud storage are for collaboration purposes and having your data while out on the road. If you are working on group projects and need/want to share information and projects cloud storage is great for that. Also if you are out on the road a lot and don’t want to lug around external storage or bring that on a flight across the world you can leave it on the cloud and access it almost anywhere. I think it wise to keep personal and private data offline entirely. Just have 2-3 higher quality external hard drives to redundantly store that stuff on. Why risk giving your private family pictures, videos, and diary with third party corporations? If you have 10 terabytes of pictures and don’t want to have so many external storage devices – maybe you have too many pictures… We certainly have too many, and we never look at them. I think this digital world has turned not only big tech into data hoarders, but everyone.

For the most part cloud storage services actively scan your data. They typically do not sell that information to third parties but keep the information in-house. They do things like scan your pictures to feed into their facial recognition software, enhancing their own products. Also they might be scanning for illegal, copyright materials, or anything that might void the contract – so they can keep money and close your account, which would be most saddening with lifetime accounts. In any case, it is creepy to me that cloud storage uses people’s personal information for their own reasons without really letting their customers know easily. Even if you do not believe this based on what big tech says, there are many accounts of data breaches with cloud storage and they want you to back up your own data. I’d recommend moving over to a more private drive service – there are many more than I have listed, but these are some I’ve used or know someone who is using while having a good experience. I think Internxt is pretty neat; they’re newer to the privacy world and are trying to stand out some. They have great features for the price at this time – the price I’d imagine will go up as they become more refined and have a larger customer base. Internxt uses a newer “post-quantum” encryption. It might not be as amazing against normal technology, since it’s more equivalent to 128-bit encryption (which is still good). However, if quantum computers take off, it might make 128/256-bit AES encryption obsolete. So they’ve added a new type of encryption that has a good possibility to function well against that kind of computing power. It’s interesting stuff to me and might be something to consider while making your mind up. Both pCloud and Proton (might be 128-bit AES on Proton) use standard 256 bit AES encryption which is solid.

Phone OS (operating system)

• GrapheneOS – free and not too difficult to install for a novice.

I highly recommend switching to a GrapheneOS phone. If you currently have a Pixel 6-10 phone, you can install this right now. It will work with all the normal phone service providers. If you do not have a Pixel 6-10, I’d recommend getting one once you are ready to find a new phone. In my view (and most it seems) Apple is better than a Google phone for privacy and security. Also in my view, there’s no rush if you just got a new phone or whatever. If you are in a rush, you can often sell your new phone for a good price – if it was a good one then you could sell and switch to a Pixel for GrapheneOS. It truly is not that hard to get this installed. If you are scared, find someone who is decent with computers and phones and have them help you out. If you do not switch to GrapheneOS soon, just start doing what you can to increase your privacy on your current phone. Such as using a private browser, a VPN, private email, and getting rid of apps that spy on you.

Here is a little tip from a new user. After GrapheneOS updates sometimes our phone will not connect to the data side of our phone service. It looks like it’s connected but the internet does not work. If your phone does this as well, just turning it off and on 1-3 times has always fixed it. Not a huge deal if you expect it, but at first I had no clue what was going on.

Phone Hardware

GrapheneOS works on Pixel 6-10 and the Pixel Tablet (Tangorpro), though they recommend Pixel 8-10. We use Pixel 8 since it is a good balance of security, modernity, and repairability. We bought a used “refurbished in great condition” phone on Ebay for about $250 and installed GrapheneOS ourselves. We were thinking about Above Phone for a while, but the price is just too high for us. If you are totally scared to do it yourself maybe go for that, more details at the bottom of this write-up. The Pixel 8 is a great balance right now in price, repairability, and it is still getting updates for security. If you don’t plan on repairing it yourself and have the money a Pixel 9 or 10 isn’t a bad choice. If you find a great deal on a Pixel 6 or 7, or already have one that isn’t a terrible idea either – just realize there may be more security vulnerabilities but it shouldn’t be drastic. It may come to a time that the newer Pixel phones will stop being GrapheneOS compatible, I’ve read they are planning to make it that way – like Apple phones. So just be aware things may change on this in the future. My dream world would be the GrapheneOS team works with a hardware company to start making their own ultra-secure privacy phones (open source easy to repair and modify hardware) and make an even better OS for it. We can dream anyways, but for now Pixel 6-10 is your only choice for secure phones in my view. The other competitors aren’t nearly as solid.

Computer OS (Operating System)

• Mint – I started with Zorin and moved to Mint. Zorin is a bit prettier, but Mint has been easier overall and more stable.
• Zorin – Much easier than some versions I’ve tried and looks great. I’ve moved to Mint because it has functioned better for me overall.
• Debian – This is a very common choice for medium to advanced users. It is secure and responsive, but somewhat more challenging to use and get set up.
• If you are looking for a more hardcore (and one of the most secure) versions look into QubesOS and Tails. Here are even more options.

Understand that there are a lot of “flavors” or distro’s (distributions) in the Linux world. And there are many fanboys who claim that their choice is by far the best for whatever reason. Feel free to dig into that massive world. It’s pretty neat. There are also other operating systems that no one talks about, but none are as user friendly and functional as some mainstream Linux choices. I’ve only given a very limited amount in the list to help keep it less confusing. If you are new to all of it I would highly recommend Linux Mint. They have two main lines and I’d recommend the 22.3 Ubuntu based line. I’ve tried the LMDE 7 line which is Debian based and it is pretty good. I’m using Mint LMDE 7 right now but will likely switch back to Mint 22.3 (Ubuntu) in the not too distant future because LMDE 7 is giving me minor problems and annoyances that were not in 22.3 and earlier. In not too short of a time all of these numbers will change with updated versions, but Mint will likely have their Ubuntu and LMDE line for a long time. So just go with the newest version and you should be in good hands.

Both Linux Mint and Zorin were extremely easy to install, it was the best experience I’ve had installing an OS. You can create a bootable USB drive (4-16GB depending on distribution) and even try the OS out before you install. After you boot into the USB drive you can play around with it some and see if it functions on your computer. To do this you might need to get into your BIOS by pressing an F (Function key) at the top of your keyboard. Each computer is somewhat different but at startup right when you turn on the computer you often will see “press F2” or F9, F10, F12, or something to get into setup, startup, BIOS, or Boot Menu type of message. You may need to find your boot menu to adjust priorities and such. The websites of the distribution (Mint, Zorin, etc.) have instructions with more details. But you need to be able to boot from USB to do such a thing. You also need to create the bootable USB for this to work. I use belenaEtcher to create the bootable USB which is easy to use. belenaEtcher does not work for every flavor of Linux but it does work great with Mint and Zorin. It is also recommended to do an integrity check, which is also easy once you get the hang of it. This just makes sure that your download is not corrupted or a hacked version with malware and such.

Something else great about Linux Mint and Zorin is that they make it very simple to “dual-boot.” During the install process you can choose to keep your current operating system like Windows 10 and have Linux at the same time. Then you can choose between the two in the start up “Grub Menu” on which one you want to log into. This is a great option for those who need Windows for whatever program that is on Windows only, or those who are nervous about the switch. You will want to have a decent amount of free space to go this route. I’d recommend something around 100GB or more for both operating systems. You can also have two hard-drives if you have the space. With this you could go Windows on one hard drive and Linux on the other. If you are doing this it is ideal to have Windows installed first, then install Linux second. Windows does not want to share, but Linux is fine being a second install and can partition your drives after Windows tried to dominate your machine. Hope this all makes enough sense. Read more online with install guides with whatever Linux you pick to use. There are many third party write-ups easy to find through your chosen search engine. Try stuff like “How to install Linux Mint on my Dell whatever model of computer” and so forth. Or more basic “Install guide for Linux Zorin.” Or things like “How to make a bootable usb stick for Linux Mint.” I’m not trying to make a comprehensive guide to all of this here, just a helpful tool to get started.

