update(blog)!: In Defense of Brave's Private Window with Tor (#2907 )

2025-07-28 14:21:08 +00:00 · 2025-02-28 09:41:47 -06:00
32 changed files with 173 additions and 510 deletions
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -120,7 +120,7 @@ jobs:
        uses: actions/setup-python@v5
      - name: Restore Privacy Plugin Cache
-        uses: actions/cache/restore@v4
+        uses: actions/cache/restore@v4.0.2
        id: privacy_cache_restore
        if: inputs.cache
        with:
@@ -133,7 +133,7 @@ jobs:
            privacy-cache-
      - name: Restore Social Plugin Cache
-        uses: actions/cache/restore@v4
+        uses: actions/cache/restore@v4.0.2
        id: social_cache_restore
        if: inputs.cache
        with:
@@ -146,7 +146,7 @@ jobs:
            social-cache-privacyguides/privacyguides.org-${{ inputs.lang }}-
      - name: Restore Optimize Plugin Cache
-        uses: actions/cache/restore@v4
+        uses: actions/cache/restore@v4.0.2
        id: optimize_cache_restore
        if: inputs.cache
        with:
@@ -199,7 +199,7 @@ jobs:
          tar -czf site-${{ inputs.config }}-${{ inputs.lang }}.tar.gz site
      - name: Find Privacy Plugin Cache
-        uses: actions/cache/restore@v4
+        uses: actions/cache/restore@v4.0.2
        if: steps.privacy_cache_restore.outputs.cache-hit != 'true' && inputs.cache
        id: privacy_cache_test
        with:
@@ -209,7 +209,7 @@ jobs:
            .cache/plugin/privacy
      - name: Find Social Plugin Cache
-        uses: actions/cache/restore@v4
+        uses: actions/cache/restore@v4.0.2
        if: steps.social_cache_restore.outputs.cache-hit != 'true' && inputs.cache
        id: social_cache_test
        with:
@@ -220,7 +220,7 @@ jobs:
            .cache/plugin/social/assets
      - name: Find Optimize Plugin Cache
-        uses: actions/cache/restore@v4
+        uses: actions/cache/restore@v4.0.2
        if: steps.optimize_cache_restore.outputs.cache-hit != 'true' && inputs.cache
        id: optimize_cache_test
        with:
@@ -230,14 +230,14 @@ jobs:
            .cache/plugin/optimize
      - name: Save Privacy Plugin Cache
-        uses: actions/cache/save@v4
+        uses: actions/cache/save@v4.0.2
        if: steps.privacy_cache_test.outputs.cache-hit != 'true' && inputs.cache
        with:
          key: privacy-cache-${{ inputs.repo }}-${{ hashfiles('.cache/plugin/privacy/**') }}
          path: .cache/plugin/privacy
      - name: Save Social Plugin Cache
-        uses: actions/cache/save@v4
+        uses: actions/cache/save@v4.0.2
        if: steps.social_cache_test.outputs.cache-hit != 'true' && inputs.cache
        with:
          key: social-cache-${{ inputs.repo }}-${{ inputs.lang }}-${{ hashfiles('.cache/plugin/social/manifest.json') }}
@@ -246,7 +246,7 @@ jobs:
            .cache/plugin/social/assets
      - name: Save Optimize Plugin Cache
-        uses: actions/cache/save@v4
+        uses: actions/cache/save@v4.0.2
        if: steps.optimize_cache_test.outputs.cache-hit != 'true' && inputs.cache
        with:
          key: optimize-cache-${{ inputs.repo }}-${{ hashfiles('.cache/plugin/optimize/manifest.json') }}
--- a/.vscode/extensions.json
+++ b/.vscode/extensions.json
@@ -26,12 +26,6 @@
    "mikestead.dotenv",
    "redhat.vscode-yaml",
    "ecmel.vscode-html-css",
-    "yzhang.markdown-all-in-one",
+    "yzhang.markdown-all-in-one"
    "valentjn.vscode-ltex",
    "bierner.markdown-checkbox",
    "bierner.markdown-emoji",
    "bierner.markdown-footnotes",
    "bierner.markdown-preview-github-styles",
    "esbenp.prettier-vscode"
  ]
 }
--- a/.vscode/ltex.dictionary.en-US.txt
+++ b/.vscode/ltex.dictionary.en-US.txt
@@ -501,12 +501,3 @@ simple-bluesky
 dngray
 bsky
@freddy
 Memoji
 QuickType
 Freeform
 subprocessors
 Schrems
 Subprocessor
 Subprocessors
 Triplebit
 Fediverse
--- a/.vscode/ltex.disabledRules.en-US.txt
+++ b/.vscode/ltex.disabledRules.en-US.txt
@@ -0,0 +1 @@
 COMMA_PARENTHESIS_WHITESPACE
--- a/.vscode/ltex.hiddenFalsePositives.en-US.txt
+++ b/.vscode/ltex.hiddenFalsePositives.en-US.txt
@@ -68,9 +68,3 @@
 {"rule":"SENT_START_CONJUNCTIVE_LINKING_ADVERB_COMMA","sentence":"^\\QFurther develop an individual story or line of coverage.\\E$"}
 {"rule":"DOUBLE_PUNCTUATION","sentence":"^\\QOur readership is entitled to as much information as possible in order to judge the reliability of our sources themselves..\\E$"}
 {"rule":"DOUBLE_PUNCTUATION","sentence":"^\\QOur contributors should always question the motives behind a source requesting anonymity..\\E$"}
 {"rule":"MORFOLOGIK_RULE_EN_US","sentence":"^\\QIllustration: Em / Privacy Guides | Photo: Edward Eyer / Pexels\\E$"}
 {"rule":"MORFOLOGIK_RULE_EN_US","sentence":"^\\QOn February 7th this year, Joseph Menn reported from the Washington Post that officials in the United Kingdom had contacted Apple to demand the company allows them to access data from any iCloud user worldwide.\\E$"}
 {"rule":"DO_VBZ","sentence":"^\\QDoes Privacy Guides sell my personal information?\\E$"}
 {"rule":"DO_VBZ","sentence":"^\\QDoes Privacy Guides use personal information for marketing purposes?\\E$"}
 {"rule":"DO_VBZ","sentence":"^\\QWhere does Privacy Guides store data about me?\\E$"}
 {"rule":"MORFOLOGIK_RULE_EN_US","sentence":"^\\QPrivacy Guides relies on the European Commission's standard contractual clauses for international transfers(SCCs) to legally transfer personal data out of the European Economic Area.\\E$"}
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@@ -72,7 +72,7 @@
      "OUTSIDE_OF": "warning",
      "UNLIKELY_OPENING_PUNCTUATION": "hint",
      "SMALL_NUMBER_OF": "hint",
-      "A_UNCOUNTABLE": "information",
+      "A_UNCOUNTABLE": "hint",
      "AFFORD_VB": "hint",
      "AN_INVITE": "hint",
      "HAVE_PART_AGREEMENT": "hint",
@@ -85,7 +85,6 @@
      "ARROWS": "hint",
      "AUXILIARY_DO_WITH_INCORRECT_VERB_FORM": "hint",
      "MISSING_COMMA_AFTER_YEAR": "hint",
      "DO_VBZ": "hint",
      "default": "error"
    },
    "editor.unicodeHighlight.ambiguousCharacters": true,
--- a/blog/assets/images/in-defense-of-brave-tor-windows/tor-brave-window.webp
+++ b/blog/assets/images/in-defense-of-brave-tor-windows/tor-brave-window.webp
--- a/blog/assets/images/uk-forced-apple-to-remove-adp/cover.webp
+++ b/blog/assets/images/uk-forced-apple-to-remove-adp/cover.webp
--- a/blog/posts/in-defense-of-brave-tor-windows.md
+++ b/blog/posts/in-defense-of-brave-tor-windows.md
@@ -0,0 +1,90 @@
 ---
 date:
    created: 2025-02-29T19:00:00Z
 categories:
    - Opinion
 authors:
    - jonah
 tags:
    - Brave
    - Tor
 license: BY-SA
 description: Brave integrating Tor into its browser isn't as bad as many believe.
 schema_type: OpinionNewsArticle
 canonical_url: https://www.triplebit.org/blog/2025/02/26/in-defense-of-braves-private-window-with-tor/
 preview:
  logo: theme/assets/img/browsers/brave.svg
 ---
 # In Defense of Brave's Private Window with Tor
 ![Article cover photo showing a Brave window with Tor enabled](../assets/images/in-defense-of-brave-tor-windows/tor-brave-window.webp)
 <small aria-hidden="true">Illustration: Privacy Guides</small>
 An article from XDA Developers about [Brave](https://www.privacyguides.org/en/desktop-browsers/#brave) has been making the rounds in privacy circles lately. The article claims that much of Brave's popularity stems solely from its marketing, and that its features including "fingerprinting protection" are easily replicated in "basically any other browser."<!-- more -->
 Brave is not a perfect browser, and there is some merit to some of the author Adam Conway's [claims](https://www.xda-developers.com/brave-most-overrated-browser-dont-recommend/). At the same time, browser fingerprinting is a massively complex topic that is also frequently misunderstood, and to my knowledge only three browsers are actually taking it remotely seriously: Brave, Mullvad Browser, and Tor Browser. Brave takes a different approach than the others, but they are still using relatively novel ideas that I would not assume are easily possible in any other browser with simple user configuration.
