The developers of Day One are making a bold move. A recent blog post outlines their current plans for end to end encryption but also puts outs a plea to critique the designs. I used Day One for all of my text journaling. It was one of my favorite apps for a very long time. But I don't want them holding my information. I'm happy to see them developing in the open. Here are few key comments from their blog post:
Our implementation will receive a professional security audit, but we welcome public feedback too. You can comment here or by emailing firstname.lastname@example.org.
My hope is that the security audit report is made available to users. I've seen too many vendors interpret audit comments very differently. The devil is in the details of the report.
Some other kinds of synced data do not qualify as personal journaling data and are not encrypted end-to-end: the date and time of an entry and when it was edited; the names you give to your journals; image type and dimensions; technical information about the devices and platforms you use with Day One; and statistics such as the number of journals, entries, and images. We use this data only for internal purposes (customer support, sync functionality, business metrics, etc.) and treat it as confidential.
It's critical to establish the game rules up front and I think Day One is doing it in plain English. Even if I disagree about what is personal data, there's no confusion about their definition.
Our goal for end-to-end encryption is that (a) your personal journaling data is encrypted on your device before it is synced to the Day One servers, (b) it can only be decrypted by another synced device that has your key, and (c) you never have to share your private key with Day One or anyone else in order to use Day One Sync.
This sounds good, but I'm not an expert. My hope is that one of you out there is an actual expert with actual educated opinions. This is a chance to make a difference for a lot of people that don't think about security but absolutely depend on it. Journals are possibly the most sensitive and personal data that people create. It deserves to be the most secure too.