What are we thinking? Abine PrivacySuite product strategy

We are innovating in online privacy tools and services. Some of the things Abine added to the 3.0 major upgrade of TACO has prompted many people to ask “What are you thinking adding all this stuff to a small utility that previously had no UI?”. This is an attempt to answer that questions by explaining our product vision for the Abine Privacy Suite and its subset, TACO 3.0.

We think the time has come to unify many online privacy tools into a single integrated utility, with a consistent set of preferences, defaults and user interface. While many security and privacy experts have been successful in self-assembling solutions from small, narrow-focused utilities (such as TACO), our belief is that this approach is not scalable. It is not scalable in time for the sophisticated user as new privacy threats emerge and more and more work is requred to get new add-ons, updated existing ones and manage inevitable conflicts and version churn in both tools and websites. And it is not scalable in number of users, because the more hurried and the less sophisticated are unwilling or unable to deal with complexity, maintenance and lack of commercial support.

The result of this absence of scalability is that first, a smaller percentage of web users are protecting their privacy online in any pro-active way than would like, and second, the protections they are taking are incomplete. Advertising and user-monetization companies often make the self-serving argument that the relatively small fraction of users who use privacy tools is proof that “people don’t care about online privacy”. This is disproven by counting more carefully (see here and here) and by considering that a normal person today is being asked to go to extraordinary lengths to take any action at all. Asking him to learn about the threats, pick through dozens of hobbyist projects, assess which ones are trustworthy and still being maintained, install some combination of said add-ons, configure them and mange ongoing updates and configuration to keep up with the ongoing innovations by the privacy-piercing industry is just too much. Taking the refusal to take these cumbersome steps regularly as evidence of not caring about privacy is a bit like saying most people don’t care about protecting their home against burglars after first requiring that said protection consist of bolting down everything of value, with drywall screws, every Saturday morning.

The second consequence of the difficult and disjoint nature of today’s tools is that even those people taking some action are often doing far less than necessary. So, for example, someone may be flushing regular cookies, but not doing anything about Flash cookies, and thus being tracked just as thoroughly as before. Or they might be doing the opposite; or doing both of those but allowing javascript trackers. If somehow they figure out the right combination of browser settings and narrow-function add-ons to deal with cookies and trackers, they will still have the problem of browser finger-printing providing a near-unique identifier for their online activity. After solving that problem they still have to learn about purging their search engine history, using distinct usernames and email addresses between sites, keeping their Facebook preferences in sync with the ever-changing privacy policy, and so on, for an exhausting list of thankless IT tasks requiring both technical knowledge and ongoing discipline. The natural response of the average person is to throw up their hands and give up, which is exactly what the privacy-breaching industry has been counting on.

Abine’s plan is to build a scalable solution for consumer online privacy. Part of this plan is a Privacy Suite plug-in that (i) unifies the needed functions (ii) has robust customer support and (iii) delivers regular updates to stay abreast of new privacy issues. The software requires user interaction to make choices about privacy policies and where privacy protections may conflict with site functionality (such as cookies). We believe that millions of users care about their online privacy and will take action to protect it if given a realistic opportunity to do so. We think that succeeding at this requires an ongoing commercial-scale effort, with numerous full-time engineers and customer support representatives. This, in turn, requires that the company become a successful business without contradicting its core mission, by charging for some of its offerings (Traditional “monetization” sources, such as displaying ads or selling user data, are completely off the table). While we are not ready to explain all of the components of the business plan, there are several broad points worth making. First, previously free add-on functions, such as add-ons acquired from their authors, will continue to be free. Second, Abine will provide paid privacy-enhancing services (such as proxies); these have associated infrastructure costs, and are impossible to provide at high quality for free. Third, there are other privacy products and services, outside the Privacy Suite that will also give Abine the opportunity to make a fair profit for protecting our customers’ privacy.

To sum up, our product vision for the Privacy Suite is quite simple — we believe that the time has come for most users to move from a menagerie of privacy add-ons authored by individuals to an integrated suite backed by the resources of a commercial company. This vision may not be for everyone, but we feel it is the only way to make online privacy protection scalable — both complete and useful for the masses.

You can leave a response, or trackback from your own site.