This document is decentralized via IPFS and end-to-end encrypted.
By Konstantine Buhler for Sequoia Capital
From decentralized finance and NFTs to DuckDuckGo and Signal Messenger, the last 18 months have exposed exploding consumer demand for greater autonomy and privacy in the way they search, collaborate, and conduct business.
Big tech platforms and unproven challengers have pivoted to incorporate privacy-respecting features or build more decentralized web3 products. In the April 2021 iOS 14.5 update, iPhone users were given the option whether or not to be tracked across apps. A staggering 96% chose not to be tracked, indicating that when given the choice, users choose privacy.
In January 2021, tens of millions of users flocked to encrypted messaging platforms Signal and Telegram. The migration was driven at least in part by anxiety about WhatsApp’s privacy policy: a notification reminding users that it shares data with its parent company, Facebook, drove more than 25 million users to Telegram in just three days. Simultaneously, DuckDuckGo - which began with a post on Hacker News - has continued to grow, now exceeding over 100 million queries daily on average, while its advertising business and mobile offerings expand dramatically.
These impressive statistics point to a sea change in consumer demand for increasing privacy and ownership over their own data. Yet, this craving for privacy isn’t new. Early in the internet revolution, consumers took free products at face value, not yet realizing that “if you're not paying for the product, you are the product.” Private applications appealed to fringe users, while non-private, ad-supported internet applications proliferated, becoming cash machines for their makers. Monetizing personal data became the default business model. The default effect is powerful. So much so that the majority of Americans have resigned to the default and believe that the tracking and collection of their data is inevitable.
Good news though: The times are changing.
Why now?
The movement of all communications—including private communication—online during the COVID-19 pandemic helped open the public's eyes to digital privacy. Consumers started to demand more out of the companies they would share their data with.
Increasing consumer interest in cryptocurrencies, DeFi, and NFTs is also driving wider consumer adoption of cryptography and education about private practices (a crypto wallet functions like other end-to-end encrypted products). The word crypto itself comes from the Greek kryptós, which means “secret.”
Simultaneously, innovative newcomers have entered the scene and made privacy-first apps more attractive, leveraging existing UX patterns to create familiar experiences. We’ve partnered with a couple of them recently: private search engine Neeva and web3 collaboration platform Skiff. As the newcomers gain traction with part of the population, they exert market pressure on the incumbents to start at least gesturing towards privacy.
Increased supply of user-friendly private tech and increased demand for privacy have converged, creating a moment of unprecedented opportunity for founders with a vision for privacy-first online experiences.
Who’s poised to win?
While incumbents will try to fast-follow to meet the demand, they’re at a disadvantage compared to new startups. Here’s why:
- Business model: Many incumbents are dependent on privacy-exploitive, ad-dependent business models. New technologies enable companies to place greater control of data in the hands of users while delivering great user experiences. With subscriptions, rather than ad sales, these new companies align incentives with the user.
- Distrust: Big tech companies have lost consumer trust on privacy: The majority of Americans, in every demographic group, believe that their data is less secure today than it was five years ago. In January 2021, Facebook’s breach of over half a billion users’ personal data (which then landed on a cybercrime forum) was treated as commonplace. That means there’s room for new companies to earn the trust that incumbents have lost.
- Inertia: Just as it’s hard to get consumers to shift their behavior, it’s perhaps even harder for incumbents to migrate to privacy-first technology. Case in point: Facebook has said that adding end-to-end encryption to Messenger would require rebuilding the product from the ground up, which will take years.
Visualizing privacy-first products and the levels of consumer privacy they enable in the chart below, it’s easy to see that new entrants are pushing the boundaries more than incumbents.
Building a private internet
In the physical world, privacy products might mean one-way glass, taller hedges, and thicker curtains. Online, the definitions are less clear. “Privacy-first” engineering, design, policy, and marketing reflect different commitments, priorities, and constraints:
- Engineering: Privacy-first products may be end-to-end encrypted (meaning the service provider is unable, in any circumstance, to access certain customer data), decentralized (where data, trust, or identity may be split across people or users around the world), and are generally built with greater transparency (open-sourcing) or community involvement.
