Thinking about some basic privacy/offline principles for computer development

  1. If something can be done entirely locally on the user’s own device…it should be built that way!
  2. If something needs outside information, but it can be collected passively (ex. GPS location), it should be built so that it can.
  3. If something needs to interact with another system to do what it’s supposed to do, it should only connect with those that it needs to.
  4. Corollary to that: trusted peer-to-peer is usually preferable to over client-server-client. A trusted server may be better than untrusted peer-to-peer.
  5. If something needs to interact with another system to do what it’s supposed to do, it should only send information that’s needed.
  6. Any system should only keep the data needed to do its job, and possibly for troubleshooting.

Some examples:

Firefox’s local get-the-gist-of-a-webpage translation vs. Google’s send-the-text-to-Google-Translate.

OSMAnd can download a regional map ahead of time and do all the navigation routing on the device without a network connection. (You can’t get live traffic that way, though – that’s something that does require a network connection.)

eBook readers usually have no problem letting you read a book offline once you’ve downloaded it. The same should be true of text files, PDFs, email, locally stored music and video, RSS articles, etc.

Anything that is available over a LAN should be reachable even if there’s no remote connection to the internet.

Speech recognition should be done entirely locally.

I should be able to sync my laptop or tablet or phone, then pop onto a boat or a plane or into a diving bell or onto an underground train or go out into the middle of nowhere for a weeklong camping trip, or just turn off the network…and as long as the device still has power, I should still be able to read old emails, write new ones (and queue them up to go out when I get back to a connection), read a book, use the map, read articles I’ve saved up to read, take photos, review photos, delete the ones that didn’t come out well, crop or adjust the ones that need something extra, play a multiplayer game with my kid on two devices in the same room, write a draft of something…

The old always-offline and the new always-online are not the only design models available, and they’re certainly not the only situations people find themselves in. Just imagine tethering your laptop to your phone in an area with spotty connection. There are places and devices where I can barely get the Nextcloud login screen to render. And that’s my own server.

The idea that everything is going to have a constant internet connection makes surveillance tech even worse, because

  1. It’s easy to offload processing to your server even when the phones can handle it.
  2. It’s easy to build in things like update checks and news.
  3. Once you’re already doing that, why not pass a little more info for analytics or targeting.
  4. If they’re always online, you don’t need to wait for them to open it up, you can pop up a notification to grab their attention.
  5. If they’re always online, you can collect data more simply. You don’t need to wait for a connection, you don’t need to queue up multiple batches of telemetry, you can just send it.

TL;DR:

Run locally, sync remotely.
Only sync what the user needs you to.