This short essay tackles a group of big questions, important questions for those of us in the privacy services industry. That's what we call it, anyway: privacy services. Everyone knows what we're talking about, although of course there's grey (and not so grey) areas on the fringes. Whisper wasn't a grey area - just to be clear. Spinning that thing as a "private" platform was just... anyway, not directly relevant.
But actually, it is. Whisper - and the meltdown over their outing by the Guardian as sneaky, amoral, disgusting monsters hiding in the guise of "cool dudes" protecting private thoughts - sort of sums the whole issue up. What's the issue? I'd put it like this:
- There's a big chunk of demand for privacy technology & privacy services that cannot realistically be met by all-volunteer projects, and which thus falls back into traditional capitalist models of equity investment, return on capital, and overt market competition. But... lots of the standard elements of that traditional capitalist model offer an horrific fit when it comes to providing serious privacy services to broad, nonspecialised (i.e. "consumer") markets. How can we square that circle?
To the heart of it, then.
The standard way we provision tech-heavy products and services in our modern capitalist systems is via outside investment of equity capital. Whether it's angel investors, "friends and family" looking for a big score on an IPO or sale, or formal VCs (and their evil doppelgangers, the hedge funds), the model has devolved to a standard format: someone puts up "risk capital" at the early stages of the tech project, with the hope of making a huge return on investment in a couple of years (via IPO or sale, basically). Nine out of ten of these roll-the-dice investments are assumed to crash along the way, but it's go big or go home: the one grand slam that returns 10,000% initial investment for outside equity holders more than makes up for the nine who failed, and the outside investors get fabulously rich, by elected officials, commission the construction of massive yachts, and spend billions in basketball teams. Or whatever.
We know this model, in terms of members of our own team. Some of us have been there, done that, and have the scars (or bank deposit slips) to show for it. And we're not overtly criticising that model in general terms, here.
But, there's a problem: that model sucks when it comes to privacy services. Like... it really sucks. Earning the trust and respect of one's customers, in this market, takes time: it's not won by splashy advertising campaigns, or slick PR representation, or millions spent on cheesy gimmicks like free lunch (woohoo!) and massage tables at work. It comes through the grit and grime and scabs and lessons of daily existence, and it doesn't come cheap. If you're serious in this market, you will draw the ire of law enforcement. You will. That's not "might," that's "will." Sorry, but true. If you're in this market and haven't been tested by your friendly neigbourhood LEO then, well.. good luck to you. It'll come. If it doesn't come, you're doing something very, very wrong. Again - that sucks, but it's true.
Earning customer trust, community trust, and respect for a project team is hard. And slow. And personally costly, and fraught with risks that the typical useless-First-World-Problem app will never encounter. With all that, outside investors are going to be justifiably skittish about these kinds of projects, and with good reason. I mean, if your business model includes privacy seppuku as a core component, your equity holders face the risk of shutdown/reboot continuously. They're not risk-averse by nature, but when risk goes up, they expect a higher return. This is basic, Chicago-school modern economic theory. They already wanted a massive potential upside, in order to balance those 90+% failures. So now that possible return has to go up even higher.
But these privacy services projects take more time to develop than the plain-vanilla useless apps... err, I meant "web x.o brilliant startup concepts." Returns on investment upside are temporally driven: faster payout generates higher time-based returns (IRR, DCF, whatever); conversely, slower payouts hammer return metrics, so privacy services projects are facing a double-whammy.
Therefore... what? Therefore, outside equity investors are going to be pushing for any and all strategies that can:
- 1. speed up payout via shortcuts, quick-hit revenue gambits, etc.
2. lower risk of LEO harassment becoming business-impacting
3. avoid extra risk from heavy-innovation tech or operations models
Customers have a sense of this. Customers aren't dumb, and even if they can't articulate the fine-grained structural details of the whole thing, they know there's pressures afoot here that make putting their best interests in first place a difficult thing to do, for privacy services providers. Because, yeah... Whisper. Awfully tempting to stab customers in the back if the payout is high enough, especially compared to the long slog of building real credibility, real security procedures, and real businesses and teams that can sustain real growth over the long-term.
But wait, there's more.
There's also the privacy services projects that come out of nowhere and, without even the faintest hint of a business model or viable long-term plan for economic survival, toss their hat in the ring with free- or low-cost goodies. And, you know what? Customers do eat that razorblade-laced candy right up. This week we have the Platonic form of such "fantasyware" with FrootVPN. Which... yeah. Torrentfreak tells us a hundred thousand people signed up for this fantasyland "privacy service" that publishes crypto keys publicly by accident and proudly asserts that they have no fucking idea how they'll pay the bills for all that traffic in the future: Rela(kk)s, guy. Easy, guy. Don't worry. Be happy.
If those are the two options - either take VC money and face unrelenting pressure to betray your customers by selling their "privacy" out to the highest bidder, or willfully suspend disbelief and jump on board imaginary stairways to privacy heaven like froot- then we'd all be fucked. Seriously. Because Tor can't do it alone, no matter how hard they work or how good the work is they do.
