I Googled Myself. Then I Checked My App Permissions. I Wasn’t Ready For What I Found.

--

*A personal audit that changed how I see every app on my phone*

It started as a casual exercise. Google yourself, check your permissions, see what's out there. Simple enough.

I wasn't ready for what I found.

First, I Googled Myself

Some of it I expected old accounts, a few social media profiles, things I knowingly put out there. But seeing it all aggregated in one place, laid out like a dossier on a stranger, was unsettling in a way I didn’t anticipate. This wasn’t information I consciously published. It was information that had been collected, indexed, and made available without me ever making a deliberate choice to share it.

That version of me sitting on Google's results page? I didn't build it. Someone else did. And I had no say in how it looked or who could see it.

Then I Checked My App Permissions. That’s Where It Got Real.

Microphone. Location. Photos. Contacts.

App after app after app, all with access to parts of my phone that had absolutely nothing to do with what the app was supposed to do. A shopping app with microphone access. A utility app tracking my location. Games with access to my entire photo library.

I hadn't noticed because I clicked through the permission requests the same way everyone does. Quickly, without reading, just trying to get to the thing I downloaded the app for in the first place.

But the one that hit hardest wasn't a random app. It was WhatsApp.

WhatsApp Told Me My Chats Were Private. My Ads Said Otherwise.

End to end encryption. That's the promise. Your messages are private, only you and the person you're talking to can read them, not even WhatsApp can see your conversations.

I believed that. Most people do.

But here is what I kept experiencing. I would have a conversation with someone about a product. Just a casual chat. I wasn't searching for it, I hadn't typed it into any browser, I hadn't looked it up anywhere. And within hours, sometimes minutes, ads for that exact product would start appearing on my Instagram feed.

Instagram. Which is owned by Meta. Which also owns WhatsApp.

Now I can't prove what's happening inside those servers. Nobody outside can. But I know what I experienced, repeatedly, consistently. And the pattern was too specific, too accurate, too immediate to feel like coincidence.

End to end encryption may protect my messages from outside hackers. But it clearly doesn't protect my behaviour, my patterns, my conversations from being fed into an advertising machine that knows me better than I'd like to admit.

That's not privacy. That's a privacy shaped product designed to make me feel safe while the real work happens somewhere I can't see.

What Actually Disturbed Me Most

It wasn't just that my data was being collected. It was that I had been told it wasn't.

There is something deeply unsettling about realising that the tools you trusted to protect your privacy are the same tools profiting from its absence. That the lock on the door is real, but there's a window open around the back that you were never told about.

I gave these apps my microphone because I trusted them. I gave them my location because I needed a feature. I gave them access to my photos because it seemed harmless. And in return, they constructed a version of me, my habits, my interests, my conversations, my movements, and sold that version to the highest bidder.

And the worst part? There was no dramatic moment where I consciously agreed to any of it. It happened in a hundred small clicks, a hundred rushed I Agrees, across years of using apps that presented themselves as services but were operating as surveillance tools.

So What Now?

I don't have a perfect answer. I still use WhatsApp. I still have apps on my phone with permissions I probably shouldn't have granted. Opting out entirely isn't realistic for most people. These tools are too embedded in daily life to simply walk away from.

But I do think differently now. About what I click. About what I say near my phone. About what privacy actually means versus what companies tell me it means.

Real privacy isn't a setting you toggle on. It's infrastructure, built from the ground up to ensure that your data cannot be accessed, even by the systems processing it. That's what encrypted compute, the technology Arcium is building, actually promises. Not a policy that says your data is safe. A technical reality where it cannot be anything else.

That difference matters. Because I've seen what happens when privacy is just a promise.

I'd rather have a guarantee.

Tag: @Arcium