Exploring User Mental Models of End-to-End Encrypted Communication Tools

End-to-end (E2E) encrypted communication tools can help users keep their communications secure from government or corporate surveillance. In this work, we conduct a quantitative survey (n=125) to assess general mental models and understandings of a hypothetical E2E encrypted communication tool. We find that the vast majority of respondents had adopted E2E encrypted tools in the real world, but lacked confidence and accuracy in their mental models of E2E encryption. Two key misconceptions include (1) three-quarters of respondents believing that their E2E encrypted communications could be accessed by unauthorized entities, and (2) one-half of respondents feeling that SMS and landline phone calls were more secure than, or as secure as, E2E encrypted communications. These findings raise concerns that respondents may not feel threatened by proposals of "backdoors" since they already feel that different entities can access their communications. More broadly, our findings suggest that the primary user-related challenge for E2E encrypted tools may no longer be adoption, but helping users who already have these tools avoid sending sensitive information over less secure channels.