 It's easy to discount some of Brave's more impressive achievements in this field because they are not easily visible to the user, but this is part of the magic of Brave. They are making advancements in anti-fingerprinting without many of the downsides that come with hardening other browsers, and making that accessible to regular people is a big accomplishment.
 I hope to write more about browser fingerprinting in the future, but in the meantime Arkenfox has a [helpful summary on fingerprinting](https://github.com/arkenfox/user.js/wiki/3.3-Overrides-%5BTo-RFP-or-Not%5D) in their wiki that I would encourage reading if this is a topic that interests you.
 This isn't *really* an article about Brave though. I actually want to talk about **Tor hidden services**, and the benefits they offer to publishers. This quote from Conway's article regarding Brave implementing Tor in its private browsing windows stood out to me:
 > as an aside, you should never use Tor in anything but the official client
 This is certainly something many consider to be "common knowledge" when it comes to Tor... but is it actually true?
 ## What is Tor useful for?
 When people talk about the Tor network, it's usually to promote a way of browsing the internet anonymously.
 This is certainly a huge use-case, and it's what Tor themselves will talk about the most when you visit their [website](https://www.torproject.org/):
 > Browse Privately. Explore Freely. Defend yourself against tracking and surveillance. Circumvent censorship.
 However, this is only one side of Tor. While Tor provides great protections to *readers* of internet content, it **also** provides great protections to *publishers* of internet content.
 You see, Tor works in two directions: For people using *Tor Browser*, it puts three relays in between your browser and the website you're visiting. On the flip side, for people using *Tor hidden services*, it puts three relays in between their web server and their visitors.
 This means that just as a user browsing the web with Tor has their real IP address hidden, a website operating as a Tor hidden service has its real IP address hidden. This provides the website with **strong protections against censorship, surveillance, and attacks**.
 ## Advantages of hidden services
 For publishers of web content, there are many benefits of operating a hidden service that have nothing to do with the protections that Tor Browser provides readers.
 Having a hidden IP address not only protects the publisher's privacy, but it protects their server against DDoS and other targeted attacks. If the IP address to attack the server directly isn't discoverable, then hidden services automatically gain a degree of resilience against these threats.
 There is also a security benefit to `.onion` domains, namely that they are cryptographically tied to the server its running on. This ensures end-to-end encryption between readers and your web server, without the need for intermediaries like Certificate Authorities with HTTPS.
 Finally, there is a cost benefit to running a hidden service. You are not required to own a domain name for example, because `.onion` domains are freely generated. You also don't need to port forward or have a static IP address to host web content from. Tor hidden services can be run from any network without special requirements besides the ability to access the Tor network, meaning you could easily run a website from your own home without exposing your network to potential threats or dealing with Dynamic DNS services to work with your changing residential IP address.
 This makes publishing content much more accessible to people, and it's increasingly important to do this in a *decentralized* manner, like via a hidden service. We can't rely on centralized services and social media platforms to host our content for free forever. Taking back some of that control from "free" platforms is crucial for protecting our free access to knowledge in the long-term.
 ## Should you only use Tor Browser?
 Returning to the original claim that you should never use anything besides Tor Browser, the reality is a bit more nuanced. Tor Browser is certainly the *most* private way to browse Tor, but that doesn't mean other implementations are inherently unsafe. What matters is how they are implemented, and what you actually need from them in your specific threat model.
 If your personal anonymity is critical, and you need maximum protection, then yes, Tor Browser is the right choice. It was specifically designed to protect you against fingerprinting and prevent leaks.
 On the other hand, if you want access to the *full* wealth of information available on the internet including via hidden services on Tor, but you aren't doing something that might put yourself in danger, more casual browsing tools like Brave's *can* make sense for you.
 I'll give you a real-world example of why Tor Browser might not be *necessary*. I often encounter websites and guides that are only accessible on Tor for a variety of reasons, usually because the author wants to remain anonymous.
 To me *personally*, these guides are fairly mundane, covering things like how to secure your smartphone if you are going to a protest for example. This is a topic I already feel comfortable [posting about publicly](https://www.privacyguides.org/articles/2025/01/23/activists-guide-securing-your-smartphone/), as I frequently do in my work with *Privacy Guides*, and I have no concerns whatsoever if it's discovered that I'm accessing this content.
 To the author of those guides on the other hand, this is clearly a topic that they *don't* feel comfortable writing about publicly, so using a hidden service is one of the few ways for them to make that content accessible at all. It's very important that publishers have the option to do this, and it's just as important that readers have the tools to access that content in a very accessible way.
 It's this sort of casual browsing that I feel perfectly safe relegating to something like a Brave window with Tor.
 In my case this is certainly a place of privilege, and many people in oppressive regimes can't say the same. But there are still many people in a position more similar to my own, and casual browsing tools like Brave make that content more easily accessible to them, *while upholding the anonymity and security of the publisher.*
 For **both** privacy-conscious users *and* publishers of content, I believe that understanding the full scope of what Tor offers is crucial.
 **Hidden services are a powerful tool that should be embraced far more widely, especially in an era where online censorship and surveillance are growing concerns.**
 Brave's approach to making Tor hidden services more accessible to casual browsers is something I *do* like to see, and it's something I would like other browsers and operating systems to consider implementing.
 ---
 *This was originally posted to [triplebit.org](https://www.triplebit.org/blog/2025/02/26/in-defense-of-braves-private-window-with-tor/) on Feb. 26, 2025. It has been republished here with the author's permission.*
--- a/blog/posts/restrict-act.md
+++ b/blog/posts/restrict-act.md
@@ -11,7 +11,7 @@ tags:
    - United States
 links:
    - posts/hide-nothing.md
-canonical: https://www.jonaharagon.com/posts/restrict-act/
+canonical_url: https://www.jonaharagon.com/posts/restrict-act/
 description: The RESTRICT Act would grant the government broad powers to restrict access to any site or service they claim could pose a threat to national security, akin to China's Great Firewall.
 schema_type: OpinionNewsArticle
 ---
--- a/blog/posts/uk-forced-apple-to-remove-adp.md
+++ b/blog/posts/uk-forced-apple-to-remove-adp.md
@@ -1,161 +0,0 @@
 ---
 date:
    created: 2025-02-28T17:30:00Z
 categories:
    - News
 authors:
    - em
 description: The UK government has served a technical capability notice to Apple under the UK Investigatory Act. Apple's response was to remove the Advanced Data Protection feature from the UK this week. What does this mean for Apple users in the UK and for encryption rights worldwide?
 schema_type: ReportageNewsArticle
 ---
 # The UK Government Forced Apple to Remove Advanced Data Protection: What Does This Mean for You?
 ![Photo of a person reading a book. The book is George Orwell's 1984. In the upper left corner is an Apple logo with two bites taken off.](../assets/images/uk-forced-apple-to-remove-adp/cover.webp)
 <small aria-hidden="true">Illustration: Em / Privacy Guides | Photo: Edward Eyer / Pexels</small>
 On February 7th this year, Joseph Menn [reported](https://www.washingtonpost.com/technology/2025/02/07/apple-encryption-backdoor-uk/) from the *Washington Post* that officials in the United Kingdom had contacted Apple to demand the company allows them to access data from any iCloud user [worldwide](https://data.parliament.uk/writtenevidence/committeeevidence.svc/evidencedocument/draft-investigatory-powers-bill-committee/draft-investigatory-powers-bill/written/26341.html). This included users who had activated Apple's [Advanced Data Protection](https://www.privacyguides.org/en/os/ios-overview/#icloud), effectively requesting Apple break its strong end-to-end encrypted feature.<!-- more -->
 Sources familiar with the matter told the *BBC* and the *Washington Post* that UK's Home Office served a [technical capability notice](https://arstechnica.com/tech-policy/2017/05/investigatory-powers-act-legal-analysis/) to Apple under the UK Investigatory Powers Act. Details are scarce about exactly what happened between the UK government and Apple because [neither Apple nor the Home Office](https://www.bbc.co.uk/news/articles/cgj54eq4vejo) have publicly commented on the notice.
