Cool. I’ll have to take a look.
@growthboot thanks for chipping in and sharing your thoughts. I do agree on what you say and applaud your strong values! At the same time I want to point out, from my perspective your project does not follow those values.
After inspecting your project, it sadly did not fulfill any of my three most fundamental needs as a privacy enthusiast (open source, business model, ownership). I’m pointing this out since I feel others have similar views on this as well, and if you want to be successful in serving the privacy community - which I hope you will be - you will have to target their needs. I feel the most crucial one is being open source, which is also one of the key requirement for software being listed on privacytools.
Thanks for the response @davegson. Though I completely disagree with that perspective of privacy. We are not open source because from a security perspective, it is safer for our user’s data. I am highly experienced in security with going on 20 years of experience and come here with an engineering perspective. I understand it’s not a rule because there are exceptions, but open source projects are almost by definition easier to hack because the code is completely exposed. I don’t want to make it easier to hack our user data so I am protecting our backend code from being open and more easily exploitable. This is because I want privacy for our users. It’s not a failsafe method but it’s a deterrent just like putting a lock on a bike. I am disappointed in this privacy community and others to make such a misjudgment in creating a distinction of what defines a privacy-based company.
These fallacy based indicators misinform the general public on what a good qualifier is when analyzing a company for privacy. As well as it alienates companies like mine who are going privacy-based from communities like this.
To answer the other two points:
2) We have two locations on our site that have donation links. One in our FAQ section and the other within the app. We are currently adding more, and we just started a Patreon and working on a Kickstarter right now (links going up by tomorrow hopefully). We are a donation-based company until we create one of the ideas that will fund us without infringing on our users’ privacy (we have plenty of ideas that don’t including putting ads in our bookmark manger). Until then, our costs are low and we could fund this for a lifetime out of pocket.
3) We are totally open to doing audits by pro researchers who sign an NDA. I wasn’t aware we need to provide more info about who we are. We are totally open to that and will look into just how to present the information. To answer quickly right now, my childhood buddy Peter Forest has (15.10%) and I got the rest (84.9%). We’re not hiding it, we just didn’t know we needed to present it on our site. We have that info in a bunch of other places on the web.
About the open-source not being a privacy indicator thing. I will be doing a lot more posts/blog posts and trying to create a dialog about this in the near future. I can see it’s a widespread misjudgment so I’m afraid I might need to be taking this head-on. I feel guilty because I’ve been involved in throwing this thread way off-topic though I’m afraid. It’s actually a really good topic. I’m going to write a blog post then create a fresh topic about this stuff on here and r/privacy.
I know about putting ones heart and soul into a project, I do feel you on that, but do not be disappointed when someone else has another definition of what a privacy-based company is. I explicitly mentioned it’s my perspective, and I feel this community is accepting enough to simply agree to disagree.
I’ve been involved as well, especially laying my focus on the open source! I do feel that is an interesting discussion, and one the privacytools team will have had plenty of discussions about - so they will have plenty of insight! But true, this is for another thread.
However, ownership and business model are totally on topic.
Thanks for sharing your percentages. As mentioned above, I’d really like to have every company share those metrics - it gives a lot of insight in who really runs the company.
“How do you make money?” also got mentioned in the reddit thread, and I agree this is a good question. Especially if a project wants to evolve into a company, financing full-time founders & employees, including an office and what not - this becomes a crucial question. It leads down to how a company supports their burn rate.
If you only count on investors, it’s very likely it will end up in my already mentioned scenario. And this community has experienced being screwed over time and time again, hence its oftentimes enormous skepticism.
And I’ve heard living off of donations is very tough as well. I wish this to succeed, but it often does not. Which in return impacts the morale of employees, who then have to worry about their income, and maybe even downsize their working hours.
That’s why, I’d like to ask companies one variant of this very important question.
How do you make money?
What’s your business model?
How do you support your burn rate?
@growthboot, thank you for sharing that you do have other plans - I’d really like to hear them, I know it’d make me more confident in your product. I’ll open a thread on your reddit.
@davegson I’m not. I’m starting to wonder if you fully grasped the reasoning for my disappointment. It has nothing to do with that an opinion is different than mine. I very much appreciate different viewpoints. I have to be clear about this because I don’t want to be gas-lighted into being someone who is intolerant to other people’s opinions. The issue I have goes far beyond myself or my business, it’s my expert opinion on the topic in general. A topic that seems to be proliferated through the privacy communities, being the #1 rule on r/privacy, that a privacy-based company needs to be open-source. I’m disappointed by seeing large communities make logical mistakes like this that hurt people and businesses trying to help people.
Allow me to reiterate the logical mistake I’m disappointed about, since it appears to have been overlooked or misunderstood in your reply to me. For companies that are holding lots of personal information, open-source is more vulnerable so therefor less private. I care about more than only my business, this is about any business that has completely honest intentions getting improperly filtered out based on an irrational false-indicator. I personally have a duty to my users to protect their privacy which got me turned on to this topic. I’m not against open-source, I love open-source, I have a project on github, I use open-source projects all the time, but for WebCull even a non-tech person can pretty easily understand that going open-source is dangerous for my users on a fundamental level.
“What privacy services have been sold or taken on major investors? We should find out”. That’s a topic that I just recently started researching and is about past open-source businesses/projects who have sold out. I’m totally for being involved in that research and think it’s a super important part of a community like this. The conversation we’re having (though interesting) is on a different level and is about open-source being an indicator of privacy. I do see the relationship those two things have and I could be wrong but I don’t think that was really what this thread was intended for.
Your questions seem to have changed a bit (which I like) because at first, you sent me to a Reddit link that has “Are they open source?” as your first question to know if a company can be considered to be privacy-based according to this community (which again, is really not a good privacy-based question).
