Making Privacy Tools Worth It Part 2: The Developers (& Community)
If you haven’t read last week’s post, I highly recommend it to get up to speed. A quick recap for those who may have forgotten: The Privacy Dad shared a blog post about why his friend ended up abandoning Tutanota, citing a number of issues and difficulties he ran into. Last week, I examined TPD’s Friend’s criticisms, focusing specifically on the ones that I felt were areas that end users should improve on themselves – such as the need to be more flexible and forgiving as well as becoming a little more tech-literate when it comes to reading support documentation. (Before anyone starts telling me how I’m gatekeeping or blaming the users, please read the blog post in full.) However, that doesn’t mean that the developers are without room for improvement here. There are a lot of things that developers (and other members of the privacy community – myself included) could be doing to reduce the friction of onboarding and retaining “normies” with privacy tools. So this week, as promised, let’s focus on those.
Let’s start with a category that’s frequently overlooked, but is really step one: education. TPD’s Friend noted a few complaints in this category, specifically “although end-to end encryption sounded attractive when I first signed up, I never use it. I can’t really see the point and didn't want to ask others to set a passcode.” Let me start by addressing this one specifically because I see this mentioned a lot in the privacy community: an encrypted email provider isn’t only protecting your communications (when applicable), they’re also protecting your inbox. I have stated before that in my opinion, everyone should be using a zero-knowledge provider like Tutanota or ProtonMail even if they don’t email other encrypted email users a lot. The reason is simple: you’re cutting your risk in half. If an encrypted email provider gets breached, there’s nothing there for the attacker to steal because all your messages are zero-knowledge encrypted. On the other hand, if a mainstream provider like Gmail gets breached, your inbox is a sitting duck. While it’s true that the message you sent to your Gmail-using friend might get exposed if/when their inbox gets breached, that’s still probably a lot better than your entire inbox – complete with updates from your bank, correspondence with your doctor, pictures from your friends and family, etc – getting breached and using a zero-knowledge provider reduces the odds of that happening.
This is an educational failing on our end – note the “our.” I am included in this one. I’m doing my best with projects like The New Oil, but clearly there’s much to be done still. One of the most basic facts of business is that you have to convince people to buy your product. Sometimes this is easy – everyone has to eat; you just have to convince people that you sell delicious, affordable, (and maybe healthy) food. Sometimes there’s more resistance. Privacy tech is no different. I’ve had decent success selling people on Bitwarden or even Brave sometimes. It’s a lot harder to sell them on Linux or even ProtonMail. What makes privacy tech especially different from most other industries is that most people don’t even realize they have the need it fills, or at very least they don’t feel strongly enough about to act on it. I personally am of the firm belief that the vast majority of people who claim they don’t care about privacy don’t actually understand how bad the invasions are or the potential damage of said invasions. I’ve had many a conversation with people where I talk about some of the more extreme privacy invasions from services like Meta or the damages that can be done by services like Google and while I haven’t always been successful in winning them over, I’ve often gotten a response of “okay, that’s pretty creepy, I’m uncomfortable, I didn’t realize it was that bad.”
We’re also not doing ourselves any favors by giving users conflicting messages like “nah, Gmail has great security and using an encrypted inbox gives you a false sense of security because only half the message is encrypted, and also email itself isn’t secure so instead let’s sit around and do nothing because apparently if it’s not perfect it’s not worth doing.” (I’ve criticized this here and will be doing so again soon, stay tuned.) We as a community – developers and non-developers alike – need to get on the same page, and that page is educating people on why privacy matters and why it’s worthwhile to make changes – even small, incomplete ones. For the record, “education” should also include informing people on shortcomings and risks such as the insecurities of email or the risk of losing your encryption keys, but in my opinion we should still be encouraging forward motion. I recognize this is an uphill battle. We’re fighting trillion-dollar companies who make their living convincing people that privacy doesn’t matter and that cosmetic toggles are good enough, as well as outdated ideas like “Linux isn’t user friendly” or “why would anyone want to hack me?” But uphill or not, this is part of the battle we face.
User Interface (UI)
Next let’s talk about the most visible but admittedly subjective aspect of any software: the UI. For those who don’t know, the UI is everything the user sees: the color scheme, the button shape and behavior, where each setting is in the settings menu, how black the background is on dark mode, etc. UI is an incredibly subjective thing. For example, TPD’s Friend stated “For a while I used both Tutanota & Outlook and I find the latter much easier to use; it's intuitive and clear and gives me everything I need.” As I stated in last week’s blog, I hard disagree. Like, my disagreement cannot be overstated. We use Outlook at my day job and it pretty much drives me up the walls any time I need to do literally anything other than send an email. I originally wrote a list of complaints here, but the point is that clearly there are no hard-and-fast rules when it comes to making a UI everyone will like.
