Big Tech needs our data to offer the products we love so much — from customized Facebook feeds to improved Google search results to recommending Amazon products we’re likely to want or need. But over the last few years, reporters and regulators have learned that Big Tech companies are really bad at protecting that data.
One tech startup — Duality Technologies, founded in 2016 — admits that Silicon Valley has created a privacy problem, but thinks they could also solve the problem instead of resorting to regulators’ plans of breaking up Big Tech.
Duality’s solution? Homomorphic encryption. And some Big Tech companies are already interested in it.
For co-founder and CTO Kurt Rohloff, figuring out how to balance consumer privacy and tech companies’ need for data to provide better goods and services has always been a dilemma.
For example, using people’s medical data to conduct more research on cancer could get us closer to a cure, he said, but how do you make sure you aren’t compromising or exposing very personal medical data in the process?
“Where we’re starting to push on is to enable analytics more broadly while being computed, which is where some companies have started to go,” Rohloff told InsideSources. “A handful of academics and startups and big tech firms are developing a set of technologies called PETs, or privacy enhancing technologies, to allow people to share data privately and pull analytics without impacting privacy.”
This is where homomorphic encryption comes in. Homomorphic encryption allows a tech company to analyze people’s personal data while it is still encrypted. Hypothetically, this enables a tech company like Google to learn from its user data and improve products and services — like Google search results — without ever actually decrypting and seeing personally identifiable information (PII) like your social security number, or your mother’s maiden name.
Facebook’s recent foray into cryptocurrency technology (with the launch of Libra) means Big Tech could be interested in some of the privacy technologies — like homomorphic encryption — associated with blockchain and cryptocurrencies. (Some cryptocurrencies use homomorphic encryption.)
Just last month, Google rolled out a homomorphic encryption tool for its business partners. According to Google’s blog post accompanying the rollout, “This technology can help advance valuable research in a wide array of fields that require organizations to work together without revealing anything about individuals represented in the data.”
Rohloff calls it a “growth” of end-to-end encrypted