As for the business model. I don’t mind answering the questions you’ve asked, they are good questions. I like that you have two separate questions now asking both the model and support for burn rate. I’m not sure if I answered that about my own business so here it is. We are funding it ourselves right now but the expenses are far lower than a cup of coffee per day so it will be a lifetime before we can’t afford this project.
As I said previously, I would not gamble on debt and risk my users’ privacy. It’s against my constitution, so the scenario you laid out cannot happen to me or my business. And if it was about to happen, if let’s say both of us got sick (even though we got free health care here in Canada, say we both die) and we couldn’t afford it and it’s not making money from donations, simple, we’d warn our users that we’re closing and shut the doors, we don’t have massive investments to loose here, this is bootstrapped. There are ways around the problems you’ve mentioned, they are not inevitabilities for people who are aware of them and care to make a change.
And hey, after enough time if people don’t think this is worth donating to and we’re not making money from anything, it’s probably not worth sticking around, though I don’t think it’s the case. Still, we don’t plan on living on donations even if they do work out (we’re bootstrapping so we are hoping donations come in to make things more affordable to us and get more done), we have many plans, awesome plans for financing, which is why we are in this business. Let’s take this up on the awesome Reddit thread you started, which I will reply to soon, giving you more details on our plans. Link here for anyone reading: How do you plan on making money?
I love that you started that Reddit thread btw, I love that you’re talking to me, it’s been great. If you want to send me any material that you think I should read, please do send it over. I’m here to share and learn and meet great people like yourself. Thanks
for WebCull even a non-tech person can pretty easily understand that going open-source is dangerous for my users on a fundamental level.
There’s a whole thread for this topic:
This thread is focused on researching which privacy services may have become compromised in some way because their ownership has changed.
Thanks for the link! I’ll go check it out. I won’t respond to that quote here because I don’t want to have a part in continuing to change the topic of this thread.
"We do not have Google AdSense or any other third party tracker within our bookmark tool. We may use AdSense in the future but only on our website homepage or direct links, to aggregate data about the performance of the marketing of our website. This is something that is considered standard practice in the industry. "
That means NOT within the app, that means within the hompage or direct links to one of our landing pages. Not within an account. Still, even though that wouldn’t negate any of our claims about privacy and our app since it’s not talking about within the app, I’m gonna change that to never. Needs to be updated because we decided recently to take an even harder stance towards privacy even extending to our homepage.
As for the tracking, we do not have third-party tracking, never did. If you inspect the site using console, its easy to see that those cookies you mention are not found. Maybe you’re finding this because of the youtube embed on the homepage.
Thanks for getting the focus back @strypey .
On that note…We’ve had some helpful input on questions to ask ALL privacy services, and it seems the comments have waned. I believe it’s time to come up with a suggested final list.
@LizMcIntyre This seems like such an important yet ignored topic. Could you share what you have found so far and the method you use to find them? I absolutely agree that there should be a place for this. To hold businesses accountable there must be a place to report and access sales of privacy based businesses, especially when user information is involved in the sale.
Finding out the information does seem quite difficult which might be a factor for it being a lackluster thread. My research on it has been excruciating, I don’t have a firm grip on what keywords/tools to use when searching for it. It doesn’t seem like searching press releases has been very fruitful way of researching the topic but maybe I haven’t tried hard enough.
It seems like there may be some software that could be written to do this in a more efficient way than I am. But I’ve been trying to think of how that would work and I’m drawing blanks at the moment. If anyone has any ideas, I don’t mind starting an open-source project and start coding it provided its not insanely hard to do. I also got someone else from here in mind who would probably help out.
Great to hear!
Have you considered uploading your video to a PeerTube instance and embedding that on your homepage instead of the version on YT?
IMHO the only long term solution is for businesses not to be the (exclusive) stewards of other people’s data. I recently learned a bit more about the Solid project. Turns out it’s mainly a set of protocols for separating storage of data from the services that make use of that data. The idea being that users can give an online service provider access to only the data they need to perform the service, and easily revoke its access to their storage pod if they stop using the service.
The main roadblock to implementating this in the real world is that it would cut off most of the income sources for existing online services, which tend to be based on various kinds of datafarming. So as well as decentralized tech, we also need to come up with new revenue models for ethical online service provision (eg platform cooperatives).
I would prefer here. If it was up to me, the PTIO subreddit would be either closed, or marked as “unofficial” with a notice that direct users to this forum.
Becoming a Brave Creator might be another option for donations for that site.
Yes, I tried them out and sometimes the bandwidth was okay, often it would take up to 20 seconds for the video to load, and other times the video wouldn’t work at all. After trying everything I was forced to use youtube again. Since that post I made it so the video doesn’t load until you click the video play button which makes it so the tracking doesn’t initiate on-load. I also started using youtube-nocookie.com which makes it so that cookies aren’t saved when the widget loads which helps a bit with the reduction of tracking.
Thanks for the suggestion, we are looking into it.
In a discussion about privacy products who have shady funding, etc Brave tops the list.
Their major funder is Peter Thiel, who sits on the Facebook board and owns Palantir (which creates software for ICE). You can’t find a person more devoted to exploiting humans for profit.
@danarel I just did some quick googling and I’m having trouble finding a source on that Peter Thiel is considered a major investor. It appears he’s an investor among many because of his Founders Fund. He may have almost no influence on the business decisions in any way. If brave tops the list of shadiness surely there must be something more to go on than this.
Would you ever consider opening the source of WebCull? Because it looks great, it has a beautiful GUI and it is what I’ve been looking for for some time but I can’t use (morally) if it’s not open source.