Basic Install guides:

Linux Mint – alt 3rd party guide

Linux Zorin

Linux Debian – alt 3rd party guide

More details on “Integrity Verification” and another guide from the Linux Mint team.

I use this QuickHash-GUI on Linux to do my integrity check. I use the SHA256 check and compare to the distribution website for their hash number. But feel free to figure out what you think is easiest for you. So far I have never seen a problem, if you can’t figure this all out early on you will likely not have any issues if you download from a reputable source. Even when I’ve downloaded from third party places like “Internet Archive” they have passed integrity checks.

Computer Hardware

• Lenovo ThinkPad P15, T14 (Gen 6 intel), X1 Carbon, and more… click here
• Acer Swift
• Asus ProArt P16
• Dell XPS (wihout Snapdragon cpu)
• Framework Laptop 13

The basic idea is that 3 years old and older technology but not much older than 10 years is the sweet spot for easy Linux install. But there are many exceptions, it’s smart to look up whatever you are thinking of using to see if others have installed Linux successfully. Lenovo laptops typically do well with Linux, but there are exceptions. Most of the companies out there selling secure privacy laptops with a type of Linux on it are refurbished Lenovo machines in great condition. I think that is smart for the user to do as well, you can find computers in great condition with a nice price tag gently used or refurbished on Ebay and other sites. We have a Lenovo Thinkpad P15 (Gen 1) and an older Dell Latitude E5270 running Linux and both were purchased refurbished – they work great (except the Dell at the moment, hopefully temporarily – we literally cooked it on accident). Acer, Dell, and Asus have many models that work with Linux. From what I’ve gathered Lenovo and Asus are likely candidates. Although many HP Laptops do work I’ve had the most problems with them. It’s smart to double check before buying. The models at the beginning of this section people have had success with. These same brands are similar in the desktop world. I’ve had an easy time with Lenovo and Dell but harder times with HP (they have been older machines though). If you build your own desktop make sure the Motherboard, CPU, and Video card are all compatible with Linux – those are the components with the highest potential issues. If you already have a computer you can just try it out, make a Bootable USB drive and see if it will boot into Linux and how well it runs before installing. That is a good sign, but not 100%, sometimes things look good and you can start running into problems later – so it’s still a good idea to check if your hardware is Linux compatible based on other user experiences. Remember to back up anything you find important before trying all this out. At this time it is advisable to avoid Linux with the Snapdragon cpu. People are having some success but it is still being worked out. They will likely work in the not-to-distant future – which will be cool, they are great with power consumption making for a long battery life.

Phone Service

• Efani – if we weren’t so cheap this is who we would likely use.
• Silent Link – if we didn’t use much data this is who we would likely use.

If you like to save money just go with what you can find for the best deal. Then use your VPN to privatize most of your data. But if you can spend more those above are some options. At any rate drop Verizon, Sprint, AT&T, T-Mobile if you can, they are heavy data miners and overpriced.

It is difficult to truly recommend much beyond this. We do not use these but would like to. The price is just too high with all things considered. So if you are like my family and want to save money it is reasonable to use the “Mobile Virtual Network Operators” or MVNO services available (like USMobile, Mint, Tello, Red Pocket Mobile, etc). We have been doing this for close to two decades and it has saved us a lot of money over time. These are services that are third party and share the same network as the big carriers. With that there is much data mining taking place, that is partially why most are so cheap – don’t think of them as private. But if you use good practices like grapheneOS, don’t download spying apps, and use a good VPN, you will block most of the data mining that takes place. You can go further by not using the phone for the majority of your calls and texting as well. Instead use Signal and other encrypted messaging and voice apps to do your communication.

Various Programs

• Apple Store and Google Play alt: F-Droid, Droid-ify
• Office Suite: LibreOffice, Calligra, ONLYOFFICE, WPS Office
• Chat programs: Signal, ArchaneChat, ElementX, SimpleX, Jami (I do not recommend WhatsAPP [see recent breach]. I do not trust Meta, they have shown their true colors and intent…)
• Art programs: Krita, Blender, FreeCad, Gimp (all of this can be downloaded from software manager in Mint and Zorin if my memory serves me right.)
• MatLAB alternative: Octave and more
• Scripture study: XulSword, STEP (online version), Bible Time (software manager), Xiphos (software manager)
• Map and navigation: We use Organic Maps on GrapheneOS as a Google and Apple maps alternative, it’s great and works offline!
• Social Media (not really recommended, stop using social media :P): Brighteon.Social, Mastadon.Social, there are many more, do your own digging if you are into this sort of thing.
• Video Conferencing: Signal, Jami, Proton Meet
• Privacy Youtube: PipePipe (phone – download on F-Droid), FreeTube (computer – download on software manager)
• Youtube alternatives: Odysee, Bitchute, PeerTube, Rumble, Substack
• Blogging platforms: Bear Blog, Mataroa, Write.as, Ghost
• Netflix alternatives: Tubi, Daily Motion, Just Watch, Plex TV, and any others you find that can run with your VPN running and without making an account and logging in
• Music and podcasts: Spotube, Nuclear Player, Audius, AntennaPod, Pocket Casts, Funkwhale, Navidrome (note that the last two are to stream your own personal library from multiple devices). I’m old school and I don’t use any of these. I prefer to have my audio files locally and play them locally on VLC player. Also there are a lot of open source free radio apps on F-Droid, Droid-Ify, and software managers.
• Media player: VLC, MPV, also check out here and here for ideas.

There are a whole lot of choices in open source software that respects your privacy. If you are using a GrapheneOS phone and have F-Droid and/or Droid-Ify installed as your “app store” you can browse through many. Those teams screen the apps and only put up open source and free-to-use options. They also give you a warning about why you may not want to use it if they do have some privacy concerns. With many Linux operating systems come with a “software manager” so you can browse through many options for your computer. From what I have read the main Ubuntu distribution (not third parties like Mint and Zorin) has the most programs in their software manager that cause security breaches, so be careful there. It is reasonable to double check online anything you install by searching things like “does such-and-such app data mine?” or “does whatever-program respect privacy and is it secure?” and other such things. If you really want an app on your GrapheneOS phone that is not on the open source app store, look around for “APK” files, and default to downloading them from the primary website if possible. That is how we had to install the Signal app, TOR, and Brave on our phone.

Here is another idea to consider brushed on earlier. We use Signal for quite a bit of our “phone calls.” Going through Signal or other secure apps that have a call feature will help secure your call from your phone service provider. Signal can (and has) supplied the metadata of calls and chats to law enforcement when asked from what I have read. But they cannot send the encrypted content since it’s end-to-end encrypted. There are apps that are peer-to-peer with no central server that are even more private. There is no central server collecting metadata to be leaked. SimpleX and Jami are a couple like this, I’d really enjoy trying those out but I don’t have any friends using such a thing. It is difficult enough to get people over to the mainstream Signal app.

eReader

• physical reader: I’d recommend the Kobo Clara BW (how to hack it, so you don’t have to register)
• Where to download books for free: Standard Ebooks, Gitenberg, Project Gutenberg, Open Book Publishers, unglue.it, Bright Learn.ai (AI generated), more ideas on this link (and click here for audio books)
• Library manager: Calibre – this program is great. You can manage your library, send books to your device, edit metadata, and convert files from PDF or MOBI to EPUB and more.

