I have written in my diary 86 days in a row. It was my New Year’s resolution to commit to journaling my days, and every day since January 2, I’ve sat down and done it. This is the longest journal I have ever written, and almost certainly the longest in which I have stuck to a resolution of any kind. I’m probably more proud of myself than I should be.
i have been using the first day app, which is the giant of the digital magazine space. Day One works on virtually all platforms, is fast and simple, and allows me to write text and save photos, audio, and links to my journal. It’s a great app!
But I had this moment, about a month after pouring my heart and soul (and hundreds of photos of my newborn son) into Day One, where I started to worry about it. This app is a repository of my most private thoughts; I’ve also given you access to my location history, my calendar, and my camera roll. All of that information is beautifully organized, compiled, and deeply problematic in the wrong hands. It’s also cloud-synced, which means it’s stored on a bunch of mysterious machines that other people control who knows where. Everything that makes Day One such a great record of my life also makes it feel risky. Lots of people trust Day One, and I have trusted it every day for 86 days straight. But should? How can I know?
You can also hear a version of this story on this week’s episode of The Vergecast.
This is not just a question about journaling applications. As more life moves online, we are being asked to devote more and more of our time, attention, and information to digital services. In return, we get a host of conveniences: access to our stuff from anywhere, tools to organize and use that stuff, easy collaboration with friends, family, and coworkers. But almost all of these apps require access: to your data, to your activity, to your interests. Historically speaking, the apps that request your most sensitive data tend to also have the worst privacy records.
In this digital world, are there spaces left that are just mine? Can I have all those modern conveniences without constantly being asked to share, socialize, or upgrade to the business plan? I started out trying to figure out if I could trust my journal app, but ended up looking for a place of my own on the internet.
I started out trying to figure out if I could trust my journal app, but ended up looking for a place of my own on the internet.
Paul Mayne, the creator of Day One, tells me that he created the app after having a crisis of confidence similar to mine. It required doing two important things well. “I wanted something that I could trust to capture and store all these memories, that would exist even after me,” he says. That is first. The second was “the comfort of knowing that you could put whatever you wanted in there, and it’s unlikely or impossible for anyone else to see it.” That meant taking a different approach to building the app: Rather than store information in a central location and then build local apps that ping that server, Mayne built Day One on top of the Mac file system. “By default, just Whoever has access to your computer will see it,” says Mayne. “The downside is if you lose that computer, you lose all those memories.”
Day One now syncs across a host of platforms: iOS, Android, Windows, Mac, and even recently the web. That’s a big part of why I use it. I can write one entry on my laptop at the office and the next from my phone in bed, and all my data will still be there even if my laptop goes up in smoke. But there is an inherent risk in that; more data in more places means more things can go wrong. Mayne says that Day One has done everything possible to mitigate the risks, of course. The first sync Day One created was through Dropbox, but he never liked that setup: “things that were stored on Dropbox, weren’t encrypted, and someone on Dropbox could definitely read them.” After a few years, Day One implemented its own end-to-end encrypted sync service, which it still uses now.
However, encrypted sync comes at a cost. It’s hard for external services to access the encrypted data, that’s the point, making it difficult for Day One to connect with other apps. Encrypted data and shared folders don’t usually work very well together. It can be more difficult to recover your data if something is lost. Over and over again the list goes on. From a usability perspective, end-to-end encryption is an objectively bad feature. But the way I think about and want to use Day One, it’s also completely essential.
This is the fundamental tension in day one and really in all of what I would call “personal applications.” You can have cool, modern and useful features, integrated and managed in a user-friendly way. Or you might have a system that does everything it can to make sure your data is handled privately and understandably, and protects it even from its own mistakes and security flaws. You can have a middle ground. But there is no such thing as having it all.
There are a million examples of this exchange, but the simplest is probably about passwords. The most a developer can do to preserve privacy is to encrypt your data and make sure only you have the key. They don’t see it, they don’t store it, and there’s no way for any government employee, hacker, or undercover agent to get it. But that also means if you lose that key, you’re screwed. (Just ask all the people who search the dumps for the USB stick that contains all their Bitcoin.) On the other hand, having a customer service team that can recover your password is a great thing, and a security risk.
