Upgrading from encryption to end-to-end encryption (e2ee) would be a significant improvement for the Bearable health tracking app. As stated in your FAQ, “To protect your privacy, any health data that you choose to track for your own purposes is encrypted before it is backed up on our servers.” However, standard encryption may not provide the same level of security as e2ee.

The key difference between encryption and e2ee lies in who has access to the decryption key. With standard encryption, the company’s servers can still access and read the encrypted data, whereas e2ee ensures that only the user and the intended recipient can decrypt and read the data. This means that even the company’s servers cannot access the data, providing an additional layer of protection for sensitive health information.

Given that health data is extremely sensitive, implementing e2ee would provide us users with greater confidence in the security and privacy of our personal information. This upgrade would be a useful improvement for users who value their privacy and want to ensure that their health data remains confidential. By adopting e2ee, Bearable can further demonstrate its commitment to protecting user privacy and maintaining trust with its users.

Given the complexity involved, could incorporating e2ee into the Bearable app be considered for a large future update? As obviously a change to facilitate e2ee would require significant technical architecture changes to the app and server infrastructure.