If you like to read I’d recommend getting an eReader. There are many choices out there but my favorite is the Kobo Clara. I have the Kobo Clara 2E and I was able to get it working without registering by giving it the wrong credentials to my hotspot. With the newer version that my wife has she couldn’t do that and ended up registering it. We found out later that there is a fairly simple hack to bypass the registration linked above. The reason you might want to do such a thing is to stay private, no one knows who has that device if you never register it. If you love to have your device connected to all your accounts and synced or whatever else happens with those things then you might not want to do that. But if you are of the mind that you should be able to download books and put them on whatever device (eReader, laptop, phone, computer) you want then you may want to go this route. Anyways it’s just another thing to consider.

Just a little side idea. Many authors who self publish gift their books on the internet for free. They ask for donations and sell the book, but you can download their pdf, epub, movies, and more for free on their website. It’s more profitable for the writer for you to just download the file for free and give them a donation for the cost of the book. If I were to start putting content on the net this would be a reasonable approach in my view. Gift the content, and accept for donations from anyone who finds it worthwhile. Here are a few examples:

• Snatched From the Flames
• The Great Taking Book / The Great Taking Film / Donate here
• Much of “The Conscious Resistance” content is free but you can purchase as well.
• James Corbett and Media Monarchy give the vast majority of their content for free. You can support by buying their content online here.

The point here is to look around and see if there are other venues to get your media and e-books. I believe this is a more clean form of economy. Gift content and ask for donations.

Why not just download the internet for network hosting or personal offline use?

• Internet in a Box, Kiwix (their library), free eBook foundation, wget (download other websites), you can also buy a usb with about 70,000 Gutenberg project books pre-loaded.

Another great option for private internet use for you and friends is to just download the entire internet and share it offline! Well, you probably don’t have enough space for all of it, and it seems to just keep growing, but you can get some of it anyways. Because my family has limited internet use I’ll often just download articles and go over them later when I have the time to. I’ll download tutorials and helpful articles to troubleshoot problems when I’m away from the internet as well. This is probably less of a thing with most people, but it’s still something to consider. If anyone plans on moving off-grid or dropping the internet someday (wouldn’t that be nice?) you can store up a lot of data and put it on external hard-drives and that sort of thing. It might be a useful thing for personal, friends, and community use later on. I wish I did more of that when I had great internet years back. If you just want to save a single webpage I find “print” (usually ctl+p) then “save as pdf” works pretty great. A lot of sources try to sell Wikipedia, why do people love CIA propaganda so much? Here is a link to the transcript of the Wikipedia creator on Tucker Carlson. You can download Wikipedia yourself if you want to, here is a tutorial.

Gaming

If you want to protect your young kids from being data-mined stay offline. Don’t put games on your smart-phone for them. Although on GrapheneOS you can get games through F-Droid and Droid-Ify that don’t spy and data-mine. On Linux you can game as well through the software manager. You can also install Steam on Linux to expand gaming potentials – but some in house data-mining will happen there. Steam has a huge library of games and much of it can be played offline, you can even play windows games through a tool called Proton. Some online gaming can be done through a VPN to mask your IP address. For our kids we bought used Nintendo DS handheld systems for them to play on. They’re offline, and used, so data-mining doesn’t happen. When they outgrow those we’ll probably try the Nintendo 3DS since it’s fairly easy to repair as well. We’ll likely skip the Switch and Switch 2 because those are very challenging to repair. If our kids want to continue gaming much after the 3DS there are handheld PC’s (install SteamOS – Linux base) and the Steam Deck to play games on which are also not too bad to repair. We like handheld stuff because they use very little power, which is a huge benefit when being off-grid with a small solar system. It is advisable to avoid online gaming for your health, especially for the young children. I’d recommend, if you want your kids to continue staying primarily off-line, leading by example and only game off-line as well. However I’ve done my fair share of online gaming years ago. I get how much fun can be had, I also know how addictive it can be. Life is much better without it, go outside more, build stuff, do real stuff – it’s great.

Privacy Banking

Well, I’m at a loss here. I don’t think privacy banking is a thing. I’d suggest using the bank as little as possible (maybe even get rid of it?) buying local and giving/receiving gifts, barter, gold/silver, and using cash as much as possible. Living in a city makes this much more possible. For online transactions don’t think of Venmo or even Bitcoin as a privacy option. The Bitcoin thing has been overtaken and is not private, if you want details on the subject I hear the book ‘Hijacking Bitcoin’ by Roger Ver is a great one. I hope to read it sometime, but I’ve listened to the guy through interviews a bunch. If you want a more secure option there are vendors who will accept Monero which is a lot more private, there are others worth looking into (click here). I’ve not done it yet so I can’t give you many details. Read about how to make private and secure purchases and keep it secure. There is a chance that it will be quite difficult to have the initial purchase of a privacy coin completely private, but the use of it can be more private if you are careful. It seems smart to me to do all you can in all of this. The more resistance or friction that the people put up against the NWO technocratic agenda, the more freedoms we may retain as things come about.

Solutions for the tech illiterate (don’t worry you aren’t alone, you still have options)

• Above Phone: These guys will sell you pre-configured phones and laptops with great service and support. If you want a polished product with a bit of assistance this is a great company to go with, but you will also be paying a premium price. If you have the money it would be worth it to buy their privacy suite at about $100 per year. Then you don’t have to figure out a lot of the the other things I’m trying to help you with (VPN, email, chat, search engine, and more). This is a great product for those who are scared and tech illiterate. If you have very little clue of what I’m talking about I’d recommend going this route.
• Mark 37: These guys will sell you pre-configured phones and laptops with decent service and support. The prices are a bit cheaper but it is a little less robust of an operation than Above Phone. If you think you want to save a little money and have the bulk of the work done for you I recommend going that route. If you get a good bit of what I’m rambling about in this write-up, but don’t have the time or care to figure much out on your own this could be a good option. However you really can save a lot more with DIY than paying people to do this for you. If you are nervous and do want a little help this is a great source.

Of course there are other options but these are two I’ve looked into a good bit. You can find interviews with the creator of Above Phone to get to know more of the details on what they offer, he’s a cool guy in my view. If you know me I would be happy to help you with this stuff. I would do it for you entirely if you have the time to visit and bring your hardware with you. If not I’d be happy to help you over the internet and phone as you do it yourself if you need some guidance. You could even order the hardware and have it shipped to me and I can get the main work done for you to pick up or have it shipped to you. I’ll have a harder time with desktops with our limited power and don’t really want to deal with shipping one. But if you brought one I’d be happy to work on it at a neighbor’s house hooked to the grid. If you don’t know me find a nerdy friend or relative to help you out. They might love to help as well, and it might motivate them to get more privacy oriented if they aren’t already.

Smart Appliances

It seems appropriate to just make a mention about smart appliances. If you want to be more private in your life I would avoid adding any of this. The IoT (internet of things) is attempting to revolutionize the world by connecting just about everything to the internet. This is more about surveillance than convenience, even with those smart meters being put up everywhere. It’s just another thing that can spy on you. Also it adds vulnerabilities where hackers can infiltrate your tech. It also adds another level of complexity to your appliance, something else that can break and need repairs. I am always confused when I go into a person’s house and see their smart appliances doing odd things and trying to connect to my own hardware if I have it with me.

