For 17 years, we’ve prided ourselves on making 1Password a delight to use. But no product is perfect, and when I hear of someone getting stuck, I get curious. How can we fix it? How can we prevent that friction for future customers?
Today, we’re taking a step toward being able to better understand those moments by embarking on an internal, employee-only trial of our new in-app telemetry system. And, of course, we’re doing it the 1Password way – making sure it doesn’t compromise on our commitment to protecting your privacy and your data.
Here’s a quick summary of what’s happening:
1Password is beginning an internal test of our new, privacy-preserving in-app telemetry system. Initially, this functionality will be active only for 1Password employee accounts using the latest beta builds of the app.
No customer vault data can be seen or collected. We’re only interested in how people use the app itself, what features and screens they interact with – not what they store in their vaults, what sites they autofill on, or anything like that.
This data will be gathered from a randomized selection of accounts, de-identified, and processed in aggregate. This approach allows us to avoid associating telemetry data with individuals or accounts.
Customer accounts are not included for now. Once we’re confident it delivers on our privacy standards, we’ll announce a timeline for rolling telemetry out to customer accounts. At that point, we’ll also provide guidance on how you can opt out if you’d like to.
What this is – and what it’s not
These days, we know that collecting “analytics” and “usage data” is often an excuse to invade your privacy, so I want to make this very clear: that’s not what’s happening here.
We have always bent over backwards to avoid collecting any unnecessary information about you in our systems. We believe you fundamentally can’t have security without privacy, and it’s always been our mission to deliver both. Nothing about that is changing.
So why add telemetry? Why now? We often remind our customers that they can’t protect what they can’t see. The same principle applies to understanding what product decisions to prioritize.
Over the years, we’ve relied on our own usage in conjunction with your feedback to inform our decision making. This presents a challenge, though: we don’t know when you run into trouble unless you tell us. And sure, we have an extensive user research program, and listen to all of the feedback you share online and in conversations with our team.
But there are millions of people using 1Password now, often in cool and innovative ways! If we’re going to keep improving 1Password, we can no longer rely on our own usage and your direct feedback alone.
That’s why we’ve been working hard to find a way to collect the information we need to make better decisions, without putting your data or privacy at risk. The goal is to equip ourselves with the visibility needed to ship updates that solve real problems and make 1Password better for everyone.
Here’s how it works
As our investigation into gathering app usage data unfolded, it became obvious that none of the off-the-shelf solutions were the right fit for 1Password. We needed a system that didn’t come at the expense of our customers’ privacy.
The approach we’ve landed on is designed to keep usage data from being attributable to individual people or accounts. It simply allows us to see where we aren’t living up to the high standards for user experiences you’ve come to expect. These additional signals will help us prioritize our efforts so we can deliver those great experiences faster, and more reliably.
Here’s the gist of how it works: we’ll be able to gather only a small set of general events and interactions within our apps. Things like when you unlock the app, when you create a new item (but not its contents!), or when you use autofill (but not what sites you use it on!).
Furthermore, this data will be de-identified through a variety of methods, starting with being collected from a randomized group of accounts. The gathered data is then processed in aggregate to provide general insights only.
This approach prevents us or anyone else from associating telemetry data with individuals or accounts.
And, of course, once this functionality rolls out to customers, you’ll be able to control whether or not telemetry is active on your account.
What happens next
We want to be 100% certain we have this right before we consider rolling it out to customers. That’s why we’re testing it on our own accounts here at 1Password first.
Soon, the beta builds of our apps will include this new telemetry functionality. It only works on 1Password employees’ accounts, so there’s nothing you need to do at this stage. We just wanted to be transparent with you as these plans take shape.
We expect our testing and rollout to take some time, and we’ll let you know when we’re ready to roll things out to a wider group. In the meantime, if you have any questions or thoughts about this, please reach out and let us know.
As always, thank you for your continued trust and support. We don’t take it for granted, and we wouldn’t be where we are today without you.