[gingerlime]

Absolutely. But even not all harvesting is privacy invasive. As a search engine I can know that 3.054% of users search for sex toys. As long as they don’t know or harvest who is doing these searches, there’s no privacy violation.

[jessems]

Valid point, but this doesn't amount to a very convincing promise to many users imo. You're relying on the service provider to not abuse their power. If that were sufficient I don't think we would see these e2e services pop up to begin with.

[gingerlime]

Yes, you’re absolutely right. Unfortunately services blatantly and openly violate their customers privacy and by and large customers don’t care. I would also prefer zero trust as a first choice, but for now would be happy to settle for trusting companies that just seem decent. Sadly those are few and far between and the norm is to harvest, sell and abuse customer data.

[vorpalhex]

> I would also prefer zero trust as a first choice, but for now would be happy to settle for trusting companies that just seem decent.

It's an incentives problem. If the company can always make a bit more money by harvesting data, then why would it not? Especially if it could avoid getting detected or at least avoid getting in trouble.

That's the benefit of E2E - I don't have to trust the middleman. I still have to trust the other end (and that has a whole can of issues to be sorted) and I have to trust myself (and again, that has plenty of problems) but it at least removes an entire vector.