 However, [last week](https://www.eff.org/deeplinks/2025/02/cornered-uks-demand-encryption-backdoor-apple-turns-its-strongest-security-setting) apparently in response, Apple has completely removed the opt-in Advanced Data Protection feature from the UK. As of the 21st, Apple users located in the UK cannot activate Advanced Data Protection (end-to-end encryption) for their iCloud Drive, iCloud Backup, Photos, Notes, and more.
 This is terrible news for anyone in the UK, and a frightening omen for everyone worldwide.
 ## Why is end-to-end encryption so important?
 **End-to-end encryption is a *crucial* technology for digital privacy and security.** When data is encrypted end-to-end, this means that only the sender(s)/owner(s) and intended recipient(s) (if any) can access it.
 For example, if data stored on Apple's servers is end-to-end encrypted, this means that even Apple could not read this data. If a government wanted to scan all the end-to-end data stored by Apple, it would be impossible to do because even Apple does not possess the keys to decrypt (read) this data.
 In the same line, if a criminal were to steal end-to-end encrypted data from Apple's servers, they would not be able to decrypt it either. **End-to-end encryption is the best defense against unauthorized access**, including data stolen by criminals or negligently leaked by organizations with poor security.
 Any proposition to implement a "backdoor" to end-to-end encryption is *tragically misinformed*. While it might at first sound appealing and a fair way to grant access to supposedly benevolent entities only, this approach is *incredibly* naive and misguided.
 Governments have repeatedly tried to propose these delusive policies, but it is simply impossible to add secret access to end-to-end encryption that would only be accessed by the intended groups no matter how good the intention. This is as absurd as poking a hole in a bowl and *demanding* only apple juice leak through it but not water or any other liquid. It's just impossible.
 End-to-end encryption with a backdoor is simply not end-to-end anymore. As Signal Foundation's President Meredith Whittaker [said so well](https://signal.org/blog/uk-online-safety-bill/): "**Encryption is either broken for everyone, or it works for everyone. There is no way to create a safe backdoor.**"
 The only way to keep the benefit of end-to-end encryption with all the protections it offers is to keep it thoroughly and strictly end-to-end, for everyone.
 ## Why some governments want to break encryption?
 [Some governments](https://www.zdnet.com/article/the-encryption-war-is-on-again-and-this-time-government-has-a-new-strategy/) have been pushing really hard to demand access to end-to-end encrypted data from tech companies. While the ground for this might seem reasonable at first, it fails to consider how the technology works. **Encryption isn't magical, it is mathematical.**
 American cryptographer Bruce Schneier [explains](https://www.schneier.com/blog/archives/2025/02/an-icloud-backdoor-would-make-our-phones-less-safe.html) this clearly, "it’s a restriction enforced by mathematics—cryptography—and not policy."
 No matter how good a reason a third-party might have to decrypt a single piece of end-to-end encrypted data, if there is a way to access it by an unauthorized entity, then it offers no protection at all against any other accesses, whether legal or criminal.
 Besides the this-is-actually-mathematically-impossible argument, let's say we were to remove end-to-end encryption protections entirely for everyone everywhere (which a backdoor would effectively do). The other problem governments and law enforcement seem to fail to understand is that **citizens' rights and safety should be the priority**.
 Removing the lock on everyone's entry door possibly *could* make it easier for law enforcement to catch *some* criminals, it's true. But this would also **expose *everyone* to home invasion**, theft, vandalism, physical harm, and worse.
 The price of removing the locks on everyone's doors is too high. Similarly, **the price of removing the locks on everyone's digital doors is also too high**.
 Moreover, these governments always seem to assume that they, all well-intended benevolent governments of course, are assuredly reasonable and will only use this access to monitor the worst of criminals. Even if that was undoubtedly true *now*, these supposedly benevolent governments fail to consider these conditions might not always stay true.
 What is a benevolent government today might very well turn into an authoritarian nightmare tomorrow.
 Once implemented into the system, **the tools for mass surveillance can quickly turn against its own citizens** and victimize its most vulnerable population. This threat is always only [one change of government away](the-future-of-privacy.md).
 ## Why did Apple remove this feature from the UK?
 Apple first introduced Advanced Data Protection in 2022. At the time, there was already in [a potential conflict](https://www.theguardian.com/technology/2022/dec/08/privacy-changes-apple-uk-government-online-safety-bill) with the UK's forthcoming Online Safety *Bill*, which despite [strong opposition](https://www.openrightsgroup.org/campaign/online-safety-bill-campaign-hub/) became law in 2023 and is now the Online Safety *Act*.
 Although attacks on encryption coming from governments aren't new, policymakers in favor of mass surveillance have recently increased the pressure on tech organizations to implement and normalize systemic monitoring, even in democratic countries. This is an **extremely dangerous threat to privacy rights** and [human rights](https://www.amnesty.org/en/latest/news/2025/02/uk-encryption-order-threatens-global-privacy-rights/) around the world.
 The giant Apple has long complied with law enforcement around the world and offers extensive [documentation](https://www.apple.com/legal/privacy/law-enforcement-guidelines-outside-us.pdf) to facilitate legal processes. However, when law enforcement requests access to data protected by end-to-end encryption, Apple does *not* have access to this data, by definition.
 The only way for Apple to provide law enforcement with access to end-to-end encrypted data would be to either lie to customers and secretly break the encryption, or remove the feature entirely. Apple chose the latter this week.
 This is horrifying news for anyone located in the UK losing access to this great protection. Moreover, it sets a dangerous precedent for other controlling governments to follow suit.
 It's difficult to fully judge the situation while the notice process is shrouded in secrecy, but Apple could have certainly put more pressure against it. If there is a big tech company who can afford to fight back in defense of privacy rights it's certainly Apple. Especially with all the privacy promises Apple gave to its users.
 At the risk of quoting Bruce Schneier's excellent [essay](https://www.schneier.com/blog/archives/2025/02/an-icloud-backdoor-would-make-our-phones-less-safe.html) twice in this article: **"The companies need to resist, and—more importantly—we need to demand they do."**
 Each time a large organization like Apple gives in to oppressive requests, it increases the chance of these requests multiplying.
 ## Which Apple applications are affected?
 At the moment, it's not possible for anyone located in the UK to activate Apple's opt-in Advanced Data Protection (ADP) feature anymore.
 For UK users who have already activated ADP [instructions](https://www.macrumors.com/2025/02/26/advanced-data-protection-uk-need-to-know/) should follow soon, but it's probably a good time to look for alternative options (see [below](#what-to-do-if-you-are-living-in-the-uk)).
 With ADP enabled, Apple users can benefit from end-to-end encryption on many more Apple applications. These applications include: iCloud Backup (including device and message backups), iCloud Drive, Photos, Notes, Reminders, Safari Bookmarks, Siri Shortcuts, Voice Memos, Wallet Passes, Freeform, and potentially some [third-party app data](https://support.apple.com/102651). If you cannot use ADP anymore, you will lose end-to-end encryption protections for these applications.
 Some Apple services that aren't part of ADP will remain end-to-end encrypted in the UK (for now). Regardless, considering the political climate, it's likely a good idea to start [moving to alternatives](https://www.privacyguides.org/en/tools/) that are perhaps less likely to get compromised or removed in the near future.
 Apple's applications that [still benefit](https://support.apple.com/102651) from end-to-end encryption to this day in the UK include: Passwords and Keychain, Health data, Journal data, Home data, iMessage (only if iCloud Backup is *disabled*!), Payment information, Apple Card transactions, Maps, QuickType Keyboard, Safari, Screen Time, Siri information, Wi-Fi passwords, Memoji.
 ## What does this mean for people in the UK, and the rest of the world?
 For people in the UK, this is of course bad news and a very disappointing development. If this regional ADP block is maintained, it is a huge drawback for any Apple user's privacy rights, and a loss of data security as well.
 For people outside the UK, **this is a loud warning alarm**. The UK government isn't the only one that has repeatedly tried to undermine encryption and privacy rights. While this might sound obvious for some authoritarian regimes, it's sadly also true for other governments considered open and democratic.
 This push for mass surveillance seems to have gained even more force in the past few years, as end-to-end encryption features make their way more frequently into the market.
 For anyone who cares about human rights, privacy rights, and democracy worldwide, **it is essential to push back hard against these legal proposal to undermine encryption**.