The Day One team has always prioritized privacy, Mayne says, even as it has made features more difficult or impossible to build. (There’s a reason it took 12 years to have a web app on day one.) It feels like good practice. “I hear scary stories about how much private information people put on platforms like Evernote that isn’t encrypted — all their passwords and so on. And they just leave them there in the browser!” It assumes that most people are unaware of the risks, so Day One’s job is to mitigate them on behalf of its users.
The note taking app Obsidian, another personal app that I’ve liked, approaches the problem a bit differently. Stephan Ango, CEO of Obsidian, tells me he’s also thinking a lot about privacy, but he’s also trying to create an app that’s enormously powerful and extensible. So Obsidian has become something of a choose-your-own-adventure app: when you first install it, it’s really just a simple text editor at the top of a file folder on your device. But you can turn on some “core plugins” like multi-device syncing or the ability to share a note publicly. And if you’re really interested, you can enable and install third-party plugins that change how Obsidian looks and works, or add all sorts of new features.
The idea is that Obsidian can do almost anything, but only if you explicitly allow it. “Because we give him so much freedom,” says Ango, “it means the user has to make his own decisions about what he’s willing to give up in terms of privacy or longevity.” He is particularly intrigued by some new plugins bringing ChatGPT functionality to Obsidian. “You have to make the decision for yourself how you want to trust OpenAI with your data.”
In the future, many of us will have to make that choice about generative AI. Tools like ChatGPT can be a great help to your life, making it easy to synthesize information, retrieve things you’ve saved before, and even create new things. But that requires uploading data to someone else’s servers and allowing large language models to ingest and process all your most sensitive and personal information. Maybe the tradeoffs are worth it for you; maybe not. There is no wrong answer.
I’m generally not a fan of online privacy. I don’t think you need a VPN all the time or ditch your Gmail account and switch to Proton. But I’ve become somewhat manic about ensuring the longevity of my stuff. Servers break; product pivot; companies are acquired or shut down or kill off their least-loved things. No app is forever, and my journal entries and notes should outlast Day One and Obsidian. That’s why any good personal app should also have great export tools. No matter what app or service you’re using, if it doesn’t come with an easy way to move your data (to another app, to a text file, to a PDF, whatever), you’re at more risk than I’m comfortable with.
After a few months of asking around, I found a helpful rubric on how to think about personal apps. The best ones start with private spaces and then add features from there, rather than starting with a mountain of collaborative features and integrations and then adding a privacy policy after the fact. They tend to be subscription-based, which can help align your business with your customers. Many also tend not to be backed by VC: several developers I’ve talked to mentioned that they refused to take VC money because taking that money means growing fast, and growing fast means making tradeoffs. It’s hard to make a good personal app when you’re selling primarily to IT admins.
But the easiest way to tell is just by looking at the app’s website. It usually only takes about three seconds to see how these developers feel about the state of things. The My Mind bookmarking app, for example, goes against the way platforms work now. “Our minds have been captivated: by social approval systems, by news and schedules, by corporate announcements and agendas.” the site says. My Mind then promises to never (ever!) have ads, tracking, social features, or collaboration. Most personal apps have an equally aggressive value statement.
But maybe you want social features and collaboration, and that’s okay too. There’s no perfect answer to this, and ultimately you just have to decide what compromises you can live with. Personally, in the last few months, I’ve found a few apps that do the job that I can trust. (As much as you can trust anything, anyway.) I use Day One for my journal. I use Obsidian for all my projects and notes. I usually 1 Password to store not only my passwords but also my account numbers and personal documents. Everything is encrypted, everything is exportable, everything is in a place that no one can access except me. As long as I don’t lose my passwords.
For most of my day-to-day life, I’m still in Google Docs and Gmail and the like – using full privacy is more work than it’s worth, at least for me, at least for now. But I have found that having a few reliable digital spaces has improved my life. It’s online, it’s everywhere, and it’s mine and mine alone.
