Designing software that protects people’s privacy

Disclaimer: among many other, this article has references to a project for which I am the co-founder. If you are annoyed by discrete but shameless plugs… well, oopsie!

By this time Valentine’s Day has come and gone. Love birds went out on a special evening and hopefully spent a fantastic time together. You, Reader, might have done just that with your significant one!
Now, try to remember with precision all those great, intimate moments you had that evening… including how that special night ended. Got them?

Now  write them all down and post them in the comments below. Don’t miss any details! We want to know it all! What have you got to hide anyway?

Are you insane? That’s none of your business!

Of course it’s none of my business! That’s between you and your loved one, that’s how it should be! The bad news, though, is that much of what defines you and your couple is already out for sale.

When the Internet became widespread around the mid-1990s it allowed people around the world to break those geographic barriers and freely exchange information. To say that it opened many doors is an understatement! Today, however, the Internet is becoming a mass surveillance tool used multiple parties to identify and monitor users’ habits. The original dream is over.

This is the consequence of the huge amount of information we produce on the web, dear Readers. Just have a look at how much data we generate per minute. In 2013 the SINTEF estimated that 90% of the world’s data was generated over the last two years. That was before the reported data explosion of 2014, and before we bring IoT data to the equation. Let’s not even go into the information sold about you by mobile carriers (without your knowledge, of course).

Who can actually access your data?

So who’s gathering data about you? Let’s see:

So Big Data is here to stay, and although we cannot extract understanding from it (yet!), we can use prediction algorithms to extract patterns and verify assumptions. Needless to say, this can be a fantastic tool… Unless it is applied to you!

But let’s back up a bit here and ask ourselves who can actually access that information.

Then again, what could go wrong? Life goes on, I’m with the good guys, I’ve got nothing to hide. Right?
I wouldn’t be so sure.

Knowing you

By gathering all that information you are essentially being profiled. Whether it is by snooping on your messages or by analyzing your phone logs, your profile is giving away your religious, political or even sexual inclinations… among others!

It used to be your family and best friends who would know so much about you. Not anymore.

Don’t forget that systems are regularly hacked and databases leaked, perhaps with comic consequences. Many times however it has a direct impact on you or your family. In extreme cases, it can end up in tragedy.

More worrying is the propension of government agencies to profile you, the citizen. The counterintelligence argument does not explain why they keep on gathering data over ordinary Internet users. Or spy on journalists. The CIA even invests in data mining tools to browse through those large datasets! And if you think you’re safe in Europe… think twice.

Why is my privacy so important?

Your privacy, your secrets, all those little things that you keep for yourself are defining you as a human being. Whoever profiles you is in essence stripping you from your identity. What remains is a malleable entity whose parameters are known and modifiable at one’s will.

Whoever knows enough about you can influence you, like a good friend who knows which buttons to push.

If you search “newborn” on Google, you might end up with ads about diapers on… Facebook. It’s called remarketing/retargeting: sharing information to trick you into buying something specific. It’s not new, but it’s quite manipulative when you think of it!

But then what should we make of Facebook’s insidious and unethical experiment in 2012, on manipulating people’s moods? It makes you wonder how far-fetched is the debate on whether the social network could have tilted the US election. After all, it does have that power, does it?

All this is perfectly suiting the undisputed king of “alternative facts”, Donald Trump. The expert of TV ratings pretty much understands how to steer the public opinion. He’s not the first one to push for an extensive surveillance apparatus. But what is worrying is how he openly requires access to your social networks accounts (so long for Facebook privacy settings!), eventually leading to your device being confiscated in order to make a copy of your data on it.

There is now little doubt on whether all this information is shared, either with other government agencies or with foreign countries.
And if you think you’re safe in Europe, you might be interested to know that your privacy rights as a non-American have also been completely disregarded. Angela Merkel might tell you one or two things about it.

Finally, the consequences of knowing that you are constantly tracked and under surveillance lead to self-censorship, according to this PEN research. In other words: if you think something is wrong with the way things go, you are now less inclined to raise awareness on it.

That last one might be the most worrying part.

Trust no one but the ones you want to trust: privacy by design

So we come to the core of the issue: who can you trust to access your data? The answer should be obvious: trust no one.

It is not a question of paranoia. It all comes down to one thing: we are all humans.
Humans can make mistakes, which is why IT systems are hacked.
Humans can be mean or be attracted by quick profit, which is possibly what led US and UK police forces to abuse confidential databases.
Humans can have an opinionated view on how to make a business successful, which is why SaaS companies opt for Big Data (and the ethical risks that come with it) to ensure a successful growth.

Sometimes companies start with the best intentions, before giving up after being acquired. Sometimes a whole business is built on dubious ethical grounds. Also, legitimate services can be compromised by their own governments, as Lavabit’s founder Ladar Levison experienced in 2013!

Is it a lost cause then? Maybe not…

Back in 2014, two developers agreed that a person’s privacy should be protected no matter what the circumstances are. Whether the system is hacked or subpoenaed, the user’s data should be kept confidential. It should go as far as preventing the system owners from changing their minds and start exploiting the content of their databases to generate benefits.

This can be achieved by what is called “privacy by design“. It implies designing the system with users’ privacy at its core, examining any functionality to see whether it compromises data, or even testing the removal of security layers and see what information is consequently leaked.

The result of that experiment became Seeld: a messaging application using a privacy-centric design and multiple encryption techniques in order to protect the confidentiality of the exchanged data against intruders, governments and… against ourselves, the system administrators!

Are we succeeding? Well, the road is long and we are still young.
But we are picking up encouraging signs that we did something right. For example we recently logged into our production database and were technically unable to count how many messages our early adopters had exchanged so far. That information is simply not accessible, not even to us.
We take that as a good thing!

But the best news is: any developer in the world can design for privacy!
It essentially consists in rethinking the design of the software, solving the right technical issues and assuming that, at any moment, someone could break your security layers. Easier said than done of course, as it certainly makes the programming much more difficult. Then again, maybe one can start by simply hashing those passwords and encrypting user information.

Should all companies and startups walk that path?
One could argue that data mining is still an effective and lucrative business model. But there’s a growing awareness on privacy issues on the Internet, so it’s a bet we are willing to take.

Nothing to hide, really?

Then again, maybe you have watched Glenn Greenwald’s TED talk and are still convinced that good guys have nothing to hide?

Never mind then. Let’s go back to your Valentine’s evening with your loved one.

Everything went perfectly well, and you decided to drive back home. Candles were lit, the mood became Barry White-sweet and you ended up in each other’s arms.

Forget all those concerns about privacy and stuff. The Ministry of Truth will fix History, while the Ministry of Love will keep on watching over you, courtesy of your Smart TV.

Who said dystopias are works of pure fiction?

 

Leave a Reply

Your email address will not be published. Required fields are marked *