Privacy Without Compromise: How Can One Have It All?

Choose one person in the street and ask: “What do you think is the best way to have a totally private conversation with a person you are about to meet?” I bet the response would be something like this: go to a very quiet place far from your city. Make sure there are no people around, close the doors and widows, set a perimeter alarm and speak quietly.

Of course someone would prefer not to take all of these complex steps. This example was indeed privacy with compromise, and is quite the opposite of the philosophy that modern privacy solutions should try to achieve. That’s why we’ve built Blackphone 2: to deliver privacy without compromising the user experience.

So what is key to be able to protect privacy without having to give a lot in exchange? How can one have it all? Two things are crucial to enable this paradigm: simplicity and choice.

Let’s start first with simplicity: The simpler an operation is, the less costly it will be for users in terms of time and learning efforts – and given how busy modern life keeps us all, that time is critical. Unfortunately, simplicity is not always the case when it comes to configuring privacy solutions.

For example, encrypting smartphone memory with a password to avoid it being read by external agents is something that normally requires users to find that specific option in device’s menus, and then go through a 45-minute or so process until it is completed. And of course, all of this assumes that the user is even aware of the option to encrypt the device’s storage – something not everyone knows about. So what if the disk was encrypted prior to being shipped, and users just needed to set a screenlock pin that would automatically become their decryption pin as well during setup? This is how Blackphone 2 full disk encryption works. The step takes 5 seconds and is completely transparent, which gives users encrypted storage by default, without needing to take any extra action. (Blackphone 2 also includes the option to set different decryption and screenlock pins/passwords if a user wants to do so.)

A lack of simplicity ends with users giving up and leaving their data unprotected. The privacy solutions of this new era must try to be close to invisible, taking care of users in the background without requiring extra effort or a difficult learning curve.

An equally important feature is choice: simply preventing users from accessing certain features is a difficult and clumsy way to provide protection. Modern privacy solutions must be designed in a way that gives control and confidence back to the user, so that the user can make an informed decision about what to do or not do. This is why Blackphone 2 ships with Google applications and services, including Google Play market.

It is understood that not all the applications in the market could be as respectful as desired with users’ data and privacy. Despite the risks, even company CEOs sometimes want to download and play a game on their smartphones; the answer to the problem is not to prevent them from playing games, but to give them a way to play those games with the peace of mind that their data is safe. In order to enable this choice, the powerful Silent OS Secure Spaces functionality divides the phone into different virtual containers, where data from one space is isolated from the others. This way, users can have their own isolated “Gaming” space that will never have access to the sensitive data residing in its “Work” space, to provide just one example.

Similarly, Blackphone’s built-in Security Center gives users fine-grain control over app permissions; they can install a new game or social media app, but deny it access to photos or contacts, or prevent it from sending text messages. Security Center provides a simple way to take back control over your data: use the apps and services you want, but decide how and when to share your data. Blackphone 2 is possibly the only smartphone that gives you this level of control over how and when you share your data, while maintaining the functionality you've come to expect from a high-end device.

Simplicity and choice; no complexity and no closed doors. That’s privacy without compromise – and privacy that works.

- David Puron, VP of Engineering

See more of the ongoing discussion about the value of privacy on The Guardian.