The issue isn't collaborating with your users and involving them in the design process - do that! It's awesome and it'll generally help you make better products.
The problem comes when you want to harvest intelligence from your users WITHOUT cooperation. If you need to do that to be "productive" ala Google, then yes, you are going to be hampered by privacy. That's a tradeoff for users to make, and it's only a real tradeoff when we aren't dependent on the moods of Google or Facebook but instead can rely on the underlying technological basis.
And you can be very interoperable and maintain privacy - but your users will need to choose to enable that interopability. Facebook can "promote interopability" by linking my Instagram and Facebook, or forcing me to use Facebook on Oculus and that is interopability - but it's sort of by force and not in a way that is acting with my consent. On the other hand, my email I send with Protonmail is perfectly interoperable - I can email anyone and get email from anyone, import and export emails and use whatever client I want - as long as I choose to allow it to be by decrypting my emails.
> The Figma example that's given seems to completely undercut the "Productivity vs Privacy" argument. Figma didn't discover those use cases by spying on users, they did it by talking with users and working WITH them. You know, using that whole consent thing?
Figma is a great example of non-obvious productivity gains being _discovered_. I believe building a multiplayer experience like Figma would be considerably more difficult if you would need to also keep everything e2e, managing multiple keys, etc. In that sense I think there might be some tension with privacy-preservation. The primary reason I mentioned Figma, though, was the discovery part. I could've made that more clear.
> And you can be very interoperable and maintain privacy - but your users will need to choose to enable that interopability. Facebook can "promote interopability" by linking my Instagram and Facebook, or forcing me to use Facebook on Oculus and that is interopability - but it's sort of by force and not in a way that is acting with my consent. On the other hand, my email I send with Protonmail is perfectly interoperable - I can email anyone and get email from anyone, import and export emails and use whatever client I want - as long as I choose to allow it to be by decrypting my emails.
You can be interoperable, but I see many scenarios where it's not straight forward. For instance, you lose control over the preservation of privacy when your ProtonMail user forwards an email to his Gmail friend with an entire conversation in it, even though on a technical level you're completely interoperable.
This part had me scratching my head. Most established non-privacy-preserving products have been slowly killing interoperability because data lock-in provides a moat against users leaving and against potential competitors accessing valuable user data. There's no economic reason why privacy-preserving products should have worse interoperability than privacy-violating ones. Especially in product categories where interoperability does not imply sending PII to third parties.
Edit: Arguably, providing interoperability is easier for products that don't gather a lot of user data because there's less risk of an embarrassing leak of PII if the API is not properly secured.
I agree. I don't see a strong economic reason this would be the case. But there's a strong practical reason (which perhaps has economic consequences): loss of control. If you make it easy for your users to interface with other services which don't have the same privacy guarantees, you're increasing the risk of their privacy being violated. If you implement an interface that's so secure, that no leakage or abuse is possible, then you win. But if that's not possible, and you end up restricting things that would otherwise lead to cool, productivity features, then you've hit the trade-off I touch on in the essay.
Also, there is work on an interoperable standard for E2E-encrypted instant message: [MLS][3]. These are just two examples, but I wonder whether the gap between "standard" and privacy-preserving software is actually shrinking as demand for the latter rises.
[1]: https://protonmail.com/support/knowledge-base/does-protonmai...
I thought I would backup and restore my current device accounts to the android in the Chromebook but alas Google doesn't seem to be allowing the 'Data Transfer Tool' to be opened in the Chromebook (Although it installs).
My current plan is to restore the account in a LineageOS+MicroG+Magisk(to enable SafetyNet) setup. Although I have little hope of this setup being stable, bringing the conversation of Privacy vs Productivity.
Perhaps there is a need gap for backing up our current android device as VM image and running it via QEMU?
“Always” is a very absolute word. Isn’t it absurd that you (presumably, based on this conclusion) have to sell your privacy in order to be sufficiently productive (perhaps to stay gainfully employed) only so that your now-lost privacy can be used against you to sell you more stuff? Are there not political ways out of this quagmire? Or are we as technologists only supposed to apply our stereotypical tunnel-vision towards narrow problems like how to google more productively?