There's a third option, that our team has come to call (in a classic example of our "we suck at marketing" ethos) "Bootstrapped Privacy." And here's how we have figured out how to make that work - we think it's worth sharing, because we think the model we've put together via trial and error over the past seven or eight years might be really useful for other project teams, too. (there's also buzz-friendly "crowdfunding," right? Well, um... anonabox. Q.E.D.)
We'll spare you the many circumlocutions of our own pathway to this obvious-in-hindsight approach to things, and instead present it as if we were clever and came up with it right off the bat. But, in truth, we didn't - it runs counter to everything we're taught in business school, strategic entrepreneurship, and our modern culture of tech startup success. So we came to it by process of elimination... a nicer way of acknowledging the old adage that (desperate) necessity is the true mother of invention.
We don't have vast oceans of outside VC money backing us (like hostpot shield); we don't even have moderate seas of super-cool VC money (like ello). We have no VC money, because (pace above), we think it's a terrible fit with the work we do, for VCs and for our team. We also don't have a froot-ish fantasland no-model-is-the-best-model approach to the future that requires our customers to suspend disbelief and imagine that (perhaps) the tooth fairy and Santa Claus will team up and pay our server bills forever.
Here's what we did, when we spun up the cryptostorm project in the summer of 2013: we went to a tight-knit community of intensively privacy-aware technologists. They're a tough "market" as markets go: they know tech, they know how to do their own tech quite often, and they're skeptical of just about every claim related to privacy or cryptography that one might possible make. Great! That's a wonderful starting point, because it weeds out those projects straightaway that can't make that high hurdle of gaining credibility - and revenue - from this difficult sub-market of privacy geeks.
That's what we did. We approached our market - our community - with the following proposition: we'll make something truly extraordinary... not by making magical new components, but rather by pulling together well-tested pieces into an aggregated system that does really great things. We'll do so transparently, publicly, and with an eye towards continuous improvement every step of the way. We won't launch with a spit-polished perfect, Apple-style masterpiece of UI/UX genius... but we'll also never go into production with anything but top-tier security standards. We'll invest our hearts, our souls, our spirits, and our hard-won wisdom in the project shoulder-to-shoulder with our member community. And, together, we'll build something amazing.
For it to work, we also asked some things of our core community: give us honest feedback, first and foremost. Try not to be (too) rough about it, but in the end we're all adults and we'll shake it off if you get a little brutal with the critique. It's ok. Help us fix the problems you notice: with advice, with pointers to resources, with code edits, with ongoing criticism. Keep your standards high for us, so we keep striving for those high standards even when exhausted, demoralised, or beat-down by the obdurate nature of tech. And, finally, slide us a little money - upfront... to pay for the service we're providing, yes, but also so we can afford enough ramen noodles to keep working in the meantime. We never asked for loans, "crowdfunded equity," or any other hocus-pocus. We simply offered our core customers the opportunity to buy what we're building at what we colloquially refer to as "pre-alpha" stage: it exists, sorta, but it's rough on the edges and still evolving. It works, but it's not fully elegant. Yet.
Elegant is hard. It takes time, and money, and attention, and smart folks and smart designers and talented artistic folks and time and attention to detail. That comes, iteratively, as time goes by. We're backfilling the elegance, slowly but surely. It's not that we don't love elegant; rather; it's the cold fact that elegance costs money, to do right. No money, no elegance. Therefore: build it solid, gain community buy-in at the pre-alpha stage, prove out the fundamental technological architecture and then, as revenue grows: make it sing. Make it elegant. Make it beautiful.
It's fucking hard work. It involves close brushes with starvation. There's no oceans of VC money padding the monthly payroll: in our early months, a lull in token sales meant no food on our tables. Literally. Or no tables, post-eviction. Close to the bone, that... but it does keep us focussed on what we're doing, eh? And we're not doing it so we can sell it to Zucky as another bauble in his chain of failed tech visions. Sorry, but nope. Also no traditional IPO.
So why are we doing it, and why might other project teams pursue Boostrapped Privacy Service as a model for getting thing going? Well, as we said, it works. That's got alot going for it! Also it keeps us viciously, undeniably, intensely, profoundly independent. We answer to nobody but ourselves, and our member community. Nobody. In terms of the personality profile of folks who do well as core members of privacy tech ops teams... that's sort of a good description of the personality type, isn't it? We're not exactly the kids voted "most popular" in school. We're the outcasts, the nerds, the geeks, the freaks, the supergenius weirdos everyone didn't know how to deal with. And we're pretty happy being independent, thanks. It works for us.
That's how we did it. Nowadays we're over the hump of those super-lean early months, and our project moves forward with less of that lean-winter-months intensity of the starving predator. But... it'll always be in our bones, encoded in our company's DNA. It's who we are, quite so. And that's not a bad who to be, when it comes to hard-edged privacy services. This is a tough place to live, and to thrive... it doesn't welcome the glad-handlers, the back-slappers, the bullshiters, or the get-rich-quickers.
And we're quite ok with that.
- ~ pj (on behalf of the cryptostorm team... who had better things to do than write this blather, so it was naturally left to me)