There is a pattern I see consistently in this forum and other privacy-focused spaces: black and white thinking. People will often ask whether a specific software or tool is “private” or “secure” as if the answer must be yes/no. This isn’t to say there’s no nuance to be found. Threat models are discussed often and the more nuanced and knowledgeable replies will often ask the OP what their threat model is. That being said, there’s still a lot that could be done to try and minimize black and white discussions about privacy and security.
I would like to suggest some more nuanced vocabulary that could be used to help facilitate these more nuanced discussions. I propose dropping the terms “private” and “secure” when being used to describe software and other tools. Saying “X is private” or “X is secure,” are fairly meaningless statements without a point of reference. So what could be used instead?
One option is to use “more private” and “more secure” instead. For instance, instead of saying “ProtonMail is private”, say “ProtonMail is more private than Gmail”. While the latter statement could still be argued with, it sets a clear bar for how private you’re claiming ProtonMail to be rather than the amorphous claim of “ProtonMail is private. Full stop.” It also acknowledges that there is always room for improvement. ProtonMail may be more private than Gmail today, but that could change not only if ProtonMail’s privacy were to get worse, but if Gmail’s privacy were to get better. It also acknowledges the possibility of a more private option being out there.
Another option would be using more descriptive language like “privacy-friendly” or “privacy-focused”. These are slightly more descriptive than “private” and also have lower bars of proof. As an example, people may argue about whether or not DuckDuckGo (the search engine) is “private,” but it is pretty clearly “privacy-focused”. The product actively advertises itself as being private. You can then debate about whether or not DDG is “privacy-friendly”. This would seem to be a better term to use than “private” since “private” could be seen as describing a unreasonably high bar that no centralized search engine could reasonably reach.
An alternative to “privacy-friendly” would perhaps be “reasonably private”. This has the benefit of working well with other adjectives such as “reasonably secure” (which is how Qubes describes their project, by the way) or “reasonably anonymous”. Discussions about whether Linux is “secure” for instance, would probably be a lot better posed as “reasonably secure”. While standards for “reasonable” can of course differ, saying “reasonably private/secure” instead of just “private/secure” already indicates that there is some subjectivity involved that can differ based on threat model.
This would additionally circumvent the constant clarification of threat models. While knowing someone’s threat model is of course important for giving them accurate advice, most people asking if a tool is “private/secure” really just want to know if the tool in question is reasonably secure as compared to other options. Adding “reasonably” clarifies a lot of the ambiguity regarding the threat model and allows those with more extreme threat models to clarify that they want something that is beyond “reasonable”.
This has been quite a ramble, but I hope it sparks some useful discussion. What do you all think? Could changing the vocabulary we use lead to more productive conversations about privacy and security? If so, are the suggestions I made helpful or do you think other terms would be more helpful?