 Likewise, it's not too late for UK residents to also push back and make themselves heard by their government by loudly opposing new (and old) legislation undermining encryption.
 **Systemic surveillance should never be normalized.** Human rights can be lost, but they can also be won back with [strong opposition](https://www.openrightsgroup.org/press-releases/org-response-to-apple-killing-its-data-protection-tools-for-uk-users-encryption/).
 ## What to do about it?
 But what about concrete actions? What can a concerned netizen of the world do right now?
 Here are a few things that might help you protect your data better from now on, and find alternatives to the end-to-end encryption features you might have lost:
 ### What to do if you are living in the UK
 - [x] Support and follow the Open Rights Group's [campaign to save encryption](https://www.openrightsgroup.org/campaign/save-encryption/).
 - [x] Support [the petition](https://you.38degrees.org.uk/petitions/keep-our-apple-data-encrypted) organized by [Open Rights Group](https://www.openrightsgroup.org/) to tell your representatives you care about Apple's end-to-end encryption.
 - [x] Replace iCloud Drive with an [end-to-end encrypted cloud service](https://www.privacyguides.org/en/cloud/).
 - [x] Backup your Apple device(s) *locally only* and [encrypt your backups](https://support.apple.com/108353).
 - [x] Stop syncing your photos with iCloud. Either use a recommended end-to-end encrypted [cloud service](https://www.privacyguides.org/en/cloud/) to sync it, or only keep your photos locally.
 - [x] Replace Apple Notes with another [end-to-end encryption note application](https://www.privacyguides.org/en/notebooks/).
 - [x] Replace Safari with a [privacy-respecting browser](https://www.privacyguides.org/en/desktop-browsers/).
 - [x] If you can, [disable Siri entirely](https://www.digitaltrends.com/mobile/how-to-turn-off-siri/).
 - [x] Go through all your Apple devices' settings, and be mindful to disable each option that could send data to Apple's servers if you do not want this data to potentially be scanned by a government or other entities.
 - [x] Look for more privacy-respectful alternatives to Apple's products by browsing our [recommendations](https://www.privacyguides.org/en/tools/) section.
 - [x] Continue to fight for privacy rights and encryption rights every chance you get! The battle isn't over.
 ### What to do if you are living in or outside the UK
 Get information from and support organizations defending encryption rights like:
 - [Global Encryption Coalition](https://www.globalencryption.org/about/) (you can even [join the coalition](https://www.globalencryption.org/about/members/)!)
 - [Amnesty Tech](https://www.amnesty.org/en/tech/)
 - [Center for Democracy & Technology](https://cdt.org/insights/cdt-joins-global-encryption-coalition-letter-on-uk-governments-use-of-investigatory-powers-act-to-attack-end-to-end-encryption/)
 - [EFF](https://www.eff.org/deeplinks/2024/12/defending-encryption-us-and-abroad)
 - [Fight for the Future](https://www.makedmssafe.com/)
 - [Privacy Guides](https://donate.magicgrants.org/privacyguides) 💛
 Use end-to-end encryption everywhere you can:
 - [x] If you are an Apple user outside the UK, [activate Advanced Data Protection](https://support.apple.com/108756) on your devices.
 - [x] Regardless of where you are and which device you use, **use end-to-end encryption features everywhere you can.**
 - [x] If you cannot find a cloud service you trust, you can [locally encrypt your data](https://www.privacyguides.org/en/encryption/) before uploading it to a cloud service of your choice.
 - [x] Look for other privacy-respectful alternatives browsing our [recommendations](https://www.privacyguides.org/en/tools/).
 - [x] Fight for privacy rights and encryption rights every chance you get!
--- a/docs/about.md
+++ b/docs/about.md
@@ -31,7 +31,7 @@ In addition to our core team, [many other people](about/contributors.md) have ma
 ## Contact Us
-[:simple-discourse: Join the Privacy Guides forum](https://discuss.privacyguides.net){ .md-button .md-button--primary }
+[:simple-discourse: Join the Privacy Guides forum](https://discuss.privacyguides.net/){ .md-button .md-button--primary }
 The best way to get individual help is from our community on Discourse. If you notice an issue with our website, please open a discussion in the [Site Development](https://discuss.privacyguides.net/c/site-development/7) category on our forum. If you have a question about anything we cover, please ask it in the [Questions](https://discuss.privacyguides.net/c/privacy/questions/8) category on our forum.
@@ -120,7 +120,7 @@ The project executive committee consists of five volunteers charged with managem
 ## Staff
-Our staff are paid to contribute to supplemental content at Privacy Guides, like [video production](https://www.youtube.com/@privacyguides), [news articles and tutorials](https://www.privacyguides.org/articles), and our discussion communities and social media. Most are available and paid on a full-time basis to assist the organization.
+Our staff are paid to contribute to supplemental content at Privacy Guides, like [video production](https://www.youtube.com/@privacyguides), [news articles and tutorials](https://www.privacyguides.org/articles/), and our discussion communities and social media. Most are available and paid on a full-time basis to assist the organization.
 <div class="grid cards" markdown>
--- a/docs/about/privacy-policy.md
+++ b/docs/about/privacy-policy.md
@@ -0,0 +1,49 @@
 ---
 title: "Privacy Policy"
 description: We do not sell or share your data with any third-parties.
 ---
 Privacy Guides is a community project operated by a number of active contributors. The public list of team members [can be found on our forum](https://discuss.privacyguides.net/u?group=team&order=solutions&period=all).
 ## Data We Collect From Visitors
 The privacy of our website visitors is important to us, so we do not track any individual people. As a visitor to our website:
 - No personal information is stored
 - No information is shared with, sent to or sold to third-parties
 - No information is shared with advertising companies
 - No information is mined and harvested for personal and behavioral trends
 - No information is monetized
 You can view the data we collect on our [statistics](statistics.md) page.
 We run a self-hosted installation of [Umami](https://umami.is) to collect some anonymous usage data for statistical purposes. The goal is to track overall trends in our website traffic, it is not to track individual visitors. All the data is in aggregate only, and no personal data is stored.
 The only data which is collected is data sent in a standard web request, which includes referral sources, the page you're visiting, your user agent, your IP address, and your screen resolution. The raw data is immediately discarded after statistics have been generated, for example if we collect your screen resolution as `1125x2436`, the only data we retain is "mobile device" and not your specific resolution.
 ## Data We Collect From Account Holders
 If you register for an account on one of our services, we may collect any information you provide us (such as your email, password, profile information, etc.) and use that information to provide you with the service. We never share or sell this data.
 Some services we host have separate privacy policies which supersede this document. For example, the privacy policy of our forum can be found at [discuss.privacyguides.net/privacy](https://discuss.privacyguides.net/privacy).
 ## Contacting Us
 Even in the limited cases where your data is collected, our volunteers and most members of the Privacy Guides team have no access to that information. Some information (such as your email address) may be accessible to moderators via limited control panels for the purposes of moderating our communities.
 Thus, inquiries regarding your personal information should be sent directly to:
 ```text
 Jonah Aragon
 Services Administrator
 jonah@privacyguides.org
 ```
 For all other inquiries, you can contact any member of our team.
 For complaints under GDPR more generally, you always have the option to lodge complaints with your local data protection supervisory authorities.
 ## About This Policy
 We will post any new versions of this statement [here](privacy-policy.md). We may change how we announce changes in future versions of this document. In the meantime we may update our contact information at any time without announcing a change. Please refer to the [Privacy Policy](privacy-policy.md) for the latest contact information at any time.
 A full revision [history](https://github.com/privacyguides/privacyguides.org/commits/main/docs/about/privacy-policy.md) of this page can be found on GitHub.
--- a/docs/desktop-browsers.md
+++ b/docs/desktop-browsers.md
@@ -108,9 +108,7 @@ This is required to prevent advanced forms of tracking, but does come at the cos
 ### Mullvad Leta
-Mullvad Browser comes with [**Mullvad Leta**](https://leta.mullvad.net) as the default search engine, which functions as a proxy to either Google or Brave search results (configurable on the Mullvad Leta homepage).
+Mullvad Browser comes with DuckDuckGo set as the default [search engine](search-engines.md), but it also comes pre-installed with **Mullvad Leta**, a search engine which requires an active Mullvad VPN subscription to access. Mullvad Leta queries Google's paid search API directly, which is why it is limited to paying subscribers. However, it is possible for Mullvad to correlate search queries and Mullvad VPN accounts because of this limitation. For this reason we discourage the use of Mullvad Leta, even though Mullvad collects very little information about their VPN subscribers.