- Design: Products may choose different design patterns when focusing on privacy, reinforcing transparency, agency, and platform security. Other platforms (such as Signal) have incorporated privacy more discreetly into the design, leveraging familiarity to ease adoption.
- Policymaking: Privacy-first products have slimmer privacy policies with significantly fewer avenues for providers to collect, share, and monetize user data. For example, compare Signal’s privacy policy with Facebook’s, which includes sections such as “device information” on personal data used for advertising.
- Brand marketing: Privacy-first companies can capture consumer interest by playing to existing dissatisfaction and mistrust (see Signal’s subversive take on Instagram ads) or by highlighting how expectations online differ from those offline (such as Apple’s satirical campaigns around app-tracking and transparency).
Successful products will blend all four of these elements together to meet the new tide of demand for secure, private online experiences.
As more of our work and lives shift online, digital privacy will be increasingly vital. Privacy isn’t a fad. This is an important cultural shift that will drive innovation—and we’ve only scratched the surface.
Where do you see the biggest opportunities on the privacy spectrum? What kinds of privacy-first products or decentralized do you want to see in the world that don’t exist yet? Let Konstantine Buhler know at web3@sequoiacap.com.
Methodology for segmenting the privacy landscape
Private Applications
On the supply side, we’ve identified five levels of secure and private applications, segmented by their sophistication and practices. A0 are the most vulnerable applications, A4 the most secure.
- A0: Provider-centric products. These products give the provider a high degree of access to user data. User data is stored in plaintext with no encryption (as in the Equifax hack) making the risk of data breaches and government accessibility high. These products share user data, content, and metadata with third-parties and governments or use for targeted advertising.
- A1: Enhanced privacy. Better practices are followed for encrypting data in transit and at rest, but the provider has the keys to decrypt and provide to third parties or use for targeted advertising.
- A2: Protecting sensitive content. These platforms limit the sharing and collection of certain sensitive customer data. For example, while messages in WhatsApp are end-to-end encrypted—and accessible only by senders and intended recipients—other account data (such as who a user interacts with) may be used for marketing purposes. In P2, the provider maintains access to some user data, but much of it is end-to-end encrypted.
- A3: Fully private. At this level, the unit economics of products change. As users’ data is no longer collected by the provider, or shared or sold to third parties, users may be asked to pay for products. For example, Neeva’s ad-free, private search engine requires a monthly subscription. In P3 the provider maintains no access to user data.
- A4: Future Applications. Here centralized providers cease to exist. There are several decentralized projects that are aiming to decouple user data from the application entirely. In such scenarios, you would store all of your data locally and only interchange data when an application needs it and has your explicit permission. In these cases providers collect no user data so there's no risk of breach or unwanted use of data. For example, Skiff just announced a partnership with Protocol Labs to enable fully decentralized, end-to-end encrypted collaboration on the Interplanetary File System.
Private consumers
A similar segmentation can be made for the demand side. In this analysis, we include some security practices, as user security is the lowest hanging fruit for consumer privacy. (Using an end-to-end-encrypted application isn’t helpful if the password is easily guessed, like “1234.”)
The security and privacy practices of internet users can be broadly plotted on a scale from C0 to C3, according to their level of vigilance. C0 are the most vulnerable consumers, C3 the most secure.
- C0: Vulnerable. These consumers use any application they find on the web, reuse weak passwords and lack awareness of privacy threats. These are the consumers most vulnerable to being taken advantage of by websites and hackers. But at least their ads are well targeted.
- C1: Informed. These consumers are aware of privacy threats and protect their accounts with hard passwords and/or a password manager (like Dashlane), but they still liberally share personal data by using A0 or A1 applications.
- C2: Secured. These consumers protect themselves from several cyber attacks by using multifactor authentication and in some cases hardware tokens. They take control of their privacy rights and know how to navigate the privacy and security settings on mainstream applications. They are aware of their privacy rights (GDPR, CCPA, etc) and may even submit data subject requests and data deletion requests to large providers.
- C3: Advanced. In addition to hard passwords and multi-factor authentication, these users protect their data from cross-site ad tracking by using P2 and P3 privacy-oriented applications across the web, from browser to social media. They opt into end-to-end encryption whenever it is available, use high-privacy products like Neeva, Signal, and Skiff, and avoid applications that violate their trust.