What different apps, platforms, and devices do you use to communicate with others? Have you ever thought about them from the privacy and security angle? Not all forms of communication are the same when it comes to privacy and security.
Definition
Secure communications are communications (text, voice, video, and email) over platforms that do not have the capability to know what you are communicating (zero-knowledge) and protect your privacy. It is more than just end-to-end encryption; there are no ads, no trackers, or logs kept on your activity. The service provider doesn’t know or care who you actually are and are not trying to monetize your data.
Considerations
When looking at a communications method, it is worth looking at a few different aspects of the service.
- Business model – How does the company make money? Is it a non-profit? Do they offer basic services for free and advanced services for a subscription? Are they selling your data? Do they advertise? Ideally you would use a service that is not profiting from your data.
- Zero knowledge – Is the service zero knowledge (meaning that they can’t access your data)? Can employees at the company read your messages if they wanted? Or is there even anything to turn over to law enforcement if required?
- Open source – Is the source code peer reviewed or are they practicing security through obscurity? There are some great products out there that are not open source. If they are not open source, they run the risk of sharing some of your data (even just meta data), connecting to third party scripts, or having a back door for law enforcement or their own purposes.
- User base – Ideally, you would pick a platform that has a decent amount of users. The network effect is real. If the perfect platform exists, but no one uses it, then it doesn’t do you much good.
- Usability – You want to use and recommend a platform that works well and is easy to use. Solid privacy and security is great, but if it is a hassle to use, you will have a hard time getting friends and family to switch over to it.
Main providers
Other options
These companies are not open source and not all are zero knowledge. Any employee could technically access your communications. They do not make their code accessible to auditors and third parties so it can have bugs, backdoors, or connect to third party servers or resources. You really can’t know.
Telegram – While they have a large user base and do well on the usability scale, they are not open source.
Less secure, non-privacy friendly communications
- Messenger
- Line
- Viber
- Google Meet
- Zoom
- Skype
- iMessage
- Text/normal phone calls
What should you do?
Ideally, you would only use secure methods of communication with all of your contacts.
However, the reality is that it can be a lot of work to get people to switch the way they communicate. Realistically, you could move your most important and frequent interactions onto secure platforms and pick your battles with everyone else.
Encourage others to use secure communication. Not everyone knows better. Be an advocate or nudge people in the right direction.
Where do you start?
Start small. Download Signal or one of the other apps and try it out. Get someone you communicate with frequently to do it too. Try converting others one at a time.
Open an email account with Protonmail or Tutenota. Start migrating away from Gmail or whatever you use.
Keep in mind it’s a marathon, not a sprint. Sustainability should be kept in mind. And every change you make, no matter how small, is a step in the right direction.