We know that these private messaging platforms have a profound impact on our digital behavior and emotional well-being.
Yet it is hard to step back and see the forest for the trees given their ubiquitous nature. While these platforms play an essential role in securing our privacy, they also expose users to a range of risks that undermine their sense of security and trust. This undermining of trust can affect their perceptions of peer platform users, corporations and even governments. We each have our own personal and evolving opinions about how encrypted messaging platforms can be made more trustworthy based on our lived experience, whether through better design choices, more comprehensible policies or more transparent governance models.
The purpose of this research is to:
A. Share a cross-cutting view of the experiences and concerns of a diverse range of users spanning geographies.
B. Connect the dots back to specific design decisions that platform providers should make to improve trustworthiness.
I no longer go by my old name, just because the internet is a place. You can't search me by my documented name, it's a decision I made long ago. Also weary about sharing photos and geotagging, I no longer post often as I used to. I try to keep my face hidden to strangers and mostly identifiable to family.
I follow up with a phone conversation and see how true it is or go online to verify that story before I choose to re-broadcast it. But in some cases many people don't verify, they just repost and repost and it causes panic and in a few hours they find out it’s fake.
Sometimes, especially when counseling, the information shared (with me) is very sensitive. For instance, if you are doing counseling and you (message someone that they) should separate from their husband, this (message) is sensitive and you need security.
Since these markets are distinct and individual journeys within private messaging platforms are personal, there is always a risk of generalization when attempting to summarize this sort of user experience research. Nonetheless, there are some common patterns that seem to transcend these differences:
A. We found that people across very different markets have become incredibly sophisticated in how they understand and navigate the intricacies of these platforms.
Across geographies, most users have built fairly complex ways of engaging and adapting to risks and concerns. This calls into question the assumption that people are not likely to adjust their preferences even if these options were made more easily accessible.
C. Users also face a huge gap in terms of recourse and redress, which is a critical element of trustworthiness.
The platforms themselves do not offer many clear affordances for seeking redress, particularly affordances that do not come with some reciprocal social costs (flagging another person’s bad behavior or misinformation often leaves users more vulnerable to harassment).
B. Heightened perception of risk generally arises in response to specific situations, not all of which can be attributed entirely to the platform providers themselves.
Users generally do not have a full understanding of where to direct or who to attribute their concerns to. Often, they take on a sense of responsibility for themselves, so their response choices bear little connection to the risk itself, and tend to fade over time.
D. Most users do not feel that they have real choice and can “venue-shop” based on personal preferences.
Even those with heightened awareness or high levels of technical knowledge find it challenging to avoid defaulting to the most common and pervasive platforms. Because of this, choice alone cannot be held up as the silver bullet for ensuring better practices in the private messaging platform market.
Who this report is for
The most distinctive outputs of this study– concrete, user-informed design recommendations – are just a starting point.
To some, our design recommendations might seem incremental in the face of the scale and severity of user risks and concerns experienced on private messaging platforms.
These recommendations do not point to a comprehensive end state which, if implemented, would satisfy all user needs and address all experiences of harm. Instead, the design recommendations in this report can provide a path towards beginning to address these harms if they are implemented within a user-centered and iterative process. They can help pave the way for a more trustworthy messaging future.
While we have drawn our own conclusions in this report, we hope that this research can serve as a resource to many different stakeholders as they consider ways that the design of these platforms can be improved.
Platform owners and providers
To negotiate competing product priorities and adjust product planning to address user concerns and diminishing perceptions of trust within private messaging platform experiences.
To equip the trust and safety research field with actionable user data, and offer mixed methods methodologies focused on user experiences of private messaging platforms.
To better assess the risks that matter to residents and citizens related to security, democracy and information integrity, and prioritize the harms that occur on private messaging platforms to inform meaningful policy solutions.
To augment their own user research and data analytics, and influence product priorities in line with user trustworthiness.
To buffer advocacy efforts with evidence of the harms a diverse set of users experience on private messaging platforms and examples of concrete changes that could improve trustworthiness.
To assess the potential impact of user concerns on the trustworthiness of services they offer on private messaging platforms. User perceptions will shape their trust in services offered by governments and other players.
In such opaque and highly personal environments, how might we better understand opportunities to intervene to address a set of common concerns? What would a better experience look like? To fill in that picture this report breaks down what we heard into the following areas of analysis: experiences, harms, gaps and design opportunities.
There is much that private messaging platform providers can do differently if they choose to prioritize trustworthiness in platform design. User choice is not a sufficient excuse to justify the current shortcomings.
Our research suggested that few users feel that they have a real choice in the market despite the availability of multiple private messaging platforms. Pointing to the retention and engagement of users as a sign that they are satisfied with current interaction models and tradeoffs does not ring true. We heard consistently that the tradeoffs of leaving a dominant environment — WhatsApp in most cases — are incredibly daunting for all users, even the most security-conscious like human rights activists.
Platform providers have a long way to go in bettering the design of their services, (though we are seeing discrete instances of intentional trustworthy design with recent changes by WhatsApp that allow users to leave group chats without alerting others, for example).
We would also encourage private messaging service providers to be transparent in how they engage users in regular cycles of feedback using the sort of methods we employed for our research study – not just analyze user data behind closed walls.
The dialogue around trustworthiness has remained at a theoretical level for too long.
These recommendations are complementary to a number of related initiatives for fighting disinformation and dangerous speech on private messaging platforms — including research, technical partnerships, dialogue and convening with policymakers and technology leaders, and public advocacy — and should be seen as an integrated part of this broader effort.
We hope these findings will help those advocating for change (whether policymakers, researchers or activists) point to real and concrete design choices that can increase trustworthiness on private messaging platforms.
We also hope this research offers stakeholders a provocation to consider more fundamental changes to the environments in which these platforms operate, whether it be business models or interoperability standards.