privacyguides.org/.github/CONTRIBUTING.md

Contributing Guidelines

Please read this document in full before contributing.

• Rules
• Quality over Quantity
• Software Criteria
  • Main (All Software)
  • Providers
    • DNS
    • VPN
    • Email
  • Hardware
  • Software
  • Encryption
  • Operating Systems
• Images
• Licensing
• Contributing via email

Rules

• Be nice and respectful.
• Be constructive.

Quality over Quantity

We're trying to keep it simple and promote the best tools, not all of them.

Something meeting the below criteria does not automatically qualify it to be included on the site!

Software Criteria

Primary Requirements

• Privacy respecting (duh!).

Primary Recommendations

• Open Source / Free Software.
• Prioritize Products without Vendor Lock-in (decentralized/self-hostable) or data interoperability.
• Cross-platform / Accessible.
• Easy to use. Could your mother use that tool or service? Usability is most important.

If no software exists in a certain category that meets all these criteria, exceptions can be made on a case-by-case basis.

Service Provider Information

• Products and services listed as "Providers" SHOULD be prioritized primarily based on their jurisdiction (i.e. how privacy-respecting the laws of their home country are).

DNS Provider Requirements

• MUST support DoH or DoT (DNSCrypt is great too, but there is already https://github.com/DNSCrypt/dnscrypt-resolvers which is directly supported by dnscrypt-proxy, so we don't consider it useful to list providers exclusively supporting it).
• MUST support DNSSEC (https://dnssec.vs.uni-due.de/ can test your current DNS provider).
• MUST NOT log IP addresses during normal operation (If your suggested provider ever logs, please compare its privacy policy with other servers on our table that keep logs).
• SHOULD support QNAME minimization (if you have access to the dig command, dig +short txt qnamemintest.internet.nl or Resolve-DnsName -Type TXT -Name qnamemintest.internet.nl if you are on Windows 10).

VPN

See https://privacyguides.org/providers/vpn/#criteria for full details, the following is an incomplete summary.

• MUST NOT be based in USA or UK.
• MUST be accessible via Open Source Software (e.g. OpenVPN, WireGuard).
• MUST Use Strong Encryption.
• SHOULD Accept Cryptocurrency.
• MUST have a no logging policy.

Email

See https://privacyguides.org/providers/email/#criteria for full details, the following is an incomplete summary.

• MUST Support SMTP SSL.
• SHOULD be accessible with standard/FOSS software (e.g. allows IMAP).

Hardware

• SHOULD be H-Node Class A or equivalent (if applicable)
• SHOULD prioritize hardware certifications like RYF, OSHWA, and OSI when available.
• SHOULD NOT lock users to a particular platform.

Software

• MUST be able to download over encrypted network (can be a mirror).
• SHOULD be Free and Open Source Software.

Encryption

• Only verifiable encryption is to be trusted

Operating Systems

• Must state if recommends, depends on, or offers non-free software (contrib)
• No Tracking Policy (opt-in analytics is ok)

Images

• SVG file format is strongly preferred. PNG files can be used as a fallback if images are too complex or otherwise unsuitable as a vector format.
• Provider logo dimensions are 384px x 128px (example)
• Tool logo dimensions are 128px x 128px (SVG example, PNG example)