Some quick points:
- All user data is stored securely and is properly protected. We take this very seriously. All communication between you and the platform is encrypted with transport security. No, “anyone with some coding skills” cannot access the data. Only a very small number of heavily vetted core contributors have access to the database through other means than the platform.
- We’re currently working on a set of policy documents that describe and clarify our data handling better. This includes:
- updated Terms of Service & Privacy Policy that describes better what data we collect, how it’s stored and processed, how it’s used, and why we do this all.
- a Non-Disclosure Agreement & Data Policy for contributors that describes how they are allowed to access data, what’s appropriate use, our auditing and logging systems, etc. We aim to make this process transparent, so hopefully everybody will be able to see which contributors have access to which data.
- Some volunteers need access to data: for example those helping out with support need to have access to the support queues and there is a small Admin API that allows them to perform simple actions (change a user’s birthdate, see their email for the purposes of contacting them, etc); other contributors (such as a few devs) have access to the production system because they need to be able to update the software if there are bugs, etc. We vet everyone who gets access to any data, and we’re working on processes to limit access to an as-needed basis as much as possible. We have good logging for this.
- We plan to make it very clear under which circumstances, and who, is able to see what data (e.g. for moderation purposes, if a user reported a conversation, etc)
- We currently have no plans for end-to-end. It would mean our Safety & Trust team would have no ability to help in many situations, and it would open our platform to abuse that we couldn’t control. [You should be using end-to-end encrypted chat apps (such as Signal) for all your normal communication, but we think Couchers is facilitating a different type of activity, and it’s not a priority for us.]