Briar's potential user base includes anyone who's concerned about surveillance and censorship, and anyone with intermittent or unreliable access to the Internet. Within that large potential user base we're concentrating specifically on the following groups:
1. Activist organisations. Activists are subject to intense surveillance, yet their effectiveness depends on their ability to communicate and organise privately. We held a requirements-gathering workshop with environmental and animal rights activists in the UK to understand the communication needs of activist groups.
2. Civil society organisations. Authoritarian states often suppress and monitor civil society groups, regarding them as threats to centralised power. To assess our app's suitability for this user community we're conducting focus group tests in partnership with a US non-profit that works to strengthen civil society in an authoritarian country.
3. News organisations and independent journalists. Surveillance technology has undermined the ability of journalists to communicate privately with sources and among themselves. Our team has experience with training journalists to use information security tools, and we plan to test our app in partnership with the Centre for Investigative Journalism in London.
4. Disaster responders and long-term aid organisations. Aid workers often need to communicate in areas with limited connectivity and across organisational silos. We've worked with the Open Humanitarian Initiative and Taarifa to understand the needs of humanitarian organisations, and to develop a roadmap for decentralised information-sharing tools using the Briar protocol stack.
5. Ordinary citizens who want to discuss political issues or just talk privately with their friends. It's worth noting that while many activists are comfortable with making public statements under their real names (even if they need to organise in private), the communities that activists come from and support find anonymous and secure communication very freeing, as it enables them to discuss the world around them openly and find allies with similar perspectives.
What assumptions are you making in what you propose, and how will you test them?
Our first assumption is that there are people who would like to avoid Internet censorship and surveillance, but who find existing security tools difficult to use or poorly matched to their needs. We know these people exist because we've met them while training activists and journalists to use existing tools. We'll gauge the size of this user community and test whether our app meets their needs by partnering with training organisations to disseminate our software and collect feedback.
Our second assumption is that a mobile app is an effective way to reach our target groups. While we plan to support desktop platforms, we're tackling mobile first for two reasons: the barriers to adopting new apps are low, as demonstrated by the rapid uptake of messaging apps such as WhatsApp and Telegram, and an increasing number of people use smartphones as their primary communication devices (smartphones outsold feature phones worldwide in 2013, and mobile broadband is growing faster than fixed-line broadband). We'll test this assumption by measuring adoption of the app.
Our third assumption is that smartphones and personal computers are suitable platforms for secure communication. This is an assumption we share with many other communication tools, but it's by no means a trivial assumption - sources including the Snowden leaks and Privacy International's Surveillance Industry Index demonstrate the strength and scope of surveillance technology and the vulnerability of popular platforms. A top-to-bottom solution to this problem must encompass application software, operating systems, and hardware. We're only tackling the application layer; we depend on the wider community to continue making progress to secure the other layers.
This is not an assumption that can be tested once and for all; we must continuously evaluate the known threats and decide whether it's responsible to promote smartphones and personal computers as secure communication tools.
How will you get your project in front of the necessary people or organizations?
Within our team we have a fairly extensive network of ties to the user groups this tool is primarily designed to serve. While we want to see our app adopted by the general public, we'll focus first of all on those users in the target groups who receive information security training. We'll partner with training organisations to make those users aware of our project. We're confident that our app's ease of use relative to existing tools such as PGP will make it popular with trainers and trainees, driving wider adoption within the target groups.
In our focus group testing we've pioneered a rapid development-testing-feedback cycle that fixes minor bugs and usability snags within a few days and collects information to guide longer-term development. Closing the loop between developers and users is something that's been missing from previous information security efforts aimed at these groups, and we recognise that ongoing communication with the user community will be crucial to the long-term success of the project.
See also our answer to the question on adoption, below.
What are the obstacles to implementing your idea, and how will you address them?
Briar is a technically innovative project, with no shortage of engineering challenges. However, testing has shown that the basic concept is viable - the remaining challenges can be solved with sufficient development time, including testing on a wide range of devices.
Sustaining the project during this next phase of development is our first obstacle: the project is designed for high-risk user groups, so it would be irresponsible to aim for widespread adoption until we're confident that the software is safe and it has been reviewed by independent experts. On the other hand, development must be guided by real-world testing to ensure we're delivering an appropriate and usable product. Satisfying both requirements will require ongoing testing of new features with real users in safe environments.
