Dear reader,
1Password announced last week that they will enter a partnership with Perplexity, an American AI company, by making their browser extension available in Perplexity’s Comet browser. For those of you who may not know, Comet has a heavy focus on AI features, and it doesn’t respect its users’ privacy. Perplexity’s CEO Aravind Srinivas has described the goal of Comet as collecting all the data it can about its users, and then using it to create detailed user profiles that help to sell targeted advertisements. I guess the only good thing about it is how openly they talk about their data collection. It is deeply worrying how 1Password, a password manager company that for years has enjoyed a great reputation in the privacy and security community, is now establishing a partnership with a company whose browser is literally spying on its users.
A worrying direction
While I don’t see an issue with 1Password making its browser extension available for Comet users, the problem is that they are partnering with Perplexity and making it seem that Comet is a browser 1Password recommends. This impression gets reinforced when they send emails to their customers, promoting the browser. As a result, many people who trust 1Password might switch to a browser that violates their privacy behind their backs. This makes me question how seriously 1Password even takes its users’ privacy anymore.
Some people might argue that this partnership doesn’t matter because 1Password isn’t forcing anyone to use Comet, and even if some people choose to use it, the implementation seems solid security-wise. Is this even a partnership since the official announcement didn’t portray it that way? It certainly seems that it is when you add up the blog post, the promoting, and also this Reddit comment, where 1Password is defending the decision while using the word partnership multiple times.
1Password has defended this partnership by arguing that it’s about users’ choice and how people’s data will remain private. The problem is that neither argument can stand up to scrutiny. While you could say that 1Password is only allowing its users more freedom to choose their preferred browser, I think if 1Password was actually serious about respecting its users’ privacy, it could offer the extension for those who want to use Comet, but going as far as promoting it, and starting a partnership crosses the line, and makes it clear how 1Password values more its financial interests than its users’ privacy. Also, their claim of how people’s data will remain private is highly questionable when the whole point of Comet is to collect as much of its users’ data as possible, and then sell it for targeted ads. I’m curious about how 1Password thinks people’s data will stay private in this situation.
I'm not surprised
For many years, 1Password has put its focus on the enterprise market, while regular people have been left with little attention. They have also received $920.1 million of venture capital funding to help with this. The problem with VC funding is that it encourages companies to focus heavily on their growth, so that their investors can make a profit. This partnership with Perplexity didn’t really surprise me since it gives 1Password a financial opportunity to benefit from the AI boom. This is a shame because it further moves 1Password away from its privacy-focused company culture to one where growth will always be the top priority.
What does all of this mean?
It’s up to you to reach your own conclusions about this. Personally, I’m not a 1Password user, and this partnership has only reinforced that decision. I think it is important that we don’t neglect news that doesn’t cause immediate concern for our own privacy as even in this case, the users who don’t understand the consequences of giving out their data to Perplexity will suffer the most harm.
For me, the more interesting discussion surrounds the broader culture at 1Password, and whether its values regarding user privacy are at a turning point. At least this partnership has made me seriously question how 1Password sees its role in advancing its users’ privacy because right now it seems like they don’t understand the implications of this decision, and how big of a privacy blunder it is. It is time that they took a long and hard look at what their priorities are, and if privacy can be a part of that. But trying to portray anti-privacy decisions as privacy-respecting is deceptive and makes the entire company look bad. 🌔
Updates
Someone on the Ars OpenForum shared how 1Password has been deleting comments from their forum that have criticized the partnership. If you’re a 1Password user, I would encourage you to think twice if this is a company you want to continue to support with your subscription.