[Open Source Software] End-to-end encrypted data sharing beyond messaging

Since mid-2024 I've led the TACo project, an ambitious attempt to build an end-to-end encryption service that is run like a cooperative – i.e. not managed by any one organization, but instead controlled by and delivered through a community of independent providers. In practice, this looks like a Typescript API for encryption/decryption that's hooked up to a network of independently-run servers, each of which individually executes cryptographic operations in order to collectively validate and enforce access to private data. 

The project is fully open source (AGPL-3.0) and has been used in-production since early 2024. You can follow TACo here‍.
‍
TACo is a general-purpose tool. It enables end-to-end encrypted data sharing in a variety of contexts – an artist sharing with their fans, a radiologist sharing a diagnosis with their patient, an investigative journalist sharing their location with their editor, or a retiree sharing house deeds with their grandchildren. In each of these examples, TACo ensures the sharing party retains full control over who accesses the data, when they access it, and on what basis. They are not forced to trust an intermediary to handle, route or custody the plaintext (i.e. readable) version of their data. These guarantees starkly contrast with today's mainstream digital tools. Indeed, the choice for everyday users of digital platforms leave much to be desired.

The vast majority of mainstream applications are not end-to-end encrypted. Instead, they're designed to decrypt your data on their servers. Healthcare portals, social platforms, shared spreadsheets, booking aggregators, connected vehicles, chatbot providers – all trusted with your sensitive information, a trust they habitually betray by extracting and monetizing whatever value they can. Normally, it's predicting your moods and inclinations to sell you fast fashion at just the right moment. Other times, it's serving you individually inflated flight prices – because your personal emails tell them you have a funeral coming up and their pricing algorithms determine that your sense of duty makes you less sensitive to higher prices.

Mainstream end-to-end encryption – i.e. where sensitive data is un-viewable by the intermediary or provider – is limited to a few messaging, video conferencing, and workspace applications. This means that all our other quotidian platforms and tools – Google Sheets, Kayak, Gmail, ChatGPT, MyChart, OnStar, the list goes on – are being trusted with the readable version of your travel plans, correspondence, health status and thoughts.

Many of those end-to-end encrypted apps are run by historically untrustworthy entities. Some, like Zoom, lied about their end-to-end encryption capabilities for years and had to pay out millions in a class action suit.
‍
Many of those end-to-end encrypted apps harvest your metadata. WhatsApp observes all of your messaging activity – who you message, who you call, when you message them, when you come online, where you use the application from (via your IP address). The end-to-end encrypted message content is just one hidden component in a firehose of exposed and monetized personal data.
‍
‍Apps with spotless track records – i.e. no evidence of collecting or profiting from private user data – are few and far between. Signal Messenger is the stand-out application, having transformed the public's privacy expectations, at least for point-to-point textual messaging.

The next phase of the fightback against surveillance capitalism is a general purpose, developer-facing plugin that can be used in a mortgage application portal, in a connected vehicle, in a fitness wearable, in a period tracker, or a shareable spreadsheet.

‍