I added a feature request related to this topic, now knowing this conversation had unfolded. In it, I proposed Obsidian devs to require developers of plugins that send your notes to any external web services (not that interface with 3rd party services, nor that might introduce malicious code, though I acknowledge those are important security concerns too), to include as part of the development of their plugins a consent mechanism explaining to users why, where and how their notes are being sent outside the local first, security-oriented environment of Obsidian. Part of the response was:
Maybe I am not explaining myself correctly when I talk about a consent. A consent is not enforceable, its nature is informative with the goal to allow whoever consents with the appropriate, (hopefully) fair amount of information to make a decision. When we turn off restricted mode in order to install community plugins, we must consent to do this while being provided with useful, transparent information. I am speaking about this type of consent.
As a former Atom user, I know how difficult enforcing security can be technically speaking when dealing with Electron. But I find it disappointing that Obsidian devs cannot enforce a simple UI feature on plugin devs in order to allow all users, especially those without technical knowledge, to make an informed decision. Doing this should not affect any aspect of plugin development and, although it cannot guarantee that notes will be safe under any plugin it does signal Obsidian commitment to do as much as possible to protect user’s privacy. If this is a barrier for submission to a plugin developer, then maybe there is reason to not let said plugin hit the community store.
Yes, a “standardized pledge” would be a good step towards signaling a culture to developers, but my request is focused on providing information to users.