Privacy in Friend Group Messaging Services

I run a matrix server for communication with my friends. We moved from a slack workspace that we had all been on since about 2016 in March 2021. We switched our chat service because we were constantly disappointed by slack’s changes to their UX to be more workplace friendly. We weren’t their core customer and we felt it. We were also were not fans of their well-known access to all communication data in a workspace, both “public” and “private”. We have had some heart-felt and vulnerable conversations on the platform and continuing to do that on that platform felt very troubling.

When setting up the new service, we also bridged many rooms to a discord server for ease of use, and for covering some gaps in functionality in the client applications (iOS support in element being a big one). I intentionally limited which rooms I would setup bridges to because of privacy concerns which caused some discussion about what stance we should take. Some users wanted more of the rooms to be bridged so they could access them on discord. Others, including myself, where hesitant to bridge all our communication topics. The question came down to, “how much ease of use are we willing to sacrifice for some level of privacy?”

When putting this together, Priority 1 was to allow our friends to stay in touch. Anything else I do as far as administration of the platform must yield to that first goal. My other goals are to make it private, secure, safe, flexible, fun, etc. My particular hesitation on bridging and generally involving Discord or Salesforce (slack) for personal communications is largely ideological.

What needs to be understood is that talking / engaging on a commercial social media platform is not like talking face-to-face in a public place. It’s significantly less private. Talking face-to-face in a public park has certain amounts of social expectations of privacy. These factors include physical distance from other people, usually not expecting eaves-droppers to be recording the conversation, distant observers not having a complete account of the interaction, any records that do happen to be made by third parties to a conversation are largely of no interest to the third-party, and any attempts to gain more information from a public conversation is expensive and requires focused dedicated effort by the observer to record the person/people of interest.

Conversations on commercial social media platforms is like recording a podcast or live streaming an interview and immediately publishing it. Less charitably, it’s like being recorded and video taped by a spook. In either case the transcripts are are attached to your permanent record, and stored in a warehouse in perpetuity for future sale. A copy is immediately given to an army of data brokers who feed them to sentiment analysis, ad performance metrics, government watch groups, insurance and bank risk models, and AI data scientists. Many people say “oh, but I’m not doing anything illegal, I have nothing to worry about”, or “There’s no reason for anyone to care about what I talk about”. What most people don’t get with this data brokering is that no one in this chain of hand-offs needs to know or care who you are. If anyone ever does, like when you apply for life insurance or a mortgage, they already have everything needed to reconstruct a risk profile for you. They don’t need to care who you are or if you are currently doing anything illegal or unsavory because nothing is ever deleted and computers are fast enough to find everything they have on you if you ever are a person of interest.

Does that mean we should just be privacy nihilists and give up on keeping our private lives and actions from being the subject of constant surveillance? I don’t think so. In the US, there are still places and methods that we can reasonably trust are not compromised into serving a profit-motive and/or police-state. We should seek out those areas, use, improve, and advocate for them so that we don’t lose that freedom entirely.

In the end, I did extend the number of bridged rooms, excluding only the rooms setup for the most vulnerable conversations. I’m grateful to be able to make these choices intentionally. I’m also grateful to my friends for being understanding and willing to discuss trade-offs even if technology or privacy isn’t their primary interest.