The Greenhouse of Home Privacy¶

A greenhouse does not run itself. It requires regular, unhurried attention: a check here, a tidy there, the occasional deeper look at something that has been quietly not quite right for a while. None of it is difficult on its own. What makes the difference is whether it happens at all, and whether it becomes a habit rather than a reaction to something going wrong.

The routines here follow the same logic. Each one is small enough to complete in a single sitting. None of them requires specialist knowledge to begin. What they require is returning to them, which is easier when they feel like part of the rhythm of the place rather than items on a checklist. That is the spirit in which they are offered.

Mapping the garden¶

Once a month, take stock of every device, app, and account you use. This does not need to be elaborate: a page in a notebook, a column in a spreadsheet, the back of an envelope. The point is to make the shape of your digital garden visible, because it is almost certainly larger and more varied than you carry in your head at any given moment. There will be accounts you opened years ago and have not thought about since. There will be apps that still have permission to your location or your contacts for reasons that are no longer clear. There will be devices you stopped using but never secured or cleared properly. Noting them down is the first step. Once you can see the overgrowth, you can decide what to prune.

Weeding out weak stems¶

Passwords are the most frequently needed part of the garden and, in most households, also the most neglected. The goal is not to change every password at once: that produces a week of effort followed by six months of reused passwords because the effort was not sustainable. Instead, pick a small number of accounts each week, perhaps five, and update those with strong, unique passphrases. The Diceware method from the games page works here without modification. A passphrase generated by rolling dice is considerably stronger than a password made of memorable words with numbers substituted for letters, and it tends to be more memorable rather than less once you have a short story to hang it on. A password manager makes the rotation easier to sustain because it removes the need to remember what you have changed and when.

Tidying the greenhouse¶

Once a month, clear out the accumulation. Delete files you no longer need. Remove apps you no longer use, particularly ones that retain permissions to your location, contacts, or microphone. Clear browser cookies and cache, or at minimum review which cookies you are carrying from sites you no longer visit. The digital equivalent of clutter is not inert: it is a set of channels that remain open, permissions that remain active, and data that sits available to whoever can reach it. A periodic tidy-up reduces the surface considerably, and it tends to produce the clarifying effect that a physical tidy-up produces: a clearer sense of what is actually there and what you are actually responsible for.

Checking the fences and gates¶

Your home network is the boundary between your devices and everything outside them, and it deserves a regular look. Log into your router’s interface and check which devices are connected. An unfamiliar device is worth investigating. Default router passwords are a well-known weakness and should have been changed when the router was first set up; if they were not, that is the first thing to correct. Unused features, remote access being the common example, are worth disabling if you have no active reason to use them. This does not need to happen weekly: once a month, or when something changes about your network, is enough. The goal is to know what is connected and to have made deliberate choices about it, rather than running on defaults that someone else chose for different conditions.

Installing shutters¶

End-to-end encrypted messaging is not difficult to adopt and makes a genuine difference to what is visible to anyone positioned between you and the person you are communicating with. Choosing one or two apps that provide it by default, and using them for personal correspondence, is a decision that costs very little once made. The more useful habit to build alongside it is verification: if an encrypted messaging app offers a way to confirm that you are speaking to the person you intend to reach rather than someone in the middle, that verification is worth doing with the people you communicate with regularly. It is also worth understanding that metadata, who you talked to, when, and how often, is often not protected even when message content is. Being aware of that distinction, and choosing accordingly, is the more nuanced part of this routine.

Trimming hidden leaves¶

Most files carry metadata that was never intended to be shared beyond its original context. A photograph taken on a smartphone typically contains the time, the device model, and often the GPS coordinates of where it was taken. A document created in an office application may contain the author’s name, revision history, and organisation. Before sharing files outside your household, it is worth looking at what they carry. Several free tools exist for reading and stripping metadata from common file types, and one of the games pages introduces the concept in a way that makes the habit stick. Attending to this before sharing photographs in particular is straightforward once you have done it a few times, and it prevents information from travelling further than you intended.

Adjusting the light¶

Privacy settings across social media, apps, and devices shift when platforms update their terms or introduce new features, and they shift in a direction that is rarely more restrictive by default. A quarterly review of your settings across the platforms you use regularly is a small investment that keeps things roughly calibrated. The most useful approach is to document what you have chosen and why, so that the next review starts from a known position rather than from scratch. A short log, even a page in a notebook, is sufficient for this purpose.

Training the scarecrow¶

A plan is only a plan until you try it. Once a quarter, run a small household exercise: choose a scenario, perhaps that a device has been lost, or that an account has been accessed by someone else, and work through what you would actually do. Which accounts share a password with the one that was compromised? Which devices are connected to the same network and should be checked? Who do you need to notify? How do you change the credentials, and in what order?

The exercise will almost certainly surface things that the plan assumed were handled and were not: a device that takes longer to isolate than expected, an account whose recovery process requires access to a second account that is also now suspect, a contact list you did not realise was stored on the compromised device. Those discoveries are the point. Finding them in a practice run costs nothing. Finding them in an actual incident costs considerably more. Running the exercise with children, once they are old enough to participate, teaches the household vocabulary for talking about these situations and removes the panic that comes from encountering a problem for the very first time when it is real.

The garden journal¶

Keeping a brief record after each of these routines is not additional work. It is the practice that turns the routines into understanding rather than procedure. A few sentences are enough: what you found, what surprised you, what question you now have that you did not have before. Over time, the journal shows you what has changed in your garden from one season to the next, which is considerably more useful than any single snapshot. It also makes the routines easier to maintain, because returning to a record of previous visits makes the next visit feel continuous rather than isolated. The habit is the same one that makes the games more valuable after the game than during it: experience converts into understanding when you attend to what it produced.