Online Safety in the age of FOSTA
A lot of folks have been reaching out, looking for guidance for what they can do to prepare themselves for the implications of FOSTA. I’ve decided to write out a plan of action that can help mitigate risk, keep your website online, and keep your social media profiles active. Please note that none of this is a guarantee, as most platforms haven’t announced what they’re going to do in light of FOSTA
This plan of action is broken up into sections, starting with your own personal electronic equipment and broadening to other areas of online safety.
How to protect your home computer, phone, and internet browsing:
- First and foremost, start using a VPN if you aren’t already. VPNs mask the static, unique IP address that’s assigned to all things that connect to the internet. VPNs mask your location, making it harder (but not entirely impossible) to find out where your internet connection originates. I personally use TunnelBear. The Interface is easy to use, and you can use it on up to 3 devices on their largest plan. It’s also affordable, and they run sales quite frequently. Use this on your computer and your phone. Separate your work phone from your regular phone. If you can only use the VPN on one of your phones, use it on your work phone.
- It should be noted that some streaming services like Netflix and Hulu won’t allow you to stream while using a VPN. If you’re streaming from the same device that you work from, make sure to close out all your browser windows, turn off your VPN, then restart your browser before connecting. If you’re SUPER concerned, clear your browsing history as well. When you’re finished with Netflix binging, just close out the browser, turn on your VPN, and resume other activities.
- TOR browser will not save you, for lots of reasons. The first one being that TOR browser is reliant on you connecting to a vast, private network through ways and means that are beyond the capability and means of lots of us. TOR browser is used with the TOR network. If you’re not using the two hand-in-hand, it’s like relying on the airbag in your car to protect you in a car accident and not wearing your seat belt. I can’t possibly get into TOR here, and it’s also not my area of specialty, but connecting to the TOR network is intense, complicated, and not just downloading a browser and going from there. If you want to use the TOR browser to say “fuck you” to Google and other companies, then by all means, please do. You can learn more about TOR here and here.
Websites, overseas hosting, domain names, and website migration
Website Content
(THIS IS CONSTANTLY CHANGING AND I’M DOING MY BEST TO KEEP UP, FYI)
Unless your website is currently hosted overseas on a server overseas that’s owned by a non-American company, you’ll need to change your website content in order to claim plausible deniability. You can do this in one of 3 ways, from how I understand FOSTA:
- Congratulations, you are now a model. You’ll need to change your website copy in order to reflect your new job as a model.
- Congratulations, you’re now a porn star. Hindsight being 50/50, this may be why all the workers on Rent Men are listed as ‘porn stars.’ I’d slap a 2257 disclosure on your website as well, just to be safe. Also keep in mind your current web host’s TOS. They may not allow explicit adult material to be hosted on their platform as it is, so check out your TOS before making a ton of changes that will result in your site getting deleted anyway. (This might not be accurate either.)
- Consider re-writing your website in the language you’d use for an online dating profile. Innocuous, kind of fluffy. Don’t specify acts. You may want to take your rates offline momentarily and only specify them privately on inquiry.
- Other work like camming, phone sex operation, and fetish modeling aren’t regulated in the same way either (this is changing, so please be aware that this is not definitive). I do have to note, however, that social media platforms have been silencing our work for a long time, and have the right to delete profiles whenever they see fit. They may delete your profile for being connected to an explicit website.
The above are purely suggestions, and not guarantees.
(It should also be noted that if your website is hosted overseas, you have much more leeway with your ad copy.) This may no longer be the case; please see information regarding The CLOUD Act. I suggest reading things by the Electronic Frontier Foundation to attempt to see just how the CLOUD Act works. I am not a legal expert.
Website hosting
The most common website hosting platforms that most folks use (Squarespace and Wix), are US-owned and operated companies (Wix is Israeli-owned) that house their servers in the US and EU. They are compelled to follow FOSTA once it’s enacted, and may begin cleaning house long before the law goes into effect.
I do not suggest deleting your websites. Alter your copy. Get that in line first. I do recommend exporting and downloading a backup of your site. Note that these exports will be HTML files, and they won’t translate from platform to platform. You cannot simply just import a Wix or Squarespace website to a WordPress-based web hosting service located overseas. Squarespace and WordPress speak two different languages, and the website has to be rebuilt in WordPress from scratch. If you need a visual copy of your site so you can redesign it elsewhere, simply navigate to your website, and in the browser’s file menu, select “print.” You’ll be able to save the page as a PDF file for reference later.
So to those who are wondering if I can just take your current website and plop it into WordPress on my server or another overseas venue? Nope. That’s not something that can happen. What I can do is redesign your site in WordPress due to the translation issues noted in the above paragraph.