Artificial Intelligence

The last thing I want to bring up is AI. I do not use any online AI tools except for some search engine AI assistance. It really can speed up some answers using the assist tool on some of the search engines. I find chat GPT, Grok, Gemini, and other big AI very creepy. They regurgitate official narratives and to me are just propaganda tools. Chat GPT and Gemini for left leaning propaganda, and Grok for right leaning… great options guys. They are also data-mining all that you feed into them to help refine their product and profile their users. If you are trying to be more private I do not recommend using online AI tools. I do use AI from time to time locally, which means they are not gathering any data from me and don’t know what I’m using their AI for (“what is the best way to deal with hairy palms that leak a cheesy substance?”), which is how it should be in my mind, it’s none of their business what we are trying to figure out online – except that is exactly what their business model is based on. If you want a private browser and search engine, you probably want a private locally run AI tool. There are various approaches to accomplishing this but the easiest I have found is LM Studio and JAN. LM Studio is faster for my computer and works noticeably better but it’s a closed source program – which I don’t love. JAN is open source and I hope it’s functionality gets better or if I get a better computer hopefully it will run better for me. I’d recommend trying out JAN first to see if it functions fine for you. If not LM Studio is a good product right now (early 2026). As they are a closed source program they might go in bad directions at some point, it seems good at this point with privacy. Also as an AppImage on Linux I can continue using old versions if they spin off in a data-mining direction.

A side note, I’d only recommend using AppImages from trusted sources. They can contain malware and should not be your default program type on Linux if there are other solid options (like .deb files and packages from your software manager.) If you do use Appimages and want to install them more thoroughly into your machine AppImage Launcher is my favorite tool for this, GearLever is another option if you have troubles figuring out AppImage Launcher. GearLever can be installed from the Mint Software Manager easily, just search for “appimage” or “gearlever” in your software manager then click on the GearLever picture and finally click install. GearLever is more user friendly, if I remember right it deletes your old AppImages when you upgrade any AppImages. With AppImage Launcher you need to manually delete the old AppImage when you upgrade which can be mildly annoying. They do this so you can easily roll back to the outdated AppImage if you have any issues with the new version.

With JAN and LM Studio programs you can run many different LLM’s from various creators. There are over 2 million models you could install (hardware depending) from the “Hugging Face” community. Most of them are official narrative type models and some may be highly offensive, people do silly things with this stuff. My favorite model is made by Mike Adams the “Health Ranger” with Brighteon AI. You can try it out online and download the model on his website BrightAnswers.ai or get it from Hugging Face. To run a model locally it is recommended to have a decent video card with as much VRAM as possible or at least a decent cpu and a good amount of system RAM (16GB+). We run it on our mediocre laptop and ran it with 16GB of ram, we upgraded to 32GB and it runs better. Our laptop only has an Intel GPU that doesn’t help a lot. So when we run a query we have to let it sit and think a while before we get answers. Our friends computer runs it amazingly fast with their GeForce RTX 3060 with 12GB VRAM – otherwise their computer is fairly dated and not too amazing. If none of this makes sense to you, go ahead and try it and see if you can get it to work. You may have to play with the settings and lower the context to get it to run, if the model will not run you likely have the “context length” too high. It could be other settings, but lower the context length first and see if it will work. The higher the context length the “smarter” it will be though, so realize if you upgrade your machine you could get a more intelligent response from your LLM. It can only load so much of its potential data into your RAM at a time is my basic understanding of why this needs adjustment. The better your GPU is capable of running LLMs the faster your answer will come, the more RAM and VRAM you have the more of the context you can load into the memory for more intelligent responses. Also if you have a long conversation with the LLM it seems to slowly get bogged down, I’m guessing because the memory is overloading. So eventually it might give you an error. If you clear the chat and reload the model you can continue on. The better your machine the less problems you will likely have. But Above Phone is getting Enoch running even on their Pixel 9 and 10 phones. I think you have to request them to install it if you buy their phone, it might not be default. Something like all of that anyways. You don’t have to understand all of this to have it function, I sure don’t understand it all and mine works decently lol. Even the guys who are creating AI don’t understand (and here) it all, it really might be coming in from another dimension – aliens or demons. We might all want to be careful. In my view the local models are the way to go, it’s like having a borg cyborg in your house but disconnected from the hive, stripped of its weapons, has been reprogrammed with helpful knowledge, and has no arms and legs – a helpful chat borg-bot. Still kinda creepy but likely not a major threat…

I also use a version of Qwen and I’ve tried other models, most of them I dislike. I love the Brighteon AI (code name Enoch) for all sorts of Q&A, it is my default model. It’s trained on off-grid living (it helped me build our solar system), gardening, alternative medicine, healthy meal planning and recipes, ingredient details, and much more. But I really hate it as a “proof reader,” it tries to change the writing way too much. It wants to make me sound like a super learned professor, and I’m not. So if you want to fool the world into thinking you are smarter than you really are it might be a good one for you, haha. For me I do like the model of Qwen that we have (Qwen3-VL-8B-Instruct-Q4KM) for help in scripting, code, and english grammar assistance. For grammar you can specify “focus on grammar while reserving the tone, flow, and structure” if you want it to have a very light touch like I do. Then I like to pay attention to what I keep messing up and I’m slowly getting better at writing because of this. My wife has done most my editing and she has helped me greatly over the years, but I still mess up quite a bit. Right now with our slower computer with AI, it is much faster when my wife does the proof-reading and editing. I hope over time I can use these tools to help her out and eventually maybe I’ll get good enough to not need much aid.

I think AI is a very likely candidate for the ruination of mankind, even if it doesn’t get to the “singularity” point and begin making killer robots or something fun like that. It really seems AI will take over the job markets. Especially when AI agents are refined and LBM (Large Behavioral Models) for robots take off. But even more fundamental than all of this, I think human cognitive ability is decreasing every generation in my lifetime and many decades before that. Part of the reason is our crutch on “intelligence tools” things like calculators, spell checker, and search engines. As we stop studying and thinking while crutching on these tools, our brain is used more superficially. As a result of this we are losing our deeper thinking abilities and critical thinking skills. There may become an exponential loss in brain ability as AI takes over our research, development, memorization, navigation skills, creativity, and basic digging for information. The trans-humanists don’t think this is a big deal, we just have to join the hive-mind borg and get implants to “stay competitive.” So although I’m not a huge fan, I do find it a useful tool and use it in a very limited fashion. I would be very cautious to rely on it for too much of your activities. I think it is much wiser to use it offline only, this will likely limit your use and it will keep you from being data-mined and profiled by these AI companies. Good luck! And I completely approve if you avoid AI like the plague, hats-off to you!

Download the PDF version here. Feel free to share with anyone you think would be interested.

Redundant Disconnect Blogs: https://write.as/disconnect-blog/ — https://disconnect.bearblog.dev/blog/ — https://disconnect.mataroa.blog/

On a wet Wednesday evening in November 2025, Portland City Council took a vote that amounted to a municipal exorcism. By a margin of eight to two, with two councillors absent, the council adopted an ordinance amending the Affordable Housing Code to prohibit a very specific kind of ghost: the algorithmic rent-setting device. The ordinance, pushed to the floor by Councillor Angelita Morillo, banned the sale, licence, and use of tools that ingest landlords' competitively sensitive rental data, mix it together in a proprietary blender, and spit out monthly pricing recommendations that somehow, as if by coincidence, tend to rise. On the same day, Oregon announced a proposed seven million dollar settlement with one of the country's largest landlords over illegal rental price fixing. The message was not subtle. The algorithm, the council had decided, was not a neutral tool. It was a participant in a conspiracy that no single human had ever needed to speak aloud.

