Why this site isn't a Substack

DuckDuckGo Privacy Essentials page rating: connection encrypted, no tracking requests found, no third party requests. no companies are trying to load tracking requests on this page.
I had to build my own stack to get a privacy rating like this. Here's what I gave up. DuckDuckGo Privacy Essentials


People have a lot to say these days. They are using the platforms to get their voices heard, to ensure they are paid for their time, to reach and monitor their audience.

This isn't right for me.

I prefer to live my data privacy values, or I aspire to anyway. If I wrote all about data ownership but didn't practice what I preached, I'd be setting a poor example.

What that means is, I can't see myself giving over my data--or yours--to a platform. I needed to choose a site where I had ultimate control over what visitor data is stored and what is not. Read: a site where almost nothing is stored, or at least as little as possible.

I'm not the only one to do this (see Cory Doctorow's blog for a similar approach). But it is admittedly unusual. So I had to think about what would work best for me, marrying my principles with a workflow, and an experience for you, my reader. It also meant thinking deeply about the tradeoffs.

There's always a tradeoff

I jump through a lot of hoops in pursuit of data ownership. I read everyone's privacy policies from top to bottom. I knew I needed to avoid enriching the very companies and economic system I am trying to actively undermine. But that does involve some trade-offs.

Leaving the platforms behind means that this site is not Search Engine Optimized. It does not have top ranks in search. It does not track visitor numbers or seek out engagement. It is not part of an ecosystem that will "boost" or promote it. 

That is okay with me. I don't need to know who you are. I don't want to feed into a surveillance ecosystem online or feed another platform through outrage.

But a downside of this evasion is this: I have no idea if this site is helpful, interesting or useful to anyone. Unless you sign up for my newsletter, I don't know that you want to know more. Github keeps logs, but I don't see them.

I recently started using GoatCounter, an open source analytics tool that counts page views and clickthroughs, so that I know if the site is being visited at all. But I have limited the data it collects (you can see the data it registers here).

That is why I will (rather obnoxiously, sorry) ask you to sign up for my newsletter. Because otherwise, I have no idea whom this site is helping or if it is helping at all. (At least I chose a newsletter that also doesn't track you: more on that below.)

You can do so by clicking SUBSCRIBE at the top of the page.

And since I don't need or want your personal data, I encourage you to sign up with an obfuscated email address.

Nothing Else Under the Hood

To build an untraceable site (that is, a site that doesn't trace you), I had to avoid the major players. Substack and Medium were out, and Patreon too.  This also meant avoiding ready-made systems like Wix, or microblogging platform tools like Wordpress. I wanted full stack control, so that all tracking would be set to off. And limited trackability, and limited reliance on dependencies off-site.

Clearly, the way to move forward was to have as simple a website as possible, one that didn't load its fonts from Google or have other dependencies embedded in its stack. I needed something built in static HTML.

I have built other sites in just plain HTML. I hand-coded my first ever website in 1994, a high school class project, and that was before there were WYSIWYG editors that made it easy: it was all <head>,<body>, etc. It's gotten a lot easier, and there are some great themes to build off and ways to support the artists and coders who make them.

But it's one thing for me to update my resume or add a publication to a list on my professional website. This needed to be a blog, and that means a post-management system is essential.

Fortunately, there are options for marrying the simplicity (and limited hackability) of static HTML sites with the power of blogging platforms.  Here are some options I checked out and can happily recommend:

  • Publii: I ended up going with this option as I liked this theme, and I liked how the software kept my thinking and posts organized.  Publii is kind of Word-Press like in that it gives you a GUI to manage your posts, but it lives on your computer and not on the cloud. It is open source and supported by a community, who do bug tracking as well as build themes. Yes, the theme uses Google fonts, but you can substitute an alternative if you want, and it does not ping a Google API to do so but bundles the fonts with the site. I decided that was okay for now: I'll replace the fonts later.
  • . I love this system. You can use their online version or install a version of your own to run on your own server. It is more of a writing platform, and in the end I didn't like the themes on offer (and with everything else going on, I didn't want to invest the time to write my own). But their privacy values are in line with my own, in support of data freedom, which I loved. Between that and its usability, I think it should be more widely known and used. I have some ideas to use it myself for other writing as well.
  • Hugo: If you like command-line interfaces (I sure do), you'll also enjoy using Hugo. I set up a few sites to play around with it. You run the whole thing from the command line, which I prefer as it gives you the most sense of control over the system. There are a lot of beautiful themes for blogs too. Still, I couldn't get over the fact that Hugo is based on Go, which is a language developed at Google...
  • Jekyll. I admit I just couldn't get this up and running because I got stuck with Ruby on Rails problems--across three different systems (MacOS and two Linux distros). I will spare you the very long and boring story. But if you are a RoR Jedi and have it all installed and working, go for it. The project and its community are worthy of support. Also Github pages runs on it so it integrates pretty seamlessly.