Your options are not limited to me, however. You can either set up a WordPress (or other web builder environment like joomla or weebly) on an overseas server through an overseas hosting service, procure your own VPS (virtual private server) that’s owned and operated by an overseas company, or you can purchase space on a physical server that’s owned and operated by an overseas company and housed overseas. (I can only safely recommend overseas companies that are NOT a part of the EU. Iceland and Switzerland come to mind. Panama also comes to mind as well, but again, I am not an expert in this area.) The two latter, procuring either a VPS or space on a physical server, take specific knowledge and a certain level of expertise in running and setting up a server. I do not recommend either of these unless you have ample time and energy, and the self-control to not throw your computer out the window when things go wrong or won’t work properly. You could also hire someone to do this for you.
I fully recommend Swiss-based or Panamanian-based companies when looking for overseas hosting. The laws in these two particular countries are loose, to say the least. (“loose” was the wrong choice of words; both of these countries are very privacy-minded.) You’ll want your server housed in Switzerland for sure, as Switzerland is not part of the EU and is a neutral party in matters of banking and business.
I personally work with a company called Private Layer. They offer both VPS and physical server space, but do not offer hosting services. Anonymously.io offers hosting, one-click installation for WordPress, and VPS options, and only accepts payment through Bitcoin. They are located in The Netherlands. I don’t have personal experience with this particular company. Ungleich.ch is a hosting service that is Swiss-based, and you’ll definitely need to have some back-end tech knowledge to make a site on that platform. I also offer WordPress-based hosting, and you can read about the options I offer here.
Domain names
FOSTA is so broad in its language that it could even effect domain names and ICANN, the body that regulates them within the US. Top-level domain names that are regulated by ICANN include .com, .net, and .org. Lots of the domain registrar services that we use in the US are US-based (godaddy, dreamhost, namecheap, etc), and may be compelled by FOSTA to disconnect your domain from your website.
2023 update: to my knowledge, this has not happened. This is a very low-value thing for law enforcement to do, and I do not believe anyone has had their website domain seized due singularly to FOSTA.
(You can purchase other top-level domains from overseas domain registrars. You can have your current domain name redirect to the new one, and your SEO should only be minimally affected.)
BE AWARE OF DOMAIN REDIRECTING.
It is a complicated process that involves backend server access. To be frank, due to the rolling over of lots of ad sites, I’m not recommending folks change their domains right now UNLESS they are sure that they can handle 301 redirects to a new domain name. Transferring the same domain to a new server/website management system is far less complicated and may only affect your SEO minimally. Quite frankly, I’m just learning about successfully redirecting sites while maintaining Google rankings, and have not redirected any of my own sites.
As of 2023, I still DO NOT RECOMMEND changing your domain name. The SEO implications are hugely detrimental.
Overseas domain registrars do exist, but it must be noted that Whois protection is not available for all domains. You can, however, use altered information when registering the domain name. Alpnames.com is located overseas and allows you to pay with Bitcoin. You can also use orangewebsite similarly. There are other overseas domain registrars; a google search will reveal them. If your desired domain name isn’t available overseas, you can purchase it from a US-based company and transfer it to an overseas one.
Secure overseas email servers and encrypted calendar services
Y’all have heard of Protonmail. It’s a great service for security, and they also offer you the ability to use your own domain name for your email address. Make sure to register .ch with them- you can always change to your own domain name later.
2023 update: I hate protonmail and have lost business due to their service and shitty spam filter. I do not use them and don’t recommend them for this reason. Fastmail is far better, but if you don’t care about functionality and being able to search your inbox, go for it and use protonmail.
There are other all-in-one encrypted replacements for GSuite, mainly being FastMail. Theyre an Australian company, and aren’t compelled to answer US court orders. However, their servers are based in the US, and that gives me a lot of pause as to using their service. As an encrypted all-in-one replacement for GSuite, it is enticing though.
Encrypted calendar and data services located overseas are tough to come by. Fruux is a calendar, contact, and task-encryption service that’s German-owned. Germany has pretty legit digital privacy laws, but they’re definitely no Switzerland. I can’t vouch for Fruux, as I haven’t used it myself, but being that it has mobile capability and is compatible with all sorts of operating systems, it’s worth a look/try. SecureSwissData.com is not up and running yet, but when they finally are, I’ll probably give them all my money.
Really though. Remember to stay calm. FOSTA won’t be fully enacted until January 2019, and it’s already having an incredibly chilling effect. We are strong and we will make it through this.