 If you are a Mullvad VPN user, there is some risk in using services like Mullvad Leta which are offered by your VPN provider themselves. This is because Mullvad theoretically has access to your true IP address (via their VPN) and your search activity (via Leta), which is information a VPN is typically intended to separate. Even though Mullvad collects very little information about their VPN subscribers or Leta users, you should consider a different [search engine](search-engines.md) if this risk concerns you.
 ## Firefox
--- a/docs/email.md
+++ b/docs/email.md
@@ -376,7 +376,7 @@ With the email providers we recommend, we like to see responsible marketing.
 **Minimum to Qualify:**
- Must self-host analytics (no Google Analytics, Adobe Analytics, etc.).
+- Must self-host analytics (no Google Analytics, Adobe Analytics, etc.). The provider's site must also comply with [DNT (Do Not Track)](https://en.wikipedia.org/wiki/Do_Not_Track) for those who wish to opt out.
 Must not have any irresponsible marketing, which can include the following:
--- a/docs/financial-services.md
+++ b/docs/financial-services.md
@@ -34,7 +34,7 @@ Many banks and credit card providers offer native virtual card functionality. If
 ![Privacy.com logo](assets/img/financial-services/privacy_com.svg#only-light){ align=right }
 ![Privacy.com logo](assets/img/financial-services/privacy_com-dark.svg#only-dark){ align=right }
-**Privacy.com**'s free plan allows you to create up to 12 virtual cards per month, set spend limits on those cards, and shut off cards instantly. Their paid plans provide higher limits on the number of cards that can be created each month.
+**Privacy.com**'s free plan allows you to create up to 12 virtual cards per month, set spend limits on those cards, and shut off cards instantly. Their paid plans provide higher limits on the number of cards that can be created each month and the option to hide transaction information from your bank.
 [:octicons-home-16: Homepage](https://privacy.com){ .md-button .md-button--primary }
 [:octicons-eye-16:](https://privacy.com/privacy-policy){ .card-link title="Privacy Policy" }
@@ -44,7 +44,7 @@ Many banks and credit card providers offer native virtual card functionality. If
 </div>
-Privacy.com gives information about the merchants you purchase from to your bank by [default](https://support.privacy.com/hc/en-us/articles/360012407533-What-will-I-see-on-my-bank-statement-when-I-make-a-purchase-with-Privacy). Their "[private spend mode](https://support.privacy.com/hc/en-us/articles/26732314558487-What-is-Private-Spend-Mode)" feature hides merchant information from your bank, so your bank only sees that a purchase was made with Privacy.com, but not where that money was spent. However, that is not foolproof, and of course, Privacy.com still has knowledge about the merchants you are spending money with.
+Privacy.com gives information about the merchants you purchase from to your bank by default. Their paid "discreet merchants" feature hides merchant information from your bank, so your bank only sees that a purchase was made with Privacy.com, but not where that money was spent. However, that is not foolproof, and of course, Privacy.com still has knowledge about the merchants you are spending money with.
 ### MySudo (US, Paid)
--- a/docs/language-tools.md
+++ b/docs/language-tools.md
@@ -18,7 +18,9 @@ Text inputted to grammar, spelling, and style checkers, as well as translation s
 ![LanguageTool logo](assets/img/language-tools/languagetool.svg#only-light){ align=right }
 ![LanguageTool logo](assets/img/language-tools/languagetool-dark.svg#only-dark){ align=right }
-**LanguageTool** is a multilingual grammar, style and spell checker that supports more than 20 languages. According to their privacy policy, they do not store any content sent to their service for review, but for higher assurance the software is [self-hostable](https://dev.languagetool.org/http-server).
+**LanguageTool** is a multilingual grammar, style and spell checker that supports more than 20 languages. The software is [self-hostable](https://dev.languagetool.org/http-server), and the extensions do not send your input text to their server.
 LanguageTool offers integration with a variety of [office suites](https://languagetool.org/services#text_editors) and [email clients](https://languagetool.org/services#mail_clients).
 [:octicons-home-16: Homepage](https://languagetool.org){ .md-button .md-button--primary }
 [:octicons-eye-16:](https://languagetool.org/legal/privacy){ .card-link title="Privacy Policy" }
@@ -40,8 +42,6 @@ Text inputted to grammar, spelling, and style checkers, as well as translation s
 </div>
 LanguageTool offers integration with a variety of [office suites](https://languagetool.org/services#text_editors) and [email clients](https://languagetool.org/services#mail_clients).
 ## Criteria
 **Please note we are not affiliated with any of the projects we recommend.** In addition to [our standard criteria](about/criteria.md), we have developed a clear set of requirements to allow us to provide objective recommendations. We suggest you familiarize yourself with this list before choosing to use a project, and conduct your own research to ensure it's the right choice for you.
--- a/docs/mobile-browsers.md
+++ b/docs/mobile-browsers.md
@@ -136,7 +136,6 @@ Shields' options can be downgraded on a per-site basis as needed, but by default
    - [x] Select **Auto-Redirect Tracking URLs**
    - [x] (Optional) Select **Block Scripts** (1)
    - [x] Select **Block Fingerprinting**
    - [x] Select **Site Tabs Closed** under *Auto Shred*
    <details class="warning" markdown>
    <summary>Use default filter lists</summary>
@@ -166,7 +165,6 @@ Shields' options can be downgraded on a per-site basis as needed, but by default
    - [x] Select **Disable non-proxied UDP** under [*WebRTC IP handling policy*](https://support.brave.com/hc/articles/360017989132-How-do-I-change-my-Privacy-Settings#webrtc)
    - [x] (Optional) Select **No protection** under *Safe Browsing* (1)
    - [ ] Uncheck **Allow sites to check if you have payment methods saved**
    - [ ] Uncheck **V8 Optimizer** under *Manage V8 security*
    - [x] Select **Close tabs on exit**
    - [ ] Uncheck **Allow privacy-preserving product analytics (P3A)**
    - [ ] Uncheck **Automatically send diagnostic reports**
--- a/docs/os/linux-overview.md
+++ b/docs/os/linux-overview.md
@@ -31,7 +31,7 @@ At the moment, desktop Linux [falls behind alternatives](https://discussion.fedo
 - **Strong sandboxing** for apps on Linux is severely lacking, even with containerized apps like Flatpaks or sandboxing solutions like Firejail. Flatpak is the most promising sandboxing utility for Linux thus far, but is still deficient in many areas and allows for [unsafe defaults](https://flatkill.org/2020) which permit most apps to trivially bypass their sandbox.
-Additionally, Linux falls behind in implementing [exploit mitigations](https://madaidans-insecurities.github.io/linux.html#exploit-mitigations) which are now standard on other operating systems, such as Arbitrary Code Guard on Windows or Hardened Runtime on macOS. Also, most Linux programs and Linux itself are coded in memory-unsafe languages. Memory corruption bugs are responsible for the [majority of vulnerabilities](https://msrc.microsoft.com/blog/2019/07/a-proactive-approach-to-more-secure-code) fixed and assigned a CVE. While this is also true for Windows and macOS, they are quickly making progress on adopting memory-safe languages such as Rust and Swift, respectively.
+Additionally, Linux falls behind in implementing [exploit mitigations](https://madaidans-insecurities.github.io/linux.html#exploit-mitigations) which are now standard on other operating systems, such as Arbitrary Code Guard on Windows or Hardened Runtime on macOS. Also, most Linux programs and Linux itself are coded in memory-unsafe languages. Memory corruption bugs are responsible for the [majority of vulnerabilities](https://msrc.microsoft.com/blog/2019/07/a-proactive-approach-to-more-secure-code) fixed and assigned a CVE. While this is also true for Windows and macOS, they are quickly making progress on adopting memory-safe languages—such as Rust and Swift, respectively—while there is no similar effort to rewrite Linux in a memory-safe language like Rust.
 ## Choosing your distribution
--- a/docs/passwords.md
+++ b/docs/passwords.md
@@ -174,7 +174,6 @@ These password managers sync your passwords to a cloud server for easy accessibi
 - [:simple-appstore: App Store](https://apps.apple.com/app/id1137397744)
 - [:simple-github: GitHub](https://github.com/bitwarden/android/releases)
 - [:fontawesome-brands-windows: Windows](https://bitwarden.com/download)
 - [:simple-apple: macOS](https://bitwarden.com/download)
 - [:simple-linux: Linux](https://bitwarden.com/download)
 - [:simple-flathub: Flathub](https://flathub.org/apps/details/com.bitwarden.desktop)
 - [:simple-firefoxbrowser: Firefox](https://addons.mozilla.org/firefox/addon/bitwarden-password-manager)
--- a/docs/privacy.md
+++ b/docs/privacy.md
@@ -1,260 +0,0 @@
 ---
 title: "Privacy Policy"
 description: We do not sell or share your data with any third-parties.
