12 Organizations Sign the Privacy Pledge

On September 23, 2022, the team behind Threema, a secure Swiss messenger, announced on their official blog a new joint initiative with ProtonMail, Brave, Tor Project, and others—12 organizations in total. Their goal is to present major tech companies that monetize user data with an alternative business model that does not compromise user privacy.

According to the organizations that signed the Privacy Pledge, the current situation on the internet is alarming: companies collect, process, and share user data in exchange for services, often in ways that are difficult to track. The initiative’s authors claim that some firms go so far as to publicly declare their commitment to privacy while behaving quite differently in practice.

User data is collected and analyzed without their knowledge, and unscrupulous companies can use these massive datasets to create surprisingly accurate profiles of individuals. Some users are aware that much of this happens in the background, but see it as an unavoidable evil.

The group of signatories states that the five key principles outlined in the Privacy Pledge—which does not endorse any specific government policy or technological tool—should serve as a starting point to restore the internet to its original vision: an open, transparent, and democratic platform that enables free information exchange, open communication, and personal privacy, as opposed to the “regressive views of big tech and surveillance capitalism.”

5 Principles for Building a Privacy-First Internet

We, the undersigned, commit to rebuilding the internet in line with the ideals set out by its founders: a democratic platform designed to facilitate the free exchange of information, open communication, and personal privacy.

• We believe the internet can meet the needs of people, not just corporations.
• This internet should be private by default, giving every user the choice of who can access their personal data and control over it. Such an internet will be open and accessible to all, support democratic values, protect the fundamental right to privacy, and ensure free access to information.
• This internet will support the growth of ethical business models, but first requires companies to adhere to higher standards of conduct that put users first. By giving people control over their personal information, we can stop companies and governments from spying, commodifying, and manipulating users—practices that have become typical online today.

We believe that to create an internet where privacy is the default priority, all organizations operating online should adhere to the following five principles:

1. The internet should primarily serve people. This means respecting fundamental human rights, being accessible to everyone, and ensuring the free flow of information. Businesses should always prioritize user needs.
2. Organizations should only collect data necessary to maintain their services and prevent abuse. They must obtain user consent for such data collection. People should be able to easily find clear explanations of what data is collected, how it is used, where it is stored, how long it is kept, and how to delete it.
3. User data should be securely encrypted during transmission and storage wherever possible. This helps prevent mass surveillance and reduces the damage from hacks and data leaks.
4. Internet organizations should be transparent about their identity and software. They should clearly state who is on their leadership team, where their headquarters are located, and under which legal jurisdiction they operate. Their software should be open source wherever practical and open to security community audits.
5. Web services should be functionally interoperable unless it requires unnecessary data collection or compromises secure encryption. This prevents the creation of walled gardens and fosters an open, competitive environment that encourages innovation.

“This is the internet we deserve. This is the internet we are fighting for. It is within our reach—we just need to be brave enough to seize it,” the signatory organizations conclude.

However, Vadim Misbakh-Solovyov, a technical expert from Roskomsvoboda, expressed skepticism about the initiative: “If only because right now, 99% of services make money by trading data, and they have no reason to give that up.”

Time will tell how things develop, as The Privacy Pledge is only a few days old.