Trust Modelling: Trust Supports Adoption and Informs Standards For Future Privacy Tool Development.

We asked the Digital Security Trainers what makes them trust a privacy tool. We left the word trust open to interpretation so that we could lean more about what people matched to the word trust too.

Community Consensus

The tools I recommend I check in with the network of trainers that I’ve been part of for several years.

I have a list, but I’ll check in with people with more experience. Is this relevant still? What are you teaching for password management these days?

People mentioned that they find resources provided by Tactical Tech and Usable especially helpful and that they trust these sources for insights and recommendations.

I trust the network of trainers and advisors that exist here in the region.

Building trust with at-risk users includes providing training on how to search for, and find privacy tools. Insights are shared about what sorts of things to look for too make sure that what they are using is authentic, up to date, being maintained and has good community support.

It is important that a tool is continuously supported. This means that developers are reachable and continue to update and support it.

Trusted tools are used. Trusted tools become recommended tools to be used by partners in the community. They help inform standards for future privacy tool development.

In our conversations, we noted how important outreach is as well within the internet freedom community. Many people expressed that having a person to talk to about I2P made I2P a more trusted option to explore. This is especially good feedback — that trust modelling includes meeting people where they are and building relationships in the community.

Kindness allows people too dare to try.

Good UX and Usability

Trainers talked about usability being an important trust building bridge as well. If they are not successful when trying out a new privacy tool, they will not recommend it. This is important for many reasons, since a person cannot build trust with something that they find confusing. They cannot experience any kind of confidence either.

Non-profits need sustainability in what they use and being able to afford. Has to be user friendly. Ordinary tech users resist tools that seem complicated. One barometer to determine: if I cannot explain it easily myself as a trainer, then I cannot realistically expect the next person to use it. I have to be able to explain why it works, why it’s a good tool, how it works.

Answering the How Question

“How does this protect me online?” We have technical answers for that (documentation process ) and a non technical answer (using infographics on how OpenPGP encryption works for example). We also provide a platform for people to ask as many questions about the work we do and the tools we recommend as they want to ask.

Open Source

Our trust is through transparency in our build. We are open source (on github) and we try to practice good documentation across all our activities to communicate any platform changes and functionalities We use community building strategies to perform all of our marketing activities.

Open source and creating non-lateral feedback loops in development are important for people. People also need documentation that can be useful for developers and for non-developers. Having these things in place ensures that users can build a relationship in confidence with the project and its work.

People also commented about how important it is for projects and tool teams to provide the ability to participate in testing. Communicating what the task is, and the end of the task is important. Follow up is important as well in order to keep people engaged or to give closure.

Open source is the number one thing for us. Reasons: ability to trust it. It could be audited, it does exactly what it says it does, no back doors.

In Part 4 we will share feedback about I2P, and summarize our community outreach projects.