Data Rights Indicator Component


#1

Feedback for OI Calendar was: “The worst thing is that it is just a simple calendar”

So, we need to highlight why this app/product/website is different.
I am thinking about a “Data Rights Indicator”. Every app should include that and eventually the every(?) web browser will have this built in.

This is how it could look like:

Collapsed

Expanded

On Figma
https://www.figma.com/proto/BKjAoGJBVzquELs4tsWmeZL9/Data-Rights-Indicator?node-id=3%3A13&scaling=scale-down

I try to describe

  1. Data that only you can access
  2. Data that you shared
  3. Data that was shared for you without your consent
  4. Data that you accessed from 3rd parties

The number indicates the number of files on gaia (for 1 and 2), or the number of different hosts involved (for 3 and 4)

Questions

  1. Should there be less/more/other indicators?
  2. Are the icons suitable?
  3. How can the four points described in a short, understandable word(s) (so that the AFL score increases :slight_smile:)

#2

My initial thought is that I would not recommend a site to add something like this.

First of all, it’s quite confusing, and I don’t think that is something that could be solved with better design. And I also can’t think of ‘short, understandable’ copy that could explain it, either. This is a somewhat complex topic. Even if you said “data that only you can see”, well, does that mean it’s in Gaia, or somewhere else, even though only this user can see it?

Mainly, I think it’s up to each app to explain how decentralization benefits the user of that particular app. Some apps are more about security, and some apps are about data ownership, and some a mix of this and other things. Sure, Blockstack could help provide materials to help users understand what “Blockstack” is in a quick way. Still, the app needs to explain why Blockstack is useful in this app.

For OI calendar, I think you could say something about how OI Calendar is (possibly?) the most secure cross-device calendar app out there. It provides the ease of cloud storage, but everything is E2E encrypted, so not even the ‘sync’ server (aka Gaia) can see your data.

Even if there was a well-designed ‘data rights indicator’, the website is providing the widget themselves, so you couldn’t trust the results that are being shown. It’d have to be a native web browser feature, like the SSL ‘lock’ symbol.


#3

I understand that the ideal solution would be a native web browser feature or plugin feature. Until we have that, I still see an opportunity to teach users about their “data rights” right now.

If I put on my site that all data is e2e encrypted (do users understand e2e in a calendar context?) “…the website is providing the [information] themselves, so you couldn’t trust the [statement] that are being shown…” (using your words :slight_smile: )

How should decentralized apps visually distinguish themselves from centralized services today? Is the “Host me” widget better than the data rights indicator?

Decentralization is a complex topic but we need to start somewhere!


#4

As @hank mentioned, this is indeed a complex topic. And the eventual solution probably will be browser-based. But I do like @friedger’s impulse to experiment here – perhaps though it’d be better to experiment with a browser extension so that it lives with the user across apps?


#5

Until we have the native browser with built-in data rights indicators I think it would be better if this is a browser extension that actually has the ability to verify the security claims. Displaying the indicator as part of the web page is similar to the “Secure checkout” or “Trusted” badges a lot of sites have. Without a way to verify you can’t really trust them 100%. Malicious apps can also just start showing the indicators.


#6

You can inspect the network stats in the developer tools of your browser and you can inspect the source code (at least for some apps :stuck_out_tongue: ).

Is a badge “private, encrypted, open source” on my site better than the data rights indicator?