The old Internet adage – "if you're not paying for it, you are not the client, you are the product" – holds true for every single service on the Internet. The information that you upload to popular social networks, store on clouds, and transfer through popular commercial communication networks is a prime candidate for harvest, storage, analysis, and use by the creators of the services, as well as (as is now known), government security agencies.

If you want real confidentiality, you must avoid all the obvious popular and free (as in beer) options that already have proven untrustworthy [1]. In other words, if you are serious about keeping your data private, you should steer clear of services such as Facebook, Hotmail, Skype, YouTube, Dropbox, and the like (this is the first level of confidentiality). You should also use only open source software (a second level of confidentiality), because it is the only software that is audited frequently by independent, non-biased third parties. A third level of confidentiality is that you should be able to host the servers that process and store your data yourself.

Now, some people might disagree here. Many sys admins will argue that hosting your own stuff in-house to defend your privacy is not a good idea. They will say that supporting servers is a full-time job and that most small office and home office (SOHO) setups are not as secure and fault tolerant as professionally maintained server farms at hosting companies. They would be right; however, I am not arguing security here, but confidentiality, and those are two different things.

[...]