Despite that, there are some UI principles that are generally considered as “appealing” for the majority of users. For example, most people want a dark mode at least as an option. Most people don’t want bright neon colors like an early 2000’s Geocities website. Most people want rounded corners, tabs, and other “modern-looking” design choices. To see a real-world example, consider Thunderbird. It was once pretty universally agreed that Thunderbird was a UI abomination that looked like it hadn’t been updated since 2003. But this year, they did a serious visual overhaul. Compare this to this. Regardless of your personal UI preferences, most readers will probably agree that it’s a pretty “night and day” difference, with one being the obvious choice that’s more likely to keep a normie using it. If you’re like me, you may have a large amount of patience of this kind of stuff – you may not mind an outdated look so long as the menus are intuitive and the software itself is reliable and functional – but we are the outliers. Most mainstream users want those things and a UI that looks like it’s from this decade. Mainstream software is designed to be appealing and make people want to stick around. While privacy tech may not have this same goal in mind, people have come to expect a pleasant appearance in their software tools. I will be among the first to admit that Tutanota has a pretty outdated look, especially compared to Gmail. Compare Google search to SearXNG. Or even iCalendar to Proton Calendar, which are certainly much closer than those other examples but Proton still has vast room for improvement.
This is the second hurdle we need to overcome to retain normies. I know this is a huge ask. For years, The New Oil’s website also had the same kind of outdated look I’m criticizing here, not because I lacked the technical skill to make it look better but because I didn’t know how it should look to achieve that modern design. It took someone more knowledgeable than me sending screenshots, which I instantly recognized as an improvement but again, I never would’ve figured that out on my own. Sometimes improvement is a team effort. I also know that these things take time. I’m not a developer, but I used to “code” the entire website myself, line-by-line, in HTML and CSS. Any major changes took weeks of “coding,” testing, fixing, etc., before it was ready to push. And that’s just a static site. That doesn’t even account for the complexities of apps that actually store data like usernames and passwords, the need to make those databases secure, and all the other specialized knowledge and skill that comes along with those things. But the end of the day there’s two kinds of software: personal “for fun” projects and stuff you want to seriously share with the world. If you create a personal project that you also decide to share out of the kindness of your heart, then sure. Make it look however you want, and users who dislike it can kick rocks. But if your primary goal is to make something that was intended to attract others and get them using it, then you have to cater to the users. And it starts with the UI.
Last but not least, if we want to retain users, we need to change the way we support them. TPD’s Friend said of Tutanota “Their help service and FAQ's are full of technical jargon which makes my eyes automatically glaze as soon as I start reading!” I contested this claim last week and said that – even doing my best to imagine it from the perspective of a non-technical user – I found Tutanota’s support page to be extremely easy to grasp and suggested that perhaps the author was suffering from Learned Helplessness. That said, I have definitely seen some trainwreck documentation from all across the board. For example, let’s look at Lemmy, who recently rose to prominence in the privacy community after a series of “hostile toward the users” decisions from the Reddit management. The Lemmy website says that “Lemmy is a selfhosted social link aggregation and discussion platform. It is completely free and open, and not controlled by any company.” It also highlights features such as being “open source, using the strong copyleft AGPL License” and being “blazing fast, using some of the fastest framework and tools including Rust, Actix, Diesel, Inferno, and Typescript,” with “powerful mod tools.” As you can tell, this is clearly aimed at developers and admins, so where do normal users fleeing Reddit go for more information about this project? To hell, apparently. The main hub for Lemmy – https://join-lemmy.org – contains nothing overtly directed at users, certainly not at mainstream ones. You can direct your mainstream friends to a particular instance, but that instance may not contain any information that helps them make sense of what they’re looking at. You could direct them to Lemmy’s documentation – which is actually extremely comprehensive and well-written – but also uses terminology that most people may not immediately recognize even if they’ve been using Reddit for years (ex, “Lemmy is a selfhosted, federated social link aggregation and discussion forum”). If TPD’s Friend struggled with Tutanota’s FAQ, Lemmy’s documentation is certain to leave them questioning every decision they ever made in life that led them to that moment. Technically it’s not indecipherable or overly technical, but it’s flooded with information that’s just plain not useful to a normal user and even where it is, they’re likely to have been scared off by now. And lest you think this is just the price of a more complex, federated technology like Lemmy, compare to Mastodon who promotes features like a chronological timeline, the fact that your audience can’t be forcibly taken away from you, the wide range of content available (audio, video, images, polls, etc), and only toward the bottom does it start to throw in more technical details like federation and open source. This is far more approachable to a normie as it targets things they are more likely to care about without drowning them in overly-technical details that aren’t relevant to them.
I’ve also seen developers grow hostile toward criticism. I’ve personally seen an overabundance of instances where the response to a feature request, bug report, or piece of constructive criticism for an app was met with an exasperated “we’re trying our best, we can’t do everything” (which is fair but usually it’s meant as an excuse to brush off the feedback) or worse: “program in that feature yourself.” That’s actually a huge selling point for most FOSS-purists (“anyone can modify the code”) but it’s insane in practice. True anyone can modify the code but only in the same sense that anyone can modify a car. It’s not like the general architecture of a car is some kind of secret. Particularly intelligent and enterprising kids build their own go-carts all the time. But could you imagine an engineer at Ford or a car salesman going “oh you want that car with leather instead of cloth seats? Well you can easily reupholster them yourself”? It’s completely tone-deaf to assume that everyone has the time and resources – let alone the interest or desire – to learn to code, especially whatever specific language your app or service has been programmed in.
