My gripe with no end-to-end Encryption in productivity apps
One of my biggest issues with many new productivity tools in the cloud is actually my data privacy when using them. While I would love to play around with fancy new tools like Craft or Roam, I will not put any real work related information in these tools.
Issues in existing apps
There is quite some misinformation around how encryption works and which tools are “secure”. Many tools claim that they are secure because they encrypt information on transfer or at rest.
For example, while the Things Cloud website says “With Things Cloud, all your network traffic is securely encrypted using the latest SSL technology, ensuring that everything you do is for your eyes only”, the privacy and encryption policy loosens this statement by specifying that it is encypted while transfer and at rest. It further promises that all employees with access to the data would sign a non-disclosure agreement, and so on. That is great, but not really my definition of “my eyes only”.
“On transfer” means that it uses SSL, so the connection cannot be intercepted. “At rest” means that it is encrypted on the harddrive (i.e., the provider cannot read it), but the developer still has access to the information. Even if you trust them to not read it, it greatly increases risk for leakage in case of bugs or hacks.
Most tools give strong promises on data ownership and their values in keeping your privacy. Yet, there is no option to actually keep it secure (i.e., fully end-to-end encrypted), often even citing technical reasons like an easier implementation of search capabilities as a reason for not implementing them.
Some applications have an offline mode if you have some sensitive data, but then you cannot have them sync it to other devices. Note that most apps which sync information through Dropbox, Google Drive or iCloud have the same problems, as those cloud providers only encrypt on transfer and at rest, but not end-to-end.
Why is encryption important?
Well, first of all, I do not want people access to my data.
But it does not stop there. There might also be legal considerations. If I put work-related data like student information or confidential research results (e.g., tied to a patent, grant, or similar) into a note-taking app, I might risk getting into some severe trouble if this information gets leaked.
As such, it is not necessarily that I would not trust the developers whose software I am using. It is more that bugs, server mishaps, leakage, or hacking are omnipresent. They happen like once a week for even the biggest companies. So, I do not want my work related information to be out in the public if the server gets hacked; even if I fully trust the developers to not touch my data.
What’s the right way?
So, one way would be to never put stuff in the cloud again. But I think we are past that point in terms of daily work convenience.
I pick my apps by looking at whether they provide a real end-to-end encryption. A good way to understand whether an app provides real end-to-end encryption, is to look whether they let you choose your own encryption key.
If so, they encrypt the data on your device before it is uploaded to the cloud. There, it cannot be read by anybody, including developers and related staff. It could be made publicly available for download and people would only see garbage, unless they have your encryption key. If it gets synced to your other devices, you can provide your encryption key and then it is available to you, and only you, again.
Note, that if you ever lose your encrpytion key, that all your data is permanently lost because nobody can help you unencrypt the data at that point (including the developer.) Well, this is really a security feature more than a drawback (don’t lose the key.)
Which apps do it well?
This is by no means a comprehensive list, but just a couple of examples of applications which have end-to-end encryption with an encryption key I set myself which I am currently using:
- Tasks: OmniFocus
- Note taking: Obsidian (with Obsidian Sync)
- Archival: DevonThink
- Journaling: Day One
- Password management: 1Password
- Backups: Arq or Duplicacy
How about other apps?
Well, I try to limit using apps which do not provide end-to-end encryption, but that’s not really realistic. Features like iCloud are too convenient. But, I put some thought into which information can go into “less secure” apps, and which information I would rather keep private.
If it is less confidential information which I would not mind (too much) if it might get leaked, I might gladly trade-off my privacy concerns for some convenience and use iCloud to sync between my Mac and iPad. If, however, the data is tied to student information or similar, I only sync it through apps which are end-to-end encrypted, if only to keep a bit of peace of mind.