Continuing the discussion from Describing the project more accurately:
I can think of several types of privacy breaches we could protect users from:
- data leaving the home network unnecessarily
- data leaving the home network for a reason, but without the user knowing/understanding this
- data from one user account being visible to another user account
- privacy of people who are in the house, being compromised using the Link Box as a spying tool
- accidental breach of privacy due to user error
- accidental breach of privacy due to malfunction/vulnerabilities (within home network)
- accidental breach of privacy due to malfunction/vulnerabilities (outside home network)
- unencrypted uploaded data being accessible to governments without warrant (fourth amendment only protects your home premises)
IMHO having a clear definition of what we mean by ‘project link protects your privacy’ is a prerequisite for making it true. We should also be self-critical, and recognize that we’re not there yet.
Btw, I recommend the Wikipedia page on the topic, especially the discussion of privacy vs. secrecy, and this quote - maybe we can learn from it 
A major selling point of dial telephone service was that it was “secret”, in that no operator was required to connect the call.