And lest we forget, the constant off-topic responses to questions are a great way to drive off new users attempting to get involved in privacy. I once asked a troubleshooting question about my Nextcloud server in a Nextcloud-focused chat room. Someone asked if I was using bare metal or Docker (for the non-technical, basically which of two installation methods did I use). I said bare metal, to which they replied “why not use Docker?” Even as I type this, I can feel my brain struggling with that response. Who cares? The install is already over, and why I didn’t go with Docker doesn’t matter. Even if the writer did manage to somehow convince me that Docker is the One True Way™, that still wouldn’t have solved my current issue. Another common experience is for a user to ask a question about Mac or (especially) Windows, only to find “That Guy™” who replies “switch to Linux” even if that’s not a feasible solution for any number of perfectly sensible, valid reasons. It’s like a knee-jerk reaction for some people. I once saw a Reddit thread where someone asked about 2FA apps for iOS. Someone replied “Use Aegis” (Android-only, for those who don’t know). I replied to that person with “it literally says ‘iOS’ in the subject line.’” They sheepishly admitted they hadn’t read the whole thing and deleted their comment. I wish I could say stuff like this is the exception, but anyone in the privacy community knows it’s not. The fastest way to derail a conversation is to ask an “A or B” question. For example, “Should I use ProtonMail or Tutanota?” Ask that in a large enough forum and watch how quickly it turns into an off-topic rant about how email isn’t secure anyways while the user sits there and thinks “so… stick with Yahoo?”
The point is that we as a community do a god-awful job of giving support. In my communities, we have a rule that we are not a tech-support community. That rule is a reminder that the best place to get help with a particular app or service – especially if it’s a complicated, detailed, or sensitive question – is directly from the service: GitHub, email, forum, or whatever the official support method is. Unfortunately, that’s not always a hard and fast rule. I’ve seen plenty of people ask a question and – when directed to the official community – say “yeah I asked there but nobody answered” or seen people ask the same question multiple times because (again) nobody answered when they asked earlier. I myself gave up on attempting to self-host a Lemmy instance for my community because I couldn’t find anyone able to help me – even after asking in the official Matrix room, searching the official subreddit, and even directly contacting people who had experience self-hosting Lemmy. The lucky newcomers will have a helpful, enthusiastic friend (maybe you reading this) to hold their hand, answer questions, and help explain different features, advantages, shortcomings, etc of privacy tech. But not everyone is in so lucky a position. I was one such person who came to the privacy community cold – I found my way on my own, but I was fortunate to consider myself reasonable tech-savy and able to figure it out, ask questions, and find my way. Many people who don’t consider themselves so adept may need help and find they have no one to turn to. The support we offer – whether in the form of official documentation, FAQs, or chat rooms/forums and the way we word those media – can make the difference between someone who gets help making the tech work for them and stays or someone who makes the tenth Reddit post this week about how privacy is no longer worth it and they’re going back to the sweet embrace of TikTok, Facebook, and YouTube.
In Defense of Developers (and the Community)
As with last week, I want to make it clear that I’m not trying to blame any one group or even “blame” at all, really. I’m trying to express that I believe the solution to the obstacles TPD’s Friend shared requires effort from both sides of equation. End users need to develop confidence, tech literacy, and patience if they’ve decided to start reclaiming their privacy. But we as a community can also do a lot more to make privacy easier for end users to get started and stick around. And of course, that doesn’t mean there aren’t people, projects, and organizations who aren’t trying. In the education department, I want to recognize that there are tons of amazing projects giving it their best shot to educate and onboard new users – Privacy Guides, EFF, Firewalls Don’t Stop Dragons, Privacy International, The Privacy Dad, Noami Brockwell, and a ton of standalone documentaries and shows. Change is slowly coming to the UI department, too. I specifically mentioned Thunderbird’s progress, but I’ve also personally seen a number of the apps I use (like AntennaPod and Gadgetbridge) make small positive improvements, and companies like Tutanota are always working on advancing their design. Mastodon’s recent jump to 4.2 brought a ton of new features for normies. Some creators are really trying their hardest and I don’t want to discredit those efforts. It’s also worth noting that some projects are a single person working in their free time to support a massively-popular project without enough funding, resources, or support themselves. Not everyone has the same resources as a project like Proton. (And of course, for the record, not everything should be designed for new users or be “idiot-proof.” While a degree of user-friendliness is always appreciated in self-hosting, for example, it’s a complicated endeavor and anyone who willingly takes up that mission should also expect to have to raise their tech competence to the appropriate skill level.) I hope that in the past couple weeks I’ve been able to call attention to areas of improvement for all of us – like I said, I’m included in at least a few of these categories myself. We can all improve, so let’s make sure we’re all working together and doing our best in our own categories.