The struggle for digital sexual freedoms continues as federal lawmakers push bills like the controversial Kids Online Safety Act (which is currently stalled in the House), and several states restrict access to porn sites. In the private sector, social media censorship of LGBT users and porn site data leaks reflect a continued crisis between sexuality, privacy, and technology. So we went to the experts and asked several sex workers for their top tips to help you stay safe online.
1. Identify your personal security goals
“People should take a second and identify the risks they want to avoid,” cautions Pittsburgh-based dancer and escort, Josie Oakley. “Like, are they concerned about their family finding their online history? Or are they concerned about getting hacked? Stalkers? Tech companies or the government? Each of these requires different countermeasures.”
How Big Tech is approaching explicit, nonconsensual deepfakes
Thinking about the outcomes we want to avoid, then tracing our internet trail that might lead to that outcome, is a good practice. Let’s use the example of credit card information. Online payments are at the forefront of digital security conversations, as recent financial discrimination policies are being beta-tested on sex workers, but are rolling out to impact all customers who fit an unknown criteria of posing financial risk to their bank.
-
If we’re concerned about hackers, we might consider sharing our credit card information with fewer websites. Third-party payment options with stronger security measures, such as PayPal or Venmo, might be a safer route.
-
If our concern is our friends or loved ones knowing our internet habits, we might use a different credit card, or even a prepaid gift card, for our online transactions.
-
Tech companies or government surveillance could be deterred by using cash where possible. Some security sites like Mullvad VPN take cash payment by mail to preserve customer anonymity.
2. Minimize data connections across apps
“Avoid cross contamination of data between apps,” advises sex worker-run tech collective, Hacking//Hustling, in their doxxing prevention guide. Minimizing data that is shared between your various online accounts (like login information) can prevent a data breach on one website from impacting your other online profiles. Never use the same email and password combination on multiple sites.
Even the existence of an account on a website can be something an individual might want to keep private. For example, if they go to a certain doctor’s office for specialist treatment, or if they have an account on adult websites. The reasons we might want to keep parts of our online presence private can be varied, and the need for privacy increases each year as the data economy grows.
“An email address is a great way to track you across the internet,” says Ada Hamilton in her series Sluts for Security on the Tryst blog. Tryst is a sex worker-founded platform for escorts, BDSM professionals, massage providers, and adult entertainers to advertise their services.
“If you use [email protected] to sign up for various services, it’s obvious those accounts all belong to the same person. Services like Fastmail and Proton Mail have features to manage auto-generating new aliases on demand.” Email aliases are additional email addresses that can route emails to your primary inbox, so you don’t have to check multiple inboxes if you’re using different aliases to create accounts. A password manager can help you keep track of these unique emails, and also generate unique and randomized passwords for each of your online accounts.
Minimizing connections between your online presence can reduce the information a malicious actor can easily collect on you. Even if we’re not sure how certain information can be connected, it’s important to remember that data technology is rapidly evolving daily, and we can’t always know what tomorrow might bring. Maintaining good practices of digital security protects us more than we might anticipate.
3. Scrub metadata (like your location) from all shared media
Metadata is extra information embedded in digital documents, images, and videos that can include things like location or identifying information about the file creator. You could be unsuspectingly sharing more information than you thought when you share content online. Sometimes this extra data is obvious — ever notice that shared TikTok videos always include a link to the profile of the person who shared it? That’s one visible example, but metadata isn’t always so obvious.
“I use either Photoshop or Lightroom, available as part of Adobe’s photography plan at $10/month,” shares one sex worker from Atlanta, who primarily creates digital video and photography content. “But all you really need to do is make sure you have GPS settings turned off for your camera apps. While most sites like OnlyFans and Instagram will scrub your metadata anyway, you do not want to forget and send a photo over text or email and give someone your address by accident.” This sex worker chose to be anonymous for privacy reasons.
Different photography apps also record GPS location. In general, it’s a good idea to check settings and do research on any media sharing and creation apps to see what kind of extra information they include.
4. Cover faces, instead of blurring
As facial recognition technology advances rapidly, it’s worth thinking about where your face can be found online. Whether you’re a parent keeping your child’s image off the internet, or you’re a political activist, or in any situation where you’re sharing photos and want some privacy — consider fully covering faces instead of blurring them. “Many types of blurs can be undone programmatically,” advises tech security expert and pro dominatrix, Mistress Fae, on her new Substack. “A dedicated stalker can use readily-available online tools to recover your facial features.”
Always check photos closely for any other markers of location or identity, like tattoos and background elements, or even reflections in mirrors. Fae recommends using opaque methods of obstruction, like emoji stickers instead of light leaks or semi-transparent filters. Digital photos can be manipulated for more information than we expect. The more elements of an object that are visible, say the top half of an identifiable building, or a face where only eyes are covered instead of the entire face, the more likely it is that more information can be pieced together.
Is WhatsApp banning sex worker accounts?
5. Use encrypted apps
Sex worker communities often have to move quickly between platforms when censorship or risky data practices become apparent. On any app, always take some time to look over security settings, and turn off any location tracking and minimize publicly visible personal information. For example, until you review the settings, you might not notice that an app shares your “last online” timestamp with all your contacts. Do you consciously want to share that information? App permissions can also get reset when terms of service are updated by the developers; periodically checking these settings again is a good practice.
In 2024, we’re lucky to live in an era of abundance when it comes to encrypted apps. Encryption is the process of scrambling data so that only authorized users can read it. These are some popular recommendations used by sex worker communities:
-
Looking for a more private alternative to Google Docs? Try CryptPad.
-
Need more secure cloud sharing than Microsoft SharePoint? Consider ProtonMail’s new Proton Drive.
-
For secure texting, use Signal instead of iMessage or Facebook Messenger.
Explore additional layers of security for any app you use. Consider turning on the disappearing messages features to protect yourself and anyone you’re messaging in case either person’s phone is stolen. Dropbox allows you to set up a physical hardware token as your two-factor authentication method.
Managing risk online isn’t a binary process of choosing the “right” option — it’s about minimizing the exposure we can, and doing what we need to protect ourselves from different types of bad actors.