Is blockstack considering allowing apps to publish data to user’s gaia hubs without publicly announcing the app the data belongs to? Right now when an app publishes data to a user’s gaia hub, everyone can look at the user’s profile.json and see all the apps the user is using. I think that many people may not want to publicly announce the apps that they are using. For instance many people on dating apps wouldn’t want to publicly announce to the world that they are on dating apps. Or let’s say there’s an e-commerce app for buying jewelry. The app would want to be able to save user’s previous orders and preferences for a better user experience. Publicly posting that someone has joined the app could ruin a surprise for a significant other. There are also many sites that the average person visits that they would not want to publicly announce they visit (i.e. adult film sites). For these reasons I think that publicly announcing the apps people are using could be a major issue for many people who many be considering using a blockstack app and would therefore be a reason for developers not to build on blockstack.
As far as I am aware, any app that wants to save user data in gaia needs to enable to ‘publish_data’ scope which also makes public that a user is using that app. One solution to this issue could be to create a ‘private-apps’ field in a user’s profile.json which would be identical to the ‘apps’ field except all the data within it would be encrypted so that when an app runs, the address of the apps data for that user is decrypted.
This solution would make sharing data between users more complicated, but files could be encrypted with symmetric keys so that when a user wants to share a file on a private app, they could send the recipient the key and address of the file (encrypted with the recipient’s public key).
I’d love to hear what if anything blockstack may be doing to remedy this issue, whether people think it’s an issue, and any feedback about my idea to solve this issue.