It’s not a secret that I’ve always tried to self host some services. I’ve always had some trust issues with the cloud giants with my data. My HP Microserver Gen8 that just won’t die, is running hosted services for over a decade. That box has been my data safe haven while everything else around it has become more hostile, more extractive, and more controlled.
I’ve lived the last years leveraging cloud services, paying for most of them, but now, with geopolitical tensions escalating, Big Tech’s systematic erosion of privacy via services, platforms or AI, and legislation in both the US and EU that seems designed to benefit surveillance capitalism over citizens, I’m accelerating my exit from US-owned platforms and closed-source ecosystems. It’s not paranoia, it’s about risk management… I know risk when I see it.
I won’t lie to you, this transition hasn’t been trivial, but it’s not impossible either. For most of my adult life, Google and Android were my default ecosystem, paired with Windows. I dabbled in Apple gear for a while, but the walled garden mentality that pervaded Apple, never sat right with me. I couldn’t stand how closed iOS was, how forbidden upgrading a mac laptop suddenly became.
What’s worse, the innovation has stalled. iOS and macOS feel like they’re coasting on brand loyalty. Even Samsung is loosing its edge. The Galaxy S26 lineup lacked any palpable innovation. When you only get a spec bump and a privacy screen as selling points for a new generation of smartphones, you should go back to R&D urgently. Also, killing bootloader unlocking on all phones with One UI 8 is a shit move. Allied to this, Google’s Android developer verification program falls inline with all the rest of the privacy woes.
It’s getting hard not to fall into all the traps. The industry is consolidating around convenience and AI at the cost of agency, privacy and innovation.
Here’s what I’m building toward.
These aren’t preferences, they are requirements:
Privacy — Not “privacy by design” marketing speak. Actual privacy. End-to-end encryption where it matters. No telemetry. No behavioral profiling. No data being sold to the highest bidder. If I can’t audit what’s happening to my data, I don’t trust it.
Sovereignty — Both technological and data sovereignty. I want to know where my data lives, who controls the platform / solution / application / infrastructure, and what legal jurisdiction applies. Being subject to US CLOUD Act requests or EU data localization requirements without my consent isn’t acceptable. I choose my jurisdiction, not a Terms of Service agreement I didn’t negotiate.
Open Source — Closed source is a black box. Open source means I can inspect, modify, and understand the software I depend on. It means there’s a community that shares the same ethos and concerns that I do and it’s keeping a keen eye on the code. This is a difficult one. There are a lot of open source solutions out there, but not always they have all the features that I’m looking for… The bare minimum requirement is that there’s no proprietary format that can lock me out if I want to move on to another solution.
Self-Hosting Capability — If I can’t run it on my own hardware, I don’t fully own it. This doesn’t mean everything has to be “on-prem”, but if the option exists, it’s a plus point. Vendor lock-in is a form of leverage, and I refuse to give anyone leverage over my digital life.
What’s Next?
This isn’t a finished project. It’s ongoing. In future posts, I’ll document the specific tools, migrations, and compromises I’m making along the way. Some will work. Some won’t. I’ll share both.
If you’re considering a similar path, start small. Pick one service. Migrate it. Learn what breaks. Then move to the next. The goal is to progress toward actual control over your digital existence.
Leave a Reply