Big Hairy Audacious Goal: Privacy Software

Sebastian Kügler sebas at kde.org
Fri Aug 18 17:14:22 BST 2017 

Hi all,

I spent some time thinking and working on a proposal for the big hairy
audacious goal (1), the goal that the KDE community sets for itself to
strive for in the next five years. (Context: re-read the thread started
by Kevin with the subject "Proposal: Have the Community Set Ambitious
Goals for Itself".

[1] https://en.wikipedia.org/wiki/Big_Hairy_Audacious_Goal 

I'll try to keep this email short, but I guess I won't be able to,
given scope, importance, complexity and the general mess in my head
regarding this topic.

What I wanted to do...

I wanted to write a goal that is snappy to read, easy to understand,
engaging, worthwhile and measurable. What I came up with so far is:

"In 5 years, KDE software enables and promotes privacy"

Problem with this is: Arguable, this is already the case today, so it
sucks as a goal since it allows us to do or change nothing, it's not
measurable, and I haven't figured it out how to make it measurable.
It's simply too vague.

Alright, so I sat down and tried to make it more concrete, by adding
lots of bullet points and thoughts, but I don't think it's much better.
I'll post them here:

KDE software protects and enables users privacy by:

- During normal usage it doesn't leak information to other users or
  online services when this is not expected to happen
    - Examples: Typing into KRunner or using the desktop search will
      not produce artifacts online, but downloading new wallpapers from
      the Store may lead to the user leaving traces, this is expectable
      and reasonable
- KDE Tools provide sound and state-of-the-art methods for using
  private communication, such as encrypted communication with other
  services. Examples: 
    - Communication and data exchange with online services uses SSL
      encryption (or similar)
    - KMail offers well-integrated GPG encryption and makes it easy and
      straight-forward to use encryption to talk to mail servers, it
      works well with a number of privacy-respecting email service
      providers
- KDE software covers most use-cases to allow the user to privately
  communicate and store his per personal information on services that
  are known to protect the user's privacy
    - top notch support for self-hosted email, file storage, cloud
      storage, collaborative editing, file sharing

Measuring (this is *really* lacking):
- what the press writes about us
- what our users think (online fora, polls, e.g.)
- own website promotes privacy (is this central to our communication?)

Tools (can be made more concrete once the above points are fleshed out):
- strategy promotes privacy down into details, see the above
- collaboration with EFF, other organisations (Whonix, Tor, ...?)


So, I could use some help with this, in the form of how this can be
structured, in what form it will be useful, more ambitious, and very
importantly measurable: I want us to be able to sit down in two years
and check: Are we on track? Do we need to change our approach? Do we
need to work harder? And of course: Did we achieve our goal?

Your thoughts and input?
-- 
sebas

    http://vizZzion.org   ⦿    http://www.kde.org

More information about the kde-community mailing list