 ---
 ## What is Privacy Guides?
 Privacy Guides is a community project operated by a number of active contributors. The public list of team members [can be found on our forum](https://discuss.privacyguides.net/u?group=team&order=solutions&period=all). Privacy Guides is legally administered by [MAGIC Grants](https://magicgrants.org/), a 501(c)(3) public charity acting as our fiscal host.
 As a project, we make available to the public:
 - [privacyguides.org](https://www.privacyguides.org), this website
 - [discuss.privacyguides.net](https://discuss.privacyguides.net), our community forum
 - [code.privacyguides.dev](https://code.privacyguides.dev), public source code repositories
 This privacy notice covers all Privacy Guides projects authorized and operated by the MAGIC Privacy Guides Fund executive committee.
 Please note that when you make a donation to us on [donate.magicgrants.org](https://donate.magicgrants.org/privacyguides), MAGIC Grants has published a [separate privacy policy](https://donate.magicgrants.org/privacy) covering that platform.
 ## How does Privacy Guides collect data about me?
 Privacy Guides collects data about you:
 - When you visit our websites
 - When you create and use an account on our websites
 - When you post, send private messages, and otherwise participate in a community that Privacy Guides hosts
 - When you sign up for a mailing list, email notifications, or announcements
 - When you make a donation to us or become a member
 - When you contribute to our website or other open-source projects
 Privacy Guides does not buy or receive data about you from data brokers.
 ## Does Privacy Guides sell my personal information?
 No. Privacy Guides does not sell personal information. Additionally, Privacy Guides does not share personal information with third parties for the purpose of advertising.
 ## What personal information does Privacy Guides collect, and why?
 ### Privacy Guides collects information about visits to its websites
 When you visit one of our websites, whether you have an account or not, we use server logs and other methods to collect data about what pages you visit and when.
 We use this data to:
 - Optimize our websites, so they are quick and easy to use.
 - Diagnose and debug technical errors.
 - Defend our websites from abuse and technical attacks.
 - Compile statistics on page/topic popularity.
 - Compile statistics on the type of browser and devices our visitors use.
 We generally store the above information for just a few weeks. In special circumstances, such as during an ongoing technical attack or a subsequent investigation, we may preserve some log data longer for analysis.
 Privacy Guides stores aggregated statistics for as long as we host our websites, but those statistics do not contain data identifiable to you personally.
 ### Privacy Guides collects account data
 Many features on our forum or other account-based services require an account. For example, you are required to have an account in order to post and reply to topics.
 To sign up for an account, Privacy Guides requires your email address, a username, and a password.
 We use this account data in order to identify you on the website, and to create pages specific to you, such as your profile page. We publish your account data to your public profile in accordance to your profile's configuration.
 Privacy Guides uses your email address to:
 - Notify you about posts and other activity on our website.
 - Reset your password and help keep your account secure.
 - Contact you in special circumstances related to your account.
 - Contact you about legal requests, like DMCA takedown requests.
 You may optionally provide additional details about your account, like your name, a short biography, your location, or your birthday, on the profile settings page for your account. Privacy Guides makes that information available to others who have access to the forum. You don’t have to provide this additional information, and you can erase it at any time.
 Privacy Guides stores this account data as long as your account remains open.
 ### Privacy Guides collects data about posts and other activity on our forum
 Privacy Guides collects the content of your posts, plus data about bookmarks, likes, and links you follow in order to share that data with others, through the forum. We also publish this activity to the public.
 Privacy Guides also collects data about private messages that you send through the forum. Privacy Guides makes private messages available to senders and their recipients, and also to forum moderators and administrators.
 Privacy Guides stores your posts and other activity as long as your account remains open.
 ### Privacy Guides collects data you give to sign up for mailing lists and announcements
 When you fill out and submit a web form to sign up for mailing lists or announcements, Privacy Guides collects the information you put in the form, such as your e-mail address.
 Privacy Guides stores this information until you unsubscribe from the mailing list.
 ### Privacy Guides does not collect sensitive personal information
 Privacy Guides does not intentionally collect sensitive personal information, such as government identification numbers, information on racial or ethnic origin, political opinions, genetic data, biometric data, health data, or any of the special categories of personal data specified by the GDPR.
 ### Privacy Guides collects data about open source contributors
 Contributors to Privacy Guides' website may be asked to provide identifying and contact information such as your name and email address.
 Privacy Guides uses this information to maintain the integrity of our website, software, and license agreements, both our own licenses and the license between Privacy Guides and our contributors. Privacy Guides stores this information for as long as your contributions are incorporated into our open source software, including this website.
 ### The Privacy Guides website stores local data
 Our website uses Local Storage in your browser to store your color scheme preference. This data is only used by client-side JavaScript to change the color scheme of this website according to your preference.
 Our website also uses Session Storage to cache the current version number of this website and the number of stars/forks of our GitHub repository. This data is fetched once per session from GitHub, and is only used by client-side JavaScript to display that information at the top of each page.
 No locally stored data on this website is transmitted to Privacy Guides, and it can not be used to identify you.
 ### The Privacy Guides forum uses cookies
 Our forum is built on Discourse, which uses the following cookies:
 | Name                | Essential | Expires        | Purpose                                                                                                |
 | ------------------- | --------- | -------------- | ------------------------------------------------------------------------------------------------------ |
 | email               | Yes       | Session        | remembers your e-mail as you create an account                                                         |
 | destination_url     | Yes       | Session        | helps redirect you to your requested page after logging in                                             |
 | sso_destination_url | Yes       | Session        | helps redirect you to your request page after single sign on                                           |
 | sso_payload         | Yes       | Session        | used during SSO authentication when two-factor authentication is enabled                               |
 | authentication_data | Yes       | Next Page View | temporarily stores user information during login flows                                                 |
 | theme_ids           | Yes       | 1 year         | remembers your theme personalization if you don’t tick “Make this my default theme on all my devices”  |
 | color_scheme_id     | Yes       | 1 year         | remembers your color personalization if you don’t tick “Set default color scheme(s) on all my devices” |
 | dark_scheme_id      | Yes       | 1 year         | remembers your color personalization if you don’t tick “Set default color scheme(s) on all my devices” |
 | cn                  | Yes       | Session        | temporarily stores notification read state                                                             |
 | _bypass_cache       | Yes       | Session        | allows the server-side cache to be bypassed during login flows                                         |
 | _t                  | Yes       | 1440 Hours     | remembers who you are when you log in                                                                  |
 | _forum_session      | Yes       | Session        | associates an ID, and other security-related information, with your browsing session                   |
 | dosp                | Yes       | Next Page View | enables client denial of service protection, a security protection                                     |
 | text_size           | Yes       | 1 year         | remembers default text size when a user wants to change it on only one device                          |
 | cookietest          | Yes       | Session        | checks if cookies are enabled when authentication fails                                                |
 | __profilin          | No        | Session        | used by software developers to bypass rack-mini-profiler                                               |
 Your web browser can show you the cookies you have for any website and help you manage them.
 ## Does Privacy Guides use personal information for marketing purposes?
 Privacy Guides may use personal data about our users in order to directly promote our own resources, such as for sharing new resources or when fundraising. We also use the information you give us when signing up for our mailing lists and announcements to send those messages.
 You can always opt out of marketing communications from us, and you have the right to object to any processing of your information for marketing purposes.
 Privacy Guides never provides or sells your data to third-parties for marketing purposes.
 ## How can I make choices about data collection?
 Your account on our websites has a settings page which provides you with options about how your data is used.
 Most web browsers let you make choices about whether to accept cookies, for specific websites or more generally.
 Privacy Guides does not respond to the (now deprecated) [Do Not Track HTTP header](https://en.wikipedia.org/wiki/Do_Not_Track).
 ## Where does Privacy Guides store data about me?
 Most data is hosted by [Triplebit](https://www.triplebit.org/) web services in the United States. Some publicly accessible data may be hosted by Content Delivery Networks with servers in other jurisdictions. For example, your profile picture may be hosted on multiple servers around the world.
 ## Does Privacy Guides comply with the EU General Data Protection Regulation?
 Privacy Guides respects rights under the European Union’s General Data Protection Regulation (GDPR). Information that GDPR requires Privacy Guides to give can be found throughout this privacy notice, including information on the rights of data subjects.