Adoption is another major obstacle, as it is for any communication tool: network effects make it hard to displace popular tools. But the recent explosion of mobile messaging apps suggests that this is not an iron law: mobile users appear willing to experiment with new apps side-by-side with established apps, allowing new apps to find niches, especially in communities with specific communication needs. Our target groups are examples of such communities, and we believe that we can aim for adoption within those communities without needing to displace the currently popular apps.
How much do you think your project will cost, and what are the major expenses?
Unlike many circumvention tools, Briar doesn't have large ongoing infrastructure costs, because the communication infrastructure is provided by the users - the main costs of the project are software development, testing, and user support.
To move from beta testing on Android to field deployment on mobile and desktop platforms will take approximately a year, employing three full-time developers and a part-time UX designer, at an estimated cost of $280k.
The software should pass an independent security audit before being deployed, which will cost at least $50k. We'll rely on the user community for translations - we already have volunteers for several languages. To continue the development-testing-feedback cycle we'll need a part-time community manager ($40k) and funding for test hardware and ongoing focus groups ($10k each). This brings the total to $390k.
Until now the project has run on a very tight budget, but we've accumulated debt in areas such as technical documentation that will need to be repaid to keep the project sustainable. To expand the team we'll need to compete with professional salaries.
How will you acquire users? Please give us details on your understanding of the market for this project.
We recognise that user adoption is the single most critical issue for any communication tool. As mentioned above, this issue is particularly tricky for a secure communication tool: we have to strike a careful balance between meeting the needs of real-world users through iterative testing, and protecting high-risk users from immature and potentially unsafe software.
Until now we've achieved that balance by publishing our source code but limiting the distribution of executable builds to focus groups. That will change soon, as we release the first public beta version of our Android app, aiming for field deployment in a year's time. Meanwhile the next version will go through focus group and then public beta testing. This strategy of maintaining parallel 'stable' and 'testing' versions is common for open source projects; it allows each user to choose their own level of exposure to potentially unsafe new features.
We'll use the following methods to drive adoption of the stable version of the app within our target user communities:
- Outreach to non-institutional communities of high-risk users through partnerships with training organisations
- Direct training and support work with high-risk institutions, specifically journalism groups
- Promotion within the Internet freedom community and via its communications with the wider world
- Targeted applications built on the Briar protocol stack for specific communities, including disaster response, long-term civic management, and reporting structures, where the application can spread via field deployments
Briar's data synchronisation technology has the potential to support a wide variety of use cases beyond those detailed above. Briar is and always will be free and open source software using open protocols, but that doesn't preclude the possibility of sustaining a stable, long-term development effort by working with commercial partners. This has historically been a successful strategy for infrastructural open source projects such as the Linux kernel and the Apache webserver, where competing commercial entities can benefit from contributing to a shared technological base.
Share additional details of your Idea. How will it work? Why do you think it might succeed?
Briar provides private messaging and public forums that are protected against the following surveillance and censorship threats:
- Metadata surveillance. Briar uses the Tor network to prevent eavesdroppers from learning which users are talking to each other. Each user's contact list is encrypted and stored on her own device.
- Content surveillance. All communication between devices is encrypted end-to-end, protecting the content from eavesdropping or tampering.
- Content filtering. Briar's end-to-end encryption prevents keyword filtering, and because of its decentralized design there are no servers to block.
- Takedown orders. Every user who subscribes to a forum keeps a copy of its content, so there's no single point where a post can be deleted.
- Denial of service attacks. Briar's forums have no central server to attack, and every subscriber has access to the content even if they're offline.
- Internet blackouts. Briar can operate over Bluetooth and Wi-Fi to keep information flowing during blackouts.
The first platform we're targeting is Android, but the core of the app is portable to Windows, Mac and Linux. The desktop version of the app will support syncing data via dialup modems and USB sticks in addition to Bluetooth, Wi-Fi and Tor.
Our long-term plans go far beyond messaging: we'll use Briar's data synchronization capabilities to support secure, distributed applications including blogging, crisis mapping and collaborative document editing.