See https://forums.zotero.org/discussion/14254/sync-password-sent-in-clear-text-or-encrypted/

For local storage, wouldn't it be better to just encrypt your entire hard drive?

Not sure what you mean by "policy implementation" — we're obviously not going to sell your data.

But client-side encryption is another matter. The thing that people tend to overlook is that client-side encryption is incompatible with web-based access to data. You can't — and couldn't, securely — access your bookmarks online with Firefox Sync. It'd be the same with web-based access to your Zotero libraries, which is a big part of the appeal of Zotero for many people. (Some services offer selective web-based sharing, but the only way to do that is by sharing your key with the service.)

I'd personally love to offer the ability to enable client-side encryption for particular libraries, with the understanding that doing so would disable web access for those libraries. That'd be a huge amount of work, though, and ultimately the demand for such an undertaking just isn't there. So short of lots more interest, grant funding, or someone taking it upon themselves to hack this into the client and server, it's pretty unlikely. (And any such implementation would also require review by a cryptography expert.)

I support the idea of having the option of client encryption. I believe I would trade web-access for encryption for many of my libraries. Privacy on the net is really a concern nowadays. I'd like to have control of what personal information I share with others.

Essentially, data stored in groups would still have to be left unencrypted.

I'm not sure that's true, but certainly it'd be a lot more complicated.

@Dan, out of curiosity, does Zotero employ any sort of de-duplication strategy for metadata (probably not) or file storage on the server?

No for metadata. For file storage, yes, identical files are only uploaded once, globally for all users, based on the file hash. So the user advantage is that repeat uploads or uploads of files that other people have uploaded are instantaneous. The privacy implication (if that's what you were getting at) is that it's technically possible to know if a specific given file has been uploaded by anyone previously.

So in order to receive the key you would have to establish a direct secure connection to the library owner's Zotero client. The alternative is that the library owner can give you the key through other channels in a form of group library password perhaps.

Right. I'm not saying the usability would necessarily be great, but at least for some uses — for example, in a lab/office — exchanging a setup token out-of-band (as in Firefox Sync's key exchange) would be pretty feasible. I imagine there are even better options — we wouldn't be the first people to want a group key exchange protocol. But that's where the cryptography experts would have to step in, and a small indication of how serious an undertaking this would be.

Realistically, this isn't going to happen without grant funding, but I have no idea how interested funding organizations would be in a project like this. One concern I have is that it's not clear to me that client-side encryption of data that's then synced to Zotero servers would even be compatible with institutional policies that currently prevent certain groups from using Zotero (and that motivate some of the attempts to run the Zotero dataserver code). And I don't know how the population of users under such policies compares to the population of casual users who simply don't want to upload unencrypted data to an external server.

I think this is probably the main reason why SpiderOak's file sharing functionality is so poor.

I haven't used SpiderOak, but my understanding is that you actually decrypt the content and store it with them in order to share. So they're basically avoiding the problem.

No, but I was thinking how this functionality would have to be sacrificed for locally encrypted files. Not a huge deal I suppose, but still.

True. Encrypted libraries would definitely cost us more, though I'd say we see deduplication largely as a nice optimization (for us and for users) rather than as a fundamental design requirement.