In 2017, Blockstack CEO Muneeb Ali started using the phrase "can't be evil" as a blockchain, decentralization-first retort to Google's old "don't be evil" motto. It caught on in crypto. People loved it. Blockstack bought billboards and even bought a domain (no defunct). It took a couple of years, but the phrase has gone (web3) mainstream.
The problem with the messaging is two-fold. One, it's false. Two, it is exactly the type of marketing message every marketing 101 student is taught to avoid.
Let's start with the validity of the message. The idea that apps can't be evil or that people can't be evil just because they use blockchains is provably false. I could write a smart contract and disguise it as a legitmate NFT minting contract. I could choose not to publish the source code. I could set up a website with a mint button. I could watch as the smart contract takes user funds while giving them nothing in return. It's a scheme that would be caught pretty quickly, but it's one that blockchain does not prevent. At best, open ledgers allow apps and people to "not be evil without being caught easier."
Taking this a level deeper (or higher, depending on your view of the application stack), the client application a person is using to interact with web3 technologies can violate your privacy, install malware, steal password, and more. There is nothing about a blockchain that inherently prevents someone from being evil. Protecting against evil is a claim that cannot be supported, which leads me into my next point.
Selling the value proposition is the best way to market to most audiences. Can't Be Evil feels more like selling a feature. Or selling an ideology. If the value proposition is Can't Be Evil, on what is the consumer actually making a decision? Are they truly making a choice between evil and not evil. Logic tells you (and them) the answer is clearly no. So, if Can't Be Evil is the marketing strategy, it's a losing one.
The messaging also sets the target market up for high churn potential. If you do manage to sell an audience on the ideology of Can't Be Evil, what happens when they experience something they perceive to be evil? A hack of a smart contract is a result of bad code, right? That doesn't count. The developer wasn't evil. The app wasn't evil. But in the mind of the person affected, something evil happened. But you promised Can't Be Evil. The likelihood that someone who came to web3 on the promises of Can't Be Evil stays after something like this is slim.
As the FTX saga unfolds, many will double- and triple-down on the phrase. They will use FTX as an example of on-chain functionality and true decentralization acting as a protective layer. But as long as humans are expected to understand the code that powers decentralized applications and on-chain commerce, then there is an opportunity for evil.
FTX was centralized, but what if a new-to-crypto user was lured in with the Can't Be Evil messaging. They dipped their toes in the water of a centralized exchange because it was the most straightforward path to getting their first bits of crypto. This is nice, they thought. This is safe. When FTX loses all of that person's money, do you think they are going to care that they "didn't do it right"? That they didn't actually participate in DeFi? They are going to remember they were promised something and it didn't live up to their expectations.
Can't Be Evil as a marketing strategy sets the entire space up for failure.