Most of today's online systems are not written with privacy in mind. Sure, they are written with security in mind: making sure their data is safe from attack or hacks. But that's not the same thing as not collecting visitor data, period.

Keeping privacy and radical data ownership front and center, for me, meant that I needed to build my own infrastructure to host the thing I want to see in the world. In other words, I was responsible for assembling my own stack, top to bottom.  And the bottom part is just as important as the top.

Of course, I do run my own server instances. I'm not adverse to doing so. But I knew that if I ran my own instance for this site, I'd run into trouble with scale and security. I couldn't avoid installing Cloudflare or some other such service. If data privacy is my aim, I can't risk an attack.

The best option I could come up with, one that offered security and scalability with minimum tracking, is Github Pages. So that's where this site is for now.

Github does log your IP address, but that's it. That was pretty much the best I could do for a hosted service. If Github changes and expands its data collection, I will move the site.

If IP address collection makes you uncomfortable, please load this site via a VPN or Tor. I don't need your IP address.  See my Privacy Policy for more.

I think DuckDuckGo has now rated my site an A+, meaning that it detects no trackers or anything trying to suss out who you are. I am taking this as a sign of some small success.

Are you my audience?

My blog is invisible and hard to find. As a writer, I need to know that my posts are reaching an audience. I don't need to know anything else about that audience. Just that it is out there, and it is listening. How could I do that, untraceably?

I looked into the old fashioned web counters and trackers--the ones we used to embed on our Geocities sites. No dice. Those require some data. Same with the "web rings" of old. I am still looking into viable options, but a first pass turned up few visit counters that fall into the category of Do Not Track.

I looked into two analytics services that align with my values: GoatCounter and Plausible.  I like both of these systems as they allow you to own your site's tracking data; limit what they even register in the first place; and let anyone see the results. and they  is open source analytics tool that counts page views and clickthroughs. Both are open source and their values of data autonomy line up with my own.

In early 2023 I started running a limited version of GoatCounter. It is not self-hosted, but the data it registers is very limited, and expires after a short time. You can see the analytics here, and read the developer's rationale for why he made the system.

I also looked into a lot of email listserv services. Of course I could run my own service, but I don't want to be responsible for administering a server with that kind of data. It could be vulnerable to attack.

I chose ButtonDown because the owner's values align with my own. He runs the site in a privacy-forward way. He doesn't look at the information I collect (addresses, that's it). He doesn't look at the content. He promises he won't change that. He just knows that I am a site user and I run a list.

Here is his stance on data ownership. It aligns with what I'm trying to do here.  Again, if this changes, I will move the list. In the meanwhile, thanks, ButtonDown!

What about payment?

Patreon or Substack have monetization built in. These are important for writers who need to be paid for their work. Even if an author doesn't enable payment, just visiting the site and subscribing to newsletters is an important metric for the people who work at those platform companies. It pays their salaries.

I am a professor. A university pays my salary. As in all the opt out experiments, I know I am engaged in a privileged sport. While I am fighting to change that, in the meanwhile, I can afford to ask you not to pay me for the time I spend writing this.

I don't want you to pay me, but I would love it if you would pay it forward instead. Please look up these open source projects, and think about using their tools and contributing as a community member or a donor. Other people need your money: please pay them for their time. 

You can also pay it forward by posting links or sending relevant posts to your friends. Especially the material on Reproductive Privacy. You never know whom that is going to help, or when.

And if you're comfortable doing so, hit subscribe above, so I know that someone out there is interested in what I have to share.