—The computer security community has advocated
widespread adoption of secure communication tools to counter
mass surveillance. Several popular personal communication tools
(e.g., WhatsApp, iMessage) have adopted end-to-end encryption,
and many new tools (e.g., Signal, Telegram) have been launched
with security as a key selling point. However it remains unclear
if users understand what protection these tools offer, and if they
value that protection. In this study, we interviewed 60 participants about their experience with different communication tools
and their perceptions of the tools’ security properties. We found
that the adoption of secure communication tools is hindered by
fragmented user bases and incompatible tools. Furthermore, the
vast majority of participants did not understand the essential
concept of end-to-end encryption, limiting their motivation to
adopt secure tools. We identified a number of incorrect mental
models that underpinned participants’ beliefs.