Funny you should say that… it’s exactly what I’m thinking through at the moment.
There are plenty of other moving parts that we are working on at the same time, and which may come before it, but these are the chunky problems of the UX, so it’s always rolling over in my mind.
I think a major problem will be in language, and in the user mental modals which have become ingrained over the last 10-15 years; in particular what an ‘app’ is, and how it relates to my data. You can see the struggle with it in the Soild thread, and this is with deeply experienced people.
It’s just assumed that really, when we talk of apps (be them mobile apps, web apps, sovereign web apps, or a host of ‘connected’ desktop apps) that what we really mean, is “custodian of my data”.
What we’ll be moving (back) toward, is more like Tim’s first category; all apps are just tools to manipulate and find new ways of viewing my own data.
But, we’ll still have these overhanging mental models and linguistics—phrases like “allow this app to access my photos”—with strong connotations, and implied requirement of trust, which are just totally different.
On the whole things will be, by default, much safer, but the threats that remain will be quite different in their nature; which shifts the perception of risk, and makes user trust harder to achieve and maintain… hence the heavy burden which the UX has to bear.