Our tool selection process for the Privacy Hub is designed to prioritise privacy, security, and anonymity while remaining practical and usable for everyday Australians.
We draw from our own experience, established privacy resources, communities, and best practices to help build digital resilience. Tools are evaluated holistically to avoid bias toward proprietary or data-harvesting options.
All tools featured in the Privacy Hub must be free (or have robust free tiers) and actively maintained. We regularly update our recommendations based on new audits, community feedback, and emerging threats.
Our Vetting Standards
- Open-Source Preference: We strongly prefer open-source tools for transparency, community scrutiny, and verifiable code. This allows independent review and reduces the risk of hidden backdoors. Closed-source exceptions are rare and clearly noted.
- Security and Independent Audits: Tools should demonstrate strong security through regular third-party audits by reputable firms, end-to-end encryption (E2EE) where applicable, and hardening against common threats such as tracking, fingerprinting, and data breaches.
- Minimal Data Collection and Strong Policies: Tools must minimise unnecessary data logging, tracking, or sharing with third parties. They should follow principles of data minimisation, purpose limitation, and clear user consent. We avoid tools from jurisdictions with weak privacy laws or those tied to ad-driven business models.
- No Ads, Trackers, or Invasive Features: Tools should block or avoid ads and trackers by default, with no telemetry or unnecessary permissions.
- Usability and Accessibility: Tools should offer user-friendly interfaces with minimal learning curves, cross-platform support (mobile and desktop), and good compatibility with common devices and operating systems. We favour options that balance strong privacy with everyday convenience.
- Active Development and Community Support: Tools should receive regular updates (ideally within the last 6–12 months), respond quickly to vulnerabilities, and be backed by active communities (e.g. GitHub activity). We assess long-term viability, user adoption, and incident history.
- Australian Relevance and Compliance: Tools should respect Australian privacy laws (such as the Privacy Act 1988) and consider local threats like metadata retention. We prioritise options that work well on Australian networks and avoid those that conflict with national standards.