 ### What are my rights under the GDPR?
 The GDPR provides you with the following rights with respect to personal information about you that we collect or process:
 - the right to [access](#where-can-i-access-data-about-me) your personal data
 - the right to [rectification](#how-can-i-change-or-erase-data-about-me) of inaccurate or incomplete personal data
 - the right to [erasure](#how-can-i-change-or-erase-data-about-me) of your personal data
 - the right to [data portability](#where-can-i-access-data-about-me)
 - the right to restrict the processing of your personal data
 - the right to object to certain processing of your information, including [automated decision-making](#does-privacy-guides-make-automated-decisions-based-on-my-data) and [direct marketing](#does-privacy-guides-use-personal-information-for-marketing-purposes)
 - the right to lodge a complaint with a supervisory authority
 Information about how to exercise these rights is provided throughout this notice and linked above. We try to make exercising all of these rights easy to do on your own through your account settings, but for more complicated inquiries the best option will be to [contact](#how-can-i-contact-privacy-guides-about-privacy) us.
 ### Does Privacy Guides make international data transfers?
 Currently:
 - Privacy Guides [processes personal data on servers outside the European Union](#where-does-privacy-guides-store-data-about-me).
 - Privacy Guides uses [subprocessors](#subprocessors-used-by-privacy-guides) with personnel and computers outside the European Union.
 - Privacy Guides has [personnel](https://discuss.privacyguides.net/u?group=team&order=solutions&period=all) in the United States, Australia, and other non-EU countries without EU adequacy decisions under GDPR. These people need access to forum personal data in order to keep forums running, address security concerns, respond to privacy-related requests from users, field technical support requests, and otherwise assist users.
 - Privacy Guides is very likely subject to section 702 of the Foreign Intelligence Surveillance Act in the United States, a law that the European Court of Justice has found inadequately protects the rights and freedoms of data subjects.
 - Privacy Guides has never received any order or request for personal data under FISA 702 or any similar national security or surveillance law of any other country. Privacy Guides is not subject to any court order or legal obligation that would prevent it from disclosing the existence or non-existence of such an order or request.
 - Privacy Guides has a policy for how we will respond to those orders and requests, in case we ever receive one. Privacy Guides will suspend processing, notify any affected user, minimize disclosure, and resist disclosure of personal data, all as the law allows.
 Because national security and surveillance laws may be in conflict with European data protection rules, Privacy Guides continually reassesses the practical reach of these laws to ensure our data transfers are adequately safeguarded.
 ## Does Privacy Guides comply with the California Consumer Privacy Act and other US state comprehensive privacy laws?
 Privacy Guides is not a "business" for the purposes of the California Consumer Privacy Act (CCPA) or a “controller” directly subject to other US state comprehensive privacy laws.
 Privacy Guides **never** sells your personal information.
 ## Where can I access data about me?
 You can see your account data by visiting your profile page on any websites where we offer accounts. Your account profile will also list your posts and other activity on the website.
 On the forum, your [profile settings](https://discuss.privacyguides.net/my/preferences/account) include a link to download all of your activity in standard Comma Separated Values format.
 If you do not have an account with us but have a data access request, please [contact us](about.md).
 ## How can I change or erase data about me?
 You can change your account data at any time by visiting the profile settings page for your account. You also have the option to delete your profile on the settings page of your account. Utilizing this option begins the process of erasing or anonymizing Privacy Guides' records of data you provided for your account. Forum administrators and moderators also have the option to erase and anonymize accounts.
 You may also be able to edit, anonymize, or erase your posts. When you edit posts, Privacy Guides will keep all versions of your posts. These old versions of posts are not public, but may be accessed by forum moderators or administrators.
 ## Does Privacy Guides make automated decisions based on my data?
 ### The Privacy Guides forum classifies posts as spam automatically
 We use data about your posts and other posts on many forums to make automated decisions about whether your posts to our websites are likely spam.
 If you think a post has been wrongfully blocked or removed, please contact a forum moderator who can override this decision.
 ### The Privacy Guides forum uses data about your posts and activity to set trust levels
 We use data about your posts and activity on our forum to award you badges and calculate a trust level for your account. Your trust level may affect how you can participate in the forum, such as whether you can upload images, as well as give you access to moderation and management powers in the forum. Your trust level therefore reflects forum administrators’ confidence in you, and their willingness to delegate community management functions, like moderation.
 If you think your trust level has been set incorrectly, contact an administrator of your forum. They can manually adjust the trust level of your account.
 ### The Privacy Guides forum uses community flags to take automated actions
 Your posts may be automatically hidden, or your ability to post may be automatically suspended, as a result of your posts being flagged by other users.
 These decisions are later reviewed by moderators, who can override these decisions at their discretion.
 ## Does Privacy Guides share data about me with others?
 Privacy Guides shares account data with others as described in [the section about account data](#privacy-guides-collects-account-data).
 Privacy Guides shares data about your posts and other activity as described in [the section about forum data](#privacy-guides-collects-data-about-posts-and-other-activity-on-our-forum).
 ### Subprocessors used by Privacy Guides
 Privacy Guides uses the following subprocessors, and may share personal data with the service providers we use in order to host our website, deliver content, secure our services, store data, host and manage our open source website, and provide user support.
 | Subprocessor | Service | Function | Processing | Links |
 | ------------ | ------- | -------- | ---------- | ----- |
 | [Bunny.net](https://bunny.net/) (Slovenia) | [Bunny CDN](https://bunny.net/cdn/) | Content Delivery Network services for distributing images and other static assets. | Slovenia, Global | [Privacy Notice](https://bunny.net/privacy/), [GDPR Center](https://bunny.net/gdpr/) |
 | [Cloudflare](https://www.cloudflare.com/) (USA) | [Authoritative DNS](https://www.cloudflare.com/application-services/products/dns/) | Authoritative DNS services for our domain names. | USA, Global | [Privacy Notice](https://www.cloudflare.com/privacypolicy/), [GDPR Center](https://www.cloudflare.com/trust-hub/gdpr/) |
 | [Fediverse Communications LLC](https://fediverse.us) (USA) | PeerTube | For hosting public videos produced by Privacy Guides which are shared or embedded on this website. | USA | [More information](https://neat.tube/about/instance) |
 | [GitHub](https://github.com/) (USA) | Git Repositories | *For visitors to this website*: sharing information with our visitors about the current release, repo star count, etc. | USA | [Privacy Notice](https://docs.github.com/en/site-policy/privacy-policies/github-general-privacy-statement) |
 | [GitHub](https://github.com/) (USA) | Git Repositories, Issues, Pull Requests | *For contributors to this website*: hosting our source code and communications platforms such as our issues tracker. | USA | [Privacy Notice](https://docs.github.com/en/site-policy/privacy-policies/github-general-privacy-statement) |
 | [GitHub](https://github.com/) (USA) | [Sponsors](https://github.com/sponsors/privacyguides) | For collecting payments for gifts to Privacy Guides | USA | [Privacy Notice](https://docs.github.com/en/site-policy/privacy-policies/github-general-privacy-statement) |
 | [Stripe](https://stripe.com) (USA) | Connect | *For certain donations via GitHub Sponsors*: payment processing for donations | USA | [Privacy Notice](https://stripe.com/privacy), [GDPR Center](https://stripe.com/legal/privacy-center) |
 | [Triplebit](https://www.triplebit.org/) (USA) | Object Storage | For hosting static websites and static media content, and distributing static content | USA, Poland | [Privacy Notice](https://www.triplebit.org/privacy/) |
 | [Triplebit](https://www.triplebit.org/) (USA) | [Umami Statistics](https://stats.triplebit.net/share/S80jBc50hxr5TquS/www.privacyguides.org) | For compiling aggregated statistics of our website visitor data based on server-side visitor info submissions | USA | [Privacy Notice](https://www.triplebit.org/privacy/) |
 | [Triplebit](https://www.triplebit.org/) (USA) | Virtual Private Servers | For hosting our dynamic websites, storing and processing personal data. | USA | [Privacy Notice](https://www.triplebit.org/privacy/) |
 ## How can I contact Privacy Guides about privacy?
 You can send questions, requests, and complaints via email to us at <team@privacyguides.org>. You may also use Signal or another contact method detailed [here](about.md#contact-us) to contact us more securely.
 For complaints under GDPR more generally, you always have the option to lodge complaints with your local data protection supervisory authorities.
 ## Where do I find out about changes?
 This version of Privacy Guides' privacy notice took effect on March 4, 2025.
 Privacy Guides will post the next version here: <https://www.privacyguides.org/en/about/privacy-policy/>.
 In future versions, Privacy Guides may change how it announces changes. In the meantime, Privacy Guides may update its contact information without announcing a change. Please refer to <https://www.privacyguides.org/en/about/privacy-policy/> for the latest contact information at any time.
