CHI NL Meet: Hester Bruikman on Privacy Oriented Design

Photo of Hester Bruikman, User Experience researcher who works with blockchain technology at Status

Hester, you work a lot with blockchain technology and privacy-oriented design. What fascinates you most about the work that you do?
Since I started working at Status, I’ve realized more and more how much privacy we give up. And I’m not talking about data necessarily, but about control. I realized that every time I use a website, my IP-Address is shared and can be logged. So basically anyone can find
out where I live. I hadn’t been aware of that. The more I learn about these privacy-aspects, the more I’m convinced that the cause of us giving up so much control is inherent to the infrastructure on which we built our web. That I am able now to try and change that
motivates me a lot!

You’ve been working at Status since 2018. Could you tell a bit more about what Status does?
Of course! Status refers to a project and an app. Status as a project is very broad, it focusses on everything you need to build a censorship-resistant, privacy-oriented application. When you design an app, you have to consider where data is saved, how messages get sent and how you interact with a blockchain for example. Status as a
project works on ways to give the user more privacy and control over this infrastructure. Think about decentralized storage and a decentralized communication protocol.

You don’t see this infrastructure on the surface. What you see is the Status-app. This app is a so-called ‘super-app’, because it has a lot of functionalities in one application. It’s similar to an operating system. We offer a communication platform which can be compared to Discord or Slack. The app also includes a cryptocurrency wallet and a
browser, which looks like a regular browser but with the difference that you can access a lot of decentralized apps using this browser. Think about a decentralized AirBnb or Medium alternative.

What does someone have to do to download this app? And what data do they need to provide?
You can download the app on our website or in the Play Store, App Store or on F-droid. You don’t have to provide your email or phone-number to use the app and we don’t make an account for you on a central server. You have a set of keys that you create yourself on
your phone or computer, and with those keys you can use the app.

So you don’t have to fill in personal information when you create an account, but I can imagine that Status does need to collect data to optimize the experience of the user. How do you manage that?
First of all, Status is open-source, so you can check exactly how data is processed. Secondly, we don’t save any data, the data that is collected by our app is only stored by you, on your phone or computer and not on a central server.
That said, we make a distinction between Status and Status Network. There still has to be communication between computers when you access Status Network and send (encrypted) messages. Because of that, there is a possibility that someone else saves your IP-address. Finally, the data we access is public, and aggregated on a public dashboard.

So at Status, you focus a lot on pseudo-anonymity?
That’s right! Pseudo-anonymity means that you as a user are recognizable as a unique actor in a system, but are unidentifiable as a person. When you send a message or make a transaction, you use a key. And this key is not traceable to your identity or your address or preferences. Pseudo-anonymity is all about detaching your identity from your actions. As I mentioned before, at Status we do this by giving the user their own keys. Those keys
represent you. We don’t need your name, email or phone number, but as a unique entity you are recognizable. And that’s very convenient, for example when you exchange messages. If you aren’t recognizable at all, your messages would show up from a different
sender every time. And that is not great if you want to build trust with the party you are messaging.

Now you are progressing with your research and the design of the application, do you have tips for other researchers or companies who want to build an application based on human values?
Well, one of the things we noticed when we let the experts look at our own design and other existing encryption applications, was that although these applications aim for more security and privacy, some design decisions had in practice or in the long term a negative
effect on those values. For example, the experts mentioned that some of the applicationstaught the users behavior that is not secure, by asking them to open an attachment or click on a link in an email. Therefore, I think it is important to list the values and project
specific value related design principles that you want to focus on in your project, and to consequently look at those values and design principles before every choice you make during the design process. And the evaluation with experts also helped us a lot!

CHI NL Meet is a regular feature on the CHI NL blog, and currently looking for a Lead Blog Editor. Please reach out if you’re interested in this role.

Get updates about HCI activities in the Netherlands

CHI Nederland (CHI NL) is celebrating its 25th year anniversary this year, and we have much in store to acknowledge this occasion. Stay tuned!