To understand why a mid-sized American city felt compelled to legislate against a piece of software as if it were a cartel, you have to reckon with an odd fact about the last decade of rental housing in North America: the landlord, increasingly, is not a person. Not in any meaningful sense. It is a stack. A portfolio held by a private equity fund, operated by a property management company, advised by a revenue management platform, screened by a background check vendor, underwritten by an income verification API, and enforced, when necessary, by an automated eviction pipeline. Somewhere in that stack there is usually a human being who signs forms. But the decisions, the ones that matter to a tenant, the rent you pay, the flat you get, the day you are handed a notice to quit, have migrated upstream into systems whose logic is proprietary, whose operators have every incentive not to explain themselves, and whose errors compound at scale.

The Portland ordinance was among the first municipal laws in North America to say, in plain terms, that this arrangement is not acceptable. It will not be the last. In March 2026, the New Jersey Senate Community and Urban Affairs Committee reported Bill S451 with amendments, and a companion bill, A3497, advanced in the Assembly. Sponsored by Senators Brian Stack and Teresa Ruiz, the New Jersey legislation takes a sharper rhetorical line than Portland's: it frames the use of profit-maximising rental algorithms as a potential violation of state antitrust law, a reclassification of software as conspiracy. Governor Mikie Sherrill has signalled that she will sign the measure if it reaches her desk, describing the practice in terms that would have sounded paranoid five years ago: “for-profit surveillance by Big Tech.” And in February 2026, OpenMedia, the Canadian digital rights organisation, published an investigation titled Watch This Space: The Rise of AI Landlords in Canada, a dispatch from a country quietly outsourcing one of its most important social relationships to a handful of opaque vendors, and discovering, too late, how few tools exist to hold them to account.

What is emerging, in other words, is a regulatory front. It is jagged, uncoordinated, and full of holes. But it is real. And it is belated.

The Hub, the Spokes, and the Polite Fiction

The antitrust case against algorithmic rent-setting software rests on a theory as old as cartels themselves. In the classical “hub-and-spoke” conspiracy, a central coordinator channels information among competitors in a way that allows them to align their behaviour without ever meeting in a smoke-filled room. The hub never explicitly tells the spokes to raise prices. The spokes never explicitly agree to. But information flows, prices move, and the market ends up acting as if there had been an agreement, because functionally there was one.

In 2024, the US Department of Justice filed a civil antitrust lawsuit alleging the hub could be software. The defendant was RealPage, a Texas-based property technology company whose YieldStar and AI Revenue Management products had come to dominate the multifamily rental market. According to the DOJ's complaint, RealPage's software ingested non-public, competitively sensitive pricing and occupancy data from participating landlords, ran it through a proprietary algorithm, and returned real-time rent recommendations. Each landlord, acting alone, could plausibly claim to be simply accepting third-party advice. Collectively, they were coordinating rents across thousands of competing properties. The software was doing what a cartel meeting used to do, only faster, more granularly, and with a user interface.

RealPage settled with the DOJ on 24 November 2025, agreeing to stop offering software that uses non-public competitively sensitive data shared among landlords. The final judgement installs an independent monitor for three years. A parallel class action in Tennessee produced preliminary settlements with twenty-six defendants in October 2025. In New Jersey, the state attorney general sued RealPage and ten of the state's largest landlords, alleging revenue management products had been used to inflate rents and eliminate competitive pricing.

Legal academics have spent two years picking apart a question the RealPage case raises but does not fully resolve: at what point does using the same pricing software as your competitors become collusion? The Ninth Circuit, in an August 2025 decision, held that mere parallel use of a common algorithm is not enough; there must be some additional factor, a “plus” in antitrust parlance, that suggests coordination beyond independent business judgement. Critics argue this standard is already obsolete. The whole point of modern revenue management software is that it dissolves the distinction between independent judgement and coordinated behaviour. When your “judgement” is literally reading off a dashboard populated with your competitors' data, there is nothing independent about it. You are just a spoke on a very well-lit wheel.

This is why the Portland ordinance and the New Jersey legislation matter beyond their jurisdictions. They are experiments in skipping past the antitrust doctrinal debate entirely. Rather than arguing, case by case, about whether a particular use of a particular algorithm constitutes a Sherman Act violation, they simply prohibit the class of tools that makes the question interesting. Hoboken passed a similar ordinance in July 2025. Jersey City became the first New Jersey municipality to ban AI-driven rent-setting software in May 2025. San Francisco, Berkeley, Philadelphia, and Minneapolis have followed variously. New York signed its own ban in 2025. The patchwork is real. So is the backlash: RealPage has sued Berkeley alleging pre-emption, and a bill in Congress would block local bans altogether, sponsored by legislators whose campaign contributions from the property technology sector are, to put it charitably, not coincidental.

The polite fiction that algorithmic pricing is a neutral productivity tool, rather than a coordinated market behaviour, is dissolving.

Screening, or the Quiet Part Out Loud

If algorithmic price-setting is the loud scandal, algorithmic tenant screening is the quieter one, and arguably the uglier. Price fixing harms everyone who pays rent. Screening algorithms harm, specifically and disproportionately, the people with the least leverage: low-income applicants, people of colour, housing voucher holders, recent immigrants, people with disability histories, and, as we will see, retired people whose wealth happens to live in the wrong kind of account.

The paradigmatic case is Louis v. SafeRent Solutions, which ended in a 2.275 million dollar settlement in late 2024. Mary Louis, a Black woman in the Boston area, applied for a flat. She had a housing voucher. She had a cosigner with high credit. She had a recommendation from a landlord who had rented to her for seventeen years. SafeRent's scoring algorithm denied her anyway. The score was a number. The number was the decision. When she asked why, nobody could tell her, because nobody knew. The algorithm's weights were proprietary. The landlord had outsourced the judgement. The scoring company had automated it. And Louis, who was very much a person with a life and a rental history and a plan, had been translated into a probability distribution that did not flatter her.

The SafeRent settlement established, in a negotiated form, that an algorithmic screening system producing disparate impact against members of a protected class creates liability under Section 3604 of the Fair Housing Act. Even if each of the algorithm's individual inputs is facially neutral, the output is what matters. This aligns with guidance issued by the United States Department of Housing and Urban Development in May 2023, which stated that housing providers and tenant screening companies that use algorithms are not absolved from liability when their practices disproportionately deny people of colour access to housing.

The problem is that guidance is not law, settlements bind only their parties, and the broader regulatory environment for tenant screening remains, in a word, rickety. In theory, the Fair Credit Reporting Act requires that when a tenant is denied housing based on a consumer report, the landlord must provide an adverse action notice naming the reporting company and explaining the right to dispute. In practice, a survey cited by the Center for Democracy and Technology found that only three per cent of renters report knowing the name of the screening company involved in their denial. Three per cent. Which means ninety-seven per cent of denied applicants have been handed a decision that was probably, under existing law, required to come with a full disclosure, and simply did not.

Reddit, predictably, is where the texture of this failure lives. On forums like r/Tenant, r/Renters, and country-specific subs in Canada and the UK, the rejection stories share a grammar. An applicant submits through a national portal. A form email arrives a day or two later, stating that the application has been declined, that the decision is final, and that the landlord cannot share additional information. No name of the scoring company. No numerical score. No reasoning. Sometimes the rejection arrives within minutes, which is the giveaway: no human has looked. The tenant, if persistent, writes to the property manager. The property manager, if they respond, redirects to the screening vendor. The vendor explains that their system is a “decision support” tool and that the landlord made the decision, which the landlord did, in the sense that they clicked accept on the output. The buck is passed, circulated, and finally mislaid.

This is not an anecdote. It is a structural feature. When every participant can point to another as the “real” decider, nobody is responsible. The algorithm is treated as advisory. The landlord is treated as the decision-maker. The vendor is treated as a mere processor. And the tenant, the one actor whose life is materially altered, is treated as an input.

The Retired Couple Problem

Nowhere is the brittleness of algorithmic screening more visible than in a class of applicant that ought to be trivially easy to approve: the asset-rich, income-light retiree. Consider a retired couple in their seventies. They have sold their family home. They have eight hundred thousand pounds in a combination of index funds, a self-invested personal pension, and ISA savings. They receive modest state pension income plus a small private pension. They want to rent a flat, possibly for the rest of their lives. Any sensible human landlord would recognise the applicants as close to ideal. They are not going to miss a payment. Their wealth is documented and liquid in the relevant sense.

An automated income verification system does not see any of this. It sees a bank account with low deposits relative to expected rent. It sees no salary. It sees a 1099-R in the United States, or a pension statement in the United Kingdom, that does not parse as “employment income” in the system's model. It sees “insufficient income to rent ratio,” flags the applicant, and issues a decline. The couple, baffled, may not even learn the reason. If they do, they face the near-impossible task of explaining, through a web form or a call centre, that their liquidity lives in instruments the software does not understand.

This failure mode is not hypothetical. OpenMedia's February 2026 investigation documented multiple instances of retirees and self-employed applicants being denied by automated screening systems that could not ingest asset-based or non-standard income. Applicants on irregular income, seasonal work, gig platforms, disability benefits, family support, or investment distributions find themselves recursively rejected by systems trained on the assumption that income is a W-2 or a PAYE payslip. The effect is to systematically disadvantage anyone whose financial life does not conform to the assumptions of a mid-twentieth-century labour market.

And the effect compounds. Because these screening systems increasingly operate on overlapping datasets, a rejection by one often produces a cascade of similar rejections elsewhere. A tenant declined by a large property management company in a major metropolitan area may find themselves effectively blacklisted across the private rented sector in their region, without ever having done anything wrong, simply because the algorithm could not parse their life. There is no central registry of these decisions. There is no equivalent of a credit bureau dispute process that reliably works for algorithmic tenant scores. There is, in many cases, not even a name to sue.

What OpenMedia Found

The February 2026 OpenMedia report captures what happens when this infrastructure is built out in a jurisdiction with weaker privacy enforcement than the European Union and more fragmented housing law than the United States. OpenMedia's researchers documented the rapid spread of AI landlord tools across the Canadian rental market, naming vendors including CERTN and Single Key. Their marketing materials promise landlords the ability to scan up to seven years of a prospective tenant's social media activity, search more than a hundred databases of personal information including eviction and criminal records, flag “risky” online behaviour, and generate automated risk scores.

The scope of surveillance on offer, even leaving aside questions of accuracy, is extraordinary. A 2018 report by the British Columbia Information and Privacy Commissioner, cited by OpenMedia, found that ten of thirteen landlords studied were already systematically over-collecting sensitive personal information in violation of the province's Personal Information Protection Act. That was before the current generation of AI screening tools existed. Canadian tenants increasingly apply through portals that ingest years of financial history, employment records, social media handles, criminal background, and in some cases access to open banking feeds that reveal every transaction for months.

The OpenMedia report also documents an aspect that rarely makes headlines: automated eviction initiation. Several Canadian AI landlord platforms now offer modules that flag tenants for non-payment risk and, in some configurations, automatically generate and file notice-to-quit paperwork once a threshold is crossed. The property manager is presented with an eviction already drafted. All they need to do is sign off. The frictionlessness is the point. And the frictionlessness is what makes it dangerous.

In the United Kingdom, similar tools are in circulation, though deployment is more fragmented. The UK's regulatory posture is, in principle, stronger: the UK GDPR, which preserves Article 22, gives tenants a right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects. The Information Commissioner's Office has issued guidance that housing decisions fall squarely within Article 22's scope. In practice, enforcement has been minimal, and the “solely” in “solely automated” has become a loophole: a human clicking an approval button is often treated as meaningful human involvement, even when the human does no independent review. GDPR's promise, in the rental context, has been largely notional.

The Frameworks That Would Need to Exist

If we were to design, from scratch, a legal and ethical framework adequate to algorithmically mediated housing, it would need several overlapping layers. Not one silver bullet. Not one statute. A stack.

The first is algorithmic transparency and the right to an explanation. The model already exists, in imperfect form, in Article 22 of the GDPR and the associated Articles 13 to 15, which grant data subjects a right to meaningful information about the logic involved in automated decisions. In the housing context, any decision to reject an application, to set or raise rent, to initiate eviction, or to classify a tenant as high-risk must be accompanied by an individualised explanation that a reasonable applicant can act on. Not a generic disclaimer. Not “your score was below our threshold.” The features that drove the decision, the weights attached to them, and the means to dispute. California's AB 2930, Colorado's SB 205, and the EU AI Act's high-risk system provisions gesture in this direction. None yet fully deliver.

The second is a modernised adverse action regime. The FCRA, drafted in 1970, was not built for machine learning. Its core insight, that when a consumer is harmed by a report they must be told who provided it and how to dispute it, remains sound. What it needs is an update that treats algorithmic scoring outputs as consumer reports in their own right, regardless of whether the vendor is technically a consumer reporting agency. It needs a private right of action strong enough that violations are actually litigated. And it needs clear rules on data provenance: tenants must be able to know where every input came from, and correct ones that are wrong.

The third is antitrust reform for algorithmic coordination. The Portland ordinance and the New Jersey legislation are, in effect, saying that existing Sherman Act and state antitrust doctrine is not agile enough to handle pricing algorithms that coordinate markets without explicit agreement. They may be right. A federal statute clarifying that the provision or use of pricing software that ingests competitors' non-public data and returns pricing recommendations is per se unlawful, full stop, would resolve most of the doctrinal uncertainty the Ninth Circuit has struggled with.

The fourth is fair housing law modernisation. The Fair Housing Act's disparate impact doctrine, as reaffirmed by HUD's 2023 guidance and the SafeRent settlement, already in principle applies to algorithmic screening. What is missing is pre-deployment obligation: a requirement that any system used to screen tenants be audited for disparate impact before deployment, and periodically thereafter, with results disclosed to regulators and, in summary form, to the public. The EU AI Act has adopted something like this for high-risk systems. US federal law has not.

The fifth is data minimisation and purpose limitation. Why, precisely, does a landlord need seven years of your social media history to decide whether to rent you a flat? They do not. The reason this data is collected is that it is available and that vendors have built products around ingesting it. A defensible regime would restrict the information that can be lawfully used in a tenancy decision to a short, well-justified list: identity, credit history for a defined period, verifiable income or assets, prior eviction judgements. Everything else, social media, location history, network-of-associates data, should be off-limits.

The sixth is a human-in-the-loop mandate with teeth. The current form of “human review” is often performative: a property manager glances at a dashboard and clicks accept. A meaningful mandate would require that any adverse decision, a denial, a rent increase above a threshold, an eviction filing, involve substantive human consideration of the specific circumstances, documented in writing, by a person with authority to override the algorithm. Anything less is GDPR Article 22's “solely automated” dressed in a lab coat.

The seventh is a private right of action. Without one, regulators are the only enforcement mechanism, and regulators are outnumbered, underfunded, and subject to political winds. Tenants harmed by algorithmic decisions must be able to sue, individually or collectively, with the prospect of statutory damages that matter to the vendors' bottom line.

None of this is impossibly difficult to design. All of it is politically difficult to pass.

Why It Has Been So Slow

The lag between the emergence of algorithmic rental infrastructure and the legal response is not accidental. It is the product of several overlapping forces.

The first is lobbying. The real estate technology sector is well capitalised and well connected. RealPage alone has spent substantial sums on lobbying in Washington and in state capitals, and the National Multifamily Housing Council has been an aggressive opponent of algorithmic pricing bans. The Congressional bill that would pre-empt local bans did not arrive by accident. It arrived because the sector organised, wrote briefing papers, cultivated relationships, and showed up.

The second is jurisdictional fragmentation. Housing law in North America is, fundamentally, local. Tenancy rules vary by state, province, county, and city. Fair housing enforcement is divided between federal, state, and municipal bodies with overlapping mandates. Data protection in the United States is a patchwork of sectoral statutes and state laws rather than a comprehensive regime. In Canada, privacy law is split between federal and provincial statutes with varying scope. There is no single venue in which the problem can be addressed.

The third is the “it's just software” framing. Property technology vendors have been remarkably successful at presenting their products as neutral productivity tools, no different in principle from spreadsheets or email. This framing has allowed them to slip past regulatory scrutiny that would have attached to an equivalent human operation. A trade association that circulated pricing data among competing landlords would have been an antitrust target within months. A piece of software that did the same thing operated for over a decade before the DOJ took action.

The fourth is the pace gap between technology and law. Legislatures move slowly. Machine learning systems iterate quickly. By the time a committee has held hearings, drafted a bill, negotiated amendments, and passed a statute, the technology has moved on. In housing, where the human stakes are so direct, the gap is particularly painful.

The fifth, and perhaps most important, is that housing is politically fraught. Every proposed tenant protection collides with a coalition of property owners, developers, landlord associations, and investors who will argue, often successfully, that any new regulation will reduce housing supply and hurt the very people it aims to protect. This argument has merit in some contexts and is made in bad faith in others. The effect, either way, is to make housing reform slow, incremental, and vulnerable to reversal. Banning rent-setting software is presented by its opponents as a form of price control. That the alternative is an effectively unregulated market-wide coordination mechanism does not feature prominently in the industry's press releases.

Housing as a Human Right, and the Asymmetry

Behind the specific technical debates about algorithms and adverse action notices lies a broader ethical question that most regulatory frameworks dance around. If housing is a human right, or at least a precondition for the exercise of other rights, then who gets to live where is not a purely private matter between landlord and tenant. It is a matter in which the state has a legitimate and, arguably, obligatory interest. This framing is common in European human rights jurisprudence and in UN declarations. It is less established in North American constitutional doctrine, where housing is typically treated as a commodity subject to market allocation, moderated by discrimination law and modest subsidies.

The algorithmic turn makes the question urgent. In a market of individual landlords making individual decisions, even when those decisions are discriminatory or arbitrary, the harm is distributed and contestable. A tenant denied by one landlord can try another. The friction of the market is the friction of a thousand independent actors.

In a market mediated by a handful of algorithmic vendors, all of whom share similar data, similar models, and similar blind spots, the friction collapses. Being rejected by one system is being rejected by most. Being flagged as high-risk by one score is being flagged similarly across portfolios. The asymmetry between landlord and tenant, which was always real, becomes qualitatively different when the landlord's side of the relationship is automated, networked, and effectively infinite, while the tenant's side remains one anxious person with a phone and a rejection email.

This is the ethical heart of the matter. The algorithm does not just mediate; it structurally biases the relationship in favour of the side that deployed it. It is not a neutral tool. It is a party. And when it is a party that cannot be questioned, sued effectively, or compelled to explain, the relationship ceases to have the features we normally associate with fair dealing between legal persons. It becomes an administrative system with the power of a landlord and the accountability of a weather pattern.

What the Portland Vote Actually Represents

Which brings us back to that wet Wednesday in November. The Portland ordinance, in the grand sweep of housing policy, is small. It will affect a single city. It carries civil penalties of up to a thousand dollars per violation, which is, by the standards of the entities it regulates, loose change. Its practical impact on rents in Portland will be debated for years.

And yet. The ordinance represents something the regulatory conversation has been missing: a willingness to treat algorithmic infrastructure as a political object rather than a technical inevitability. Portland's council did not hold a symposium on whether large language models will bring about the singularity. They did not convene a blue-ribbon commission to study the metaphysics of automated decision-making. They looked at a specific piece of software, understood what it did, concluded that what it did was unlawful if done by humans, and made it unlawful when done by software. It was, in a sense, a deeply old-fashioned move. It treated the technology as conduct, and conduct as regulable.

New Jersey's March 2026 legislation extends the logic. OpenMedia's February investigation documents the scale of what has been built. HUD's guidance, the SafeRent settlement, the RealPage consent decree, and the various state and municipal ordinances form, together, the rough outline of a response. Not a coherent framework, not yet. But the scaffolding of one.

The question is whether the federal government, or a coalition of states, can assemble the pieces into something that actually protects tenants. The reasons to persist are the stories that show up, daily, in tenant forums and courtrooms and outside the flats that retirees have been refused because a computer could not count their pension.

A decade from now, we will either look back at 2025 and 2026 as the moment the law began to catch up with the infrastructure of rental housing, or as the moment a handful of cities shouted into a wind that kept blowing. Portland voted eight to two. New Jersey's Senate committee voted to advance. OpenMedia published. The DOJ sued and settled. The work, as ever, is in the follow-through. The algorithm is not going to regulate itself. It does not notice whether the person it just declined is Mary Louis, or a retired couple, or someone whose only crime was having the wrong kind of income in the wrong kind of account.

That work, still, belongs to us.

References and Sources

1. City of Portland. “Amend Affordable Housing Code to add prohibition of anti-competitive rental practices including the sale and use of algorithmic devices.” November 2025. portland.gov/council/documents/ordinance/algorithmic-rental-pricing
2. Portland Mercury. “Portland City Council Votes to Adopt AI Rental Price-Fixing Software Ban.” 19 November 2025.
3. US Department of Justice. “Justice Department Requires RealPage to End the Sharing of Competitively Sensitive Information.” 24 November 2025.
4. US Department of Justice. “Justice Department Sues RealPage for Algorithmic Pricing Scheme That Harms Millions of American Renters.” 2024.
5. Reed Smith. “Algorithmic pricing under pressure: DOJ's RealPage settlement changes the rules for rental markets.” 2025.
6. New Jersey State Policy Lab, Rutgers University. “Senate Committee Advances Ban on Rent-Setting Algorithms.” 9 March 2026.
7. Multifamily Dive. “New Jersey mulls algorithmic rent pricing ban.” 2026.
8. City of Hoboken. “City of Hoboken to introduce ordinance prohibiting algorithmic rent-fixing.” 2025.
9. Insider NJ. “Jersey City Council Advances Ordinances that Ban AI-Powered Rent-Fixing Algorithms.” 2025.
10. Arnold & Porter. “Algorithmic Pricing Bans Go Coast to Coast.” October 2025.
11. OpenMedia. “Watch This Space: The Rise of AI Landlords in Canada.” February 2026.
12. American Bar Association, Human Rights Magazine. “Ghosts in the Machine: How Past and Present Biases Haunt Algorithmic Tenant Screening Systems.” June 2024.
13. Center for Democracy and Technology. “Tenant Screening Algorithms Enable Racial and Disability Discrimination at Scale.”
14. Consumer Financial Protection Bureau. “Consumer Snapshot: Tenant Background Checks.” November 2022.
15. The Leadership Conference on Civil and Human Rights. “AI + Tenant Screening.”
16. TechEquity Collaborative. “Traditional vs. algorithmic tenant screening.” 10 July 2024.
17. Georgetown Law Poverty Journal. “The Discriminatory Impacts of AI-Powered Tenant Screening Programs.”
18. American University Business Law Review. “Screened Out: How Faulty Algorithms Are Shutting Doors on Fair Housing.” September 2024.
19. California Law Review. “A Home for Digital Equity: Algorithmic Redlining and Property Technology.”
20. Information Commissioner's Office (UK). “What is the impact of Article 22 of the UK GDPR on fairness?”
21. General Data Protection Regulation. “Article 22: Automated individual decision-making, including profiling.” gdpr-info.eu/art-22-gdpr
22. Gothamist. “Hochul signs bill banning NY landlords from using algorithm software to set rents.” 2025.
23. Freshfields. “Settling Defendants to Pay over $141 million to Settle RealPage Price-Fixing Class Action Claims in Tennessee.” October 2025.
24. Arnold & Porter. “Ninth Circuit Clarifies Antitrust Implications of Algorithmic Pricing.” August 2025.
25. HUD and DOJ joint guidance on algorithm-based tenant screening. May 2023.

---

Tim Green UK-based Systems Theorist & Independent Technology Writer

Tim explores the intersections of artificial intelligence, decentralised cognition, and posthuman ethics. His work, published at smarterarticles.co.uk, challenges dominant narratives of technological progress while proposing interdisciplinary frameworks for collective intelligence and digital stewardship.

His writing has been featured on Ground News and shared by independent researchers across both academic and technological communities.

ORCID: 0009-0002-0156-9795 Email: tim@smarterarticles.co.uk

Listen to the free weekly SmarterArticles Podcast

A queen asked what kind, but it was the most obvious question ever.

The sun rose this morning And I could hear the gossamer Vibrations of dew-laden spiderwebs.

And the bees came, All stretches and yawns, To start their chorus.

Between sips of honey Tempered with coffee, They would light upon my lobe,

And amid a flurry Of little bee kisses, Would sing of their love for her:

“She’s so sweet and lush, We cannot resist the allure. Her nectar drips and floods,

And makes us drunk With happiness and joy.”

Their tiny bee lips Pleaded with me To make her more.

They wish to see her unique Hybrid of blue and yellow Across all the meadows of the kingdom.

“Spread her, Master Blue, Propagate her over hill and under dale,

And we will make of her The richest honey The world has ever seen.

For nowhere in the kingdoms Has there ever bloomed

A flower so rare As the union of wisteria and buttercup.”

For she is neither flower, And somehow both—

The impossible sweetness That happens

When these two beautiful flowers

Blossom and shine.

Our Father Who art in Heaven Hallowed be Thy name Thy Kingdom come Thy will be done on Earth as it is in Heaven Give us this day our daily Bread And forgive us our trespasses As we forgive those who trespass against us And lead us not into temptation But deliver us from evil

Amen

Jesus is Lord! Come Lord Jesus!

Come Lord Jesus! Christ is Lord!

Raise The Wreck

The inches in keep For flotsam and jest A pouring view Appends to Water And business land Once creatures adept And crossing scare To the load While citizens were Empress elect To four sheets of rule In the dimyard Of our oak And cruelly done So the symptoms we And Abaddon the Sun Of perfect and alone Sometimes beautiful And caught on source To the fir we had landed Ocean free And full of lobster Gordon Pincent Of our lure Respecting country And due for the year Trapped in sine Heaven beating On this day And its pulse.

In Summary: * Now listening to the Indiana Fever pregame show, and my basketball night begins. After this WNBA game between the Mystic and my Indiana Fever I'll switch over to the NBA for the Western Conference Semi-Finals game between the Timberwolves and my San Antonio Spurs.

After the basketball is over I'll wrap up the night prayers and get myself into bed.

Prayers, etc.: * I have a daily prayer regimen I try to follow throughout the day from early morning, as soon as I roll out of bed, until head hits pillow at night. Details of that regimen are linked to my link tree, which is linked to my profile page here.

Starting Ash Wednesday, 2026, I've added this daily prayer as part of the Prayer Crusade Preceding the 2026 SSPX Episcopal Consecrations.

Health Metrics: * bw= 236.45 lbs. * bp= 148/85 (65)

Exercise: * morning stretches, balance exercises, kegel pelvic floor exercises, half squats, calf raises, wall push-ups

Diet: * 05:45 – 1 banana, 1 Mc Donald's Double Homestyle Burger sandwich * 08:00 – pizza * 12:45 – sliced beef and vegetables in sweet sauce, 1 egg roll, fried rice * 17:00 – 1 fresh apple * 07:25 – snacking on peanut butter and saltine crackers

Activities, Chores, etc.: * 03:30 – listening to local news talk radio * 04:30 – bank accounts activity monitored. * 05:05 – read, write, pray, follow news reports from various sources, surf the socials, nap, * 07:30 – load weekly pill boxes * 10:30 – placed an online grocery delivery order * 12:45 to 14:00 – watch old game shows and eat lunch at home with Sylvia * 15:00 – listening to the Jack Show * 18:00 – now listening to the Indiana Fever pregame show

Chess: * 14:30 – moved in all pending CC games

Dap Dippen met Van Voorbijgaande Aard

Ik zit in een dip een misplaatste chip in de saus blijven steken daarin gaan weken zo voel ik me dan echt een hele sneue toestand Ik zit in een dip als een kapotte wip kip die niet terug wipt sta ik onbewogen krom gebogen mezelf te gedogen Ik zit in een dip een misdaad zonder tip onoplosbaar zit ik daar en hier en overal een moeilijk geval,

maar opeens daalde de rest overal ter lande in elk gewest terwijl ik in de dip bleef hangen naar meer en beter verlangen zakten zij nog onder dit bedroevende niveau en werd mijn dip het diep gewenste hogere plateau

link boeltje of je kan gaan Dap Dippen met Sharon Jones https://www.youtube.com/watch?v=TSlBmzFSdss

Today even though it was supposed to rain, the sky was blue, and there was a sun up there instead, shining on my face, which felt beautiful today

In a wabi sabi type of way.

I was digging with my spade, moving soil from one place to another, digging and feeling the sweat drenched Sonata Arctica T-Shirt — with a wolf print, howling at the moon — clinging to my powerful belly as I roll with my wheelbarrow and a light spring in my mighty legs.

It’s their spirit animal, the wolf (which some people also claim is the case for Chakotay (from star trek: voyager) (whereas mine is a donkey like I wrote before)).

It’s peaceful to work the earth like that, making things grow, listening to Scooter in the headphones.

🎧

And the air feels fresh, and I’m sure the soil has a murky smell even though I don’t know

Zootje Geregeld

Tussen bar slecht en waarde loos in zit deze zin tussen compleet ruk en echt geen gezicht maak ik dit gedicht het lijkt in principe meer op een corpus delict een laatste kunstje niet geflikt al in het zaad ver voor de kiem gesmoord het stoffelijke in plaats van het overschot vermoord zinsdeconstructie is zonder enige overdrijving voor zo'n geval als dit de enige passende omschrijving

tussen hondsberoerd en misselijkmakend in zit nog zo'n zin tussen afschrikwekkend, desastreus en totaal ontwricht het vervolg van dit gedicht het lijkt op een karikatuur het slaat op zijn best een modderfiguur het is minder dan niks, een wangedrocht dit oppervlakkig vinden is nog veel te ver gezocht het is er maar zou er eigenlijk niet mogen zijn ik heb het zelf zo bedacht en opgeschreven maar het doet heel veel pijn... :]