 A full revision [history](https://github.com/privacyguides/privacyguides.org/commits/main/docs/about/privacy-policy.md) of this page can be found on GitHub.
 In the event that a translated copy of this document conflicts with the English copy, the English copy of this document takes precedence.
--- a/docs/tor.md
+++ b/docs/tor.md
@@ -127,7 +127,7 @@ All versions are signed using the same signature, so they should be compatible w
 ![Onion Browser logo](assets/img/self-contained-networks/onion_browser.svg){ align=right }
-**Onion Browser** is an open-source browser that lets you browse the web anonymously over the Tor network on iOS devices and is endorsed by the [Tor Project](https://support.torproject.org/glossary/onion-browser). [:material-star-box: Read our latest Onion Browser review.](https://www.privacyguides.org/articles/2024/09/18/onion-browser-review/)
+**Onion Browser** is an open-source browser that lets you browse the web anonymously over the Tor network on iOS devices and is endorsed by the [Tor Project](https://support.torproject.org/glossary/onion-browser). [:material-star-box: Read our latest Onion Browser review.](/articles/2024/09/18/onion-browser-review)
 [:octicons-home-16: Homepage](https://onionbrowser.com){ .md-button .md-button--primary }
 [:octicons-eye-16:](https://onionbrowser.com/privacy-policy){ .card-link title="Privacy Policy" }
--- a/docs/vpn.md
+++ b/docs/vpn.md
@@ -355,7 +355,7 @@ With the VPN providers we recommend we like to see responsible marketing.
 **Minimum to Qualify:**
- Must self-host analytics (i.e., no Google Analytics).
+- Must self-host analytics (i.e., no Google Analytics). The provider's site must also comply with [DNT (Do Not Track)](https://en.wikipedia.org/wiki/Do_Not_Track) for people who want to opt out.
 Must not have any marketing which is irresponsible:
--- a/includes/strings.en.env
+++ b/includes/strings.en.env
@@ -7,7 +7,6 @@ DESCRIPTION_HOMEPAGE="A socially motivated website which provides information ab
 FOOTER_COPYRIGHT_AUTHOR="Privacy Guides and contributors."
 FOOTER_INTRO="<b>Privacy Guides</b> is a non-profit, socially motivated website that provides information for protecting your data security and privacy."
 FOOTER_NOTE="We do not make money from recommending certain products, and we do not use affiliate links."
 FOOTER_PRIVACY_NOTICE="Privacy notice."
 HOMEPAGE_CTA_DESCRIPTION="It's important for a website like Privacy Guides to always stay up-to-date. We need our audience to keep an eye on software updates for the applications listed on our site and follow recent news about providers that we recommend. It's hard to keep up with the fast pace of the internet, but we try our best. If you spot an error, think a provider should not be listed, notice a qualified provider is missing, believe a browser plugin is no longer the best choice, or uncover any other issue, please let us know."
 HOMEPAGE_DESCRIPTION="A socially motivated website which provides information about protecting your online data privacy and security."
 HOMEPAGE_RSS_CHANGELOG_LINK="https://discuss.privacyguides.net/c/site-development/changelog/9.rss"
--- a/mkdocs.blog.yml
+++ b/mkdocs.blog.yml
@@ -42,7 +42,7 @@ extra:
      copyright:
        author:
          !ENV [FOOTER_COPYRIGHT_AUTHOR, "Privacy Guides and contributors."]
-        date: !ENV [FOOTER_COPYRIGHT_DATE, "2019-2025"]
+        date: !ENV [FOOTER_COPYRIGHT_DATE, "2019-2024"]
      license:
        - fontawesome/brands/creative-commons
        - fontawesome/brands/creative-commons-by
--- a/mkdocs.net.yml
+++ b/mkdocs.net.yml
@@ -42,7 +42,7 @@ extra:
      copyright:
        author:
          !ENV [FOOTER_COPYRIGHT_AUTHOR, "Privacy Guides and contributors."]
-        date: !ENV [FOOTER_COPYRIGHT_DATE, "2019-2025"]
+        date: !ENV [FOOTER_COPYRIGHT_DATE, "2019-2024"]
      license:
        - fontawesome/brands/creative-commons
        - fontawesome/brands/creative-commons-by
--- a/mkdocs.videos.yml
+++ b/mkdocs.videos.yml
@@ -42,7 +42,7 @@ extra:
      copyright:
        author:
          !ENV [FOOTER_COPYRIGHT_AUTHOR, "Privacy Guides and contributors."]
-        date: !ENV [FOOTER_COPYRIGHT_DATE, "2019-2025"]
+        date: !ENV [FOOTER_COPYRIGHT_DATE, "2019-2024"]
      license:
        - fontawesome/brands/creative-commons
        - fontawesome/brands/creative-commons-by
--- a/mkdocs.yml
+++ b/mkdocs.yml
@@ -51,14 +51,11 @@ extra:
      copyright:
        author:
          !ENV [FOOTER_COPYRIGHT_AUTHOR, "Privacy Guides and contributors."]
-        date: !ENV [FOOTER_COPYRIGHT_DATE, "2019-2025"]
+        date: !ENV [FOOTER_COPYRIGHT_DATE, "2019-2024"]
      license:
        - fontawesome/brands/creative-commons
        - fontawesome/brands/creative-commons-by
        - fontawesome/brands/creative-commons-sa
      links:
        - name: !ENV [FOOTER_PRIVACY_NOTICE, "Privacy notice."]
          url: https://www.privacyguides.org/en/privacy/
    homepage:
      description:
        !ENV [
@@ -457,7 +454,7 @@ nav:
      - "about/criteria.md"
      - "about/executive-policy.md"
      - "about/notices.md"
-      - "privacy.md"
+      - "about/privacy-policy.md"
      - "about/jobs.md"
      - !ENV [NAV_COMMUNITY, "Community"]:
          - !ENV [NAV_ONLINE_SERVICES, "Online Services"]: "about/services.md"
--- a/theme/layouts/blog.yml
+++ b/theme/layouts/blog.yml
@@ -156,5 +156,5 @@ layers:
        amount: 4
        height: 1.5
      font:
-        family: Bagnard
+        family: Public Sans
        style: Bold
--- a/theme/main.html
+++ b/theme/main.html
@@ -34,7 +34,9 @@
    {% elif config.site_author %}
    <meta name="author" content="{{ config.site_author }}">
    {% endif %}
-    {% if page.canonical_url %}
+    {% if page.meta and page.meta.canonical_url %}
    <link rel="canonical" href="{{ page.meta.canonical_url }}">
    {% elif page.canonical_url %}
    <link rel="canonical" href="{{ page.canonical_url }}">
    {% endif %}
    {% if page.previous_page %}
--- a/theme/partials/copyright.html
+++ b/theme/partials/copyright.html
@@ -35,11 +35,6 @@
        {% endfor %}
      </a>
      {{ copyright.copyright.date }} {{ copyright.copyright.author }}
      {% for link in copyright.links %}
        <a href="{{ link.url }}">
          <strong>{{ link.name }}</strong>
        </a>
      {% endfor %}
    </div>
  {% endif %}
 </div>
--- a/videos/posts/why-you-need-tor.md
+++ b/videos/posts/why-you-need-tor.md
@@ -1,22 +0,0 @@
 ---
 title: |
  Anonymity for Everyone: Why You Need Tor
 date:
    created: 2025-03-02T18:00:00
 authors:
    - jordan
 description: Tor is an invaluable tool for bypassing censorship and browsing privately, in this week's video we dive into the details and explain how it works. Plus we cover some things you should avoid when using Tor to make sure you maintain your anonymity.
 readtime: 7
 thumbnail: https://neat.tube/lazy-static/previews/c47cf1e6-c0ba-4d80-82fb-fde27e1569c5.jpg
 embed: https://neat.tube/videos/embed/725431de-407d-4d36-a4a0-f01e169e0cad
 peertube: https://neat.tube/w/f7QkKGe5TJaPi6Y4S61Uoi
 youtube: https://www.youtube.com/watch?v=R7vECGYUhyg
 links:
  - Tor Overview: https://www.privacyguides.org/en/advanced/tor-overview/
  - Tor Browser: https://www.privacyguides.org/en/tor/
 ---
 Tor is an invaluable tool for bypassing censorship and browsing privately, in this week's video we dive into the details and explain how it works. Plus we cover some things you should avoid when using Tor to make sure you maintain your anonymity.
 ## Sources
 - Tor support documentation: <https://support.torproject.org/>