Privacy Tools Are Not Worth the Hassle

11 Sep, 2023

I recently published an email discussion in which a friend posed challenges to the adoption of privacy-preserving tools and platforms. Blogger Vova stated: "So What if Google Sends me Targetted Ads?".

There is real value in exploring opposing viewpoints to digital privacy. I will begin this short series by 'steelmanning' one of the common complaints about privacy tools, which is that they are too difficult too set up and manage. But first I will review what it means to steelman an argument.

Steelmanning opposing viewpoints

When you try to formulate your opponent's view in the most robust way possible, you are steelmanning their argument. Unlike 'straw manning' an argument, which presents a weak and unfair version of your opponent's view, the steelman version shows generosity towards your opponent.

Why would we want to steelman someone's argument? Here are some reasons I can come up with:

You already know what you believe
The element of surprise might lead to both sides putting aside emotion and tribal loyalties
It shows you are confident in your own beliefs and that you are not defensive or afraid of an opposing view
In order to formulate a charitable version of the other side's argument, you need to understand it well
This can help you see problems in their arguments more lucidly; it's strategic
You may discover weaknesses in your own position and can adjust accordingly
It is a good way of testing whether you really believe in your own arguments, or are just along for the ride (tribalism)
You're modelling a healthier form of debate in a context where winning has become more valued than getting to the truth
We should always seek nuance, as this will help us argue more precisely
Examining multiple perspectives might get us closer to the truth of the matter

Wikipedia has a good overview of the different types of 'man' arguments. It also explains 'iron manning', which is closer to straw manning in that it is manipulative, not charitable.¹

Privacy tools are a hassle

Often privacy tools are complicated to set up and maintain. Here are some of the issues I have run into this year:

important LibreOffice files stored in pCloud folders inexplicably show '0 kB' and open as blank files
changing the document language in LibreOffice Writer is difficult
my CalyxOS custom ROM phone became unuseable for a time when the Aurora Store stopped working
my banking app worked on custom ROM phones until my bank changed the app's settings; now I cannot run the app or scan financial QR codes
searching Tutanota emails never seems worth the effort
Tutanota e-mail conversation threads still require management of all the individual back-and-forth responses
the Whoogle instance I have set up for my household now shows a Google notification on a loop
the Web App I installed for my Hotmail account repeats threads and introduces a clutter of unhelpful headers
I am currently locked out of my Standard Notes account, due to a syncing mishap while attempting to change a password

A technically savvy reader probably knows the solutions to most or all of these problems. I myself will eventually figure out how to solve some of these problems, with support from the often excellent help desk services and online documentation.

LibreOffice 0 kB files can be restored by simply moving them to another folder.² Changing the language in LibreOffice is complex, but it only has to be done once. Techlore has a video exploring the problem with front end applications reliant on Google, like Aurora Store. I do my banking on PC and carry cash. I organise Tutanota mails into folders. I need to update Whoogle.³ I'm back to using Thunderbird for Hotmail and am discovering I like it better after all. I am currently in conversation with Standard Notes and was at least able to extract a usable backup.

Arguments against the use of privacy tools

I present the above list of problems as evidence of the hassle of using privacy tools. From these experiences, we can extract the following steelman arguments against the adoption of privacy-preserving tools and platforms:

As an exercise in steelmanning, I want to encourage privacy fans to set aside the natural urge to formulate counter arguments and instead ask if these are the most charitable versions of the argument, or if there is a better way to put them.

1. Privacy tools are too complicated

Open source tools and privacy platforms are often the results of a labour of love and a belief in the importance of providing these tools. Now that I have worked with a large number of them, it seems almost a given that 1) installation might require a manual, 2) updates won't happen automatically (think of AppImages, for example), 3) there will be bugs, and fixing them requires going to forums, getting help on Reddit, reading the manual, or even reinstalling everything.

2. Privacy tools cause unnecessary stress

I enjoy spending time learning and figuring things out, so I often don't mind tinkering and fixing when something goes wrong with one of the tools I use. However, we don't always have time to read manuals or make backups and updates. When Whoogle stopped working last month, I told my kids to use another search engine for now. Fixing the problem is on my to-do list.

3. End-to-end encryption asks too much from the user

This evening I am writing this blog whilst locked out of all of my notes on Standard Notes. I understand my responsibility in carefully storing passwords with end-to-end encrypted software, and I know the company cannot retrieve them. That is the strength of the system, privacy-wise. I keep diligent records in a password tool. And yet, something went wrong. The moment I first realised this had happened, I felt a disquieting despair at the thought of losing years' worth of notes in just one moment.

4. Privacy tools hinder workflow

If someone without a background in IT has to keep PDF documents and notes in order to manage an app, then it is a barrier to a good workflow.

5. People are not good at performing scheduled tasks

I have set reminders in various places, but currently my Monero node needs updating, mining has stopped. My Nextcloud seems to magically take care of itself for now. I have pages of long strings of terminal commands beginning with sudo to help me remember how to update devices, backup data, start a miner, pause an app so I can update it, find a docker ID number, etc., but I've fallen behind. I know about automated tasks, but am not quite there yet.

6. Many privacy tools are unreliable by nature, because they try to circumnavigate corporations and governments

When the Aurora Store stopped working on my CalyxOS phone, it was a problem that lasted for months. The experience made me realise you have to watch out for weaknesses in the chain of any privacy tool. A phone without a store with access to mainstream apps is unusable for anyone but the most die-hard privacy advocate. Monero is a fantastic crypto currency, but governments are currently working on making it illegal transact with it. Microsoft is the parent company to GitHub. Developers can stop working on projects.

7. Recommending a privacy tool can backfire

A negative experience can turn someone off of the idea of digital tools and privacy. I persuaded a friend to switch to Tutanota. They used it for half a year, then switched back to something more mainstream. The little hurdles got in the way for this person, who has no interest in tinkering and just wants a tool that works smoothly. They had to deal with the extra hassle of informing friends of a changed email address twice, rather than once, and are not likely to follow my advice again.

Reflections

I am sure there are more arguments out there. I wonder how easy or difficult is was for readers (if you made it all the way to the end!) to resist the urge to think "Yeah, but...!" Needless to say, there are many excellent counter arguments, which is what The Privacy Dad blog is all about.

The lack of user-friendliness and the disruption to workflow are major problems. For mass adoption, privacy tools need to be as good or even better than the mainstream competition. Most people are not interested in how their bike works; they just want to ride it and know where to get it repaired. The same is true for software. I happen to have developed an interest, and have turned tinkering and note-taking into a hobby (let's hope I can retrieve those notes...), but I am the odd one out amongst my circles. The tools should bring people to greater privacy. As long as that model is reversed, and belief in digital privacy is a requirement to seeking out the right tools, adoption will be slow and only for a niche audience.

The good news is that I have seen tools appear that do work as well or better than their data hoarding competitors. Most of my friends now use Signal daily without even thinking about its privacy goal. My family uses Bitwarden to store passwords. My Nextcloud server continues to run and update itself, for now.

Updates

The above article was plugged by Henry from Techlore on the Techlore forum and sections of the text were read out and discussed on the podcast Firewalls Don't Stop Dragons, starting around 45 minutes in.

Documentation

Wikipedia 'steelman'

Techlore video about Aurora Store and Google Play store dependency

From Gmail to Tutanota

-----Discuss on Reddit-----

Subscribe to my blog via email or RSS feed.

Find me on Mastodon and Twitter.

Back to Blog

Some arguments are worth steelmanning more than others, but even examining hoaxes or conspiracies with the steelman method can be interesting.↩
I discovered this by accident; I don't see any logic to it.↩
This was indeed all that need to happen to fix the issue, though I do always need to take out my notes to remember how to update a docker app remotely.↩

#arguments #digitalprivacy #privacytools #steelman