Add end-to-end encryption/zero-access encryption


What is the general goal of the feature?
To provide enhanced security and privacy to projects handling sensitive data

What are the most likely user stories for how and when this would be used by someone on your team?
Organizations who work on sensitive data (gender-based violence, human rights violations, criminal proceedings, etc) would have access to a data-collection system where even the system administrators cannot access any of the data. Only authorized users (project admins) can create and view forms, read the data collected, see and manage users. The current encryption scheme in KoBo falls short for several reasons:

  1. It is complex and inaccessible to the average user

  2. Only the data is encrypted—forms and users, which can in themselves be very sensitive, remain in the clear

  3. It renders the data analysis and reporting features of KoBo useless

Can you sketch out graphically how you think this should look/work in practice?
There would be no visual difference to the way the data collection process works

What can you contribute to making this feature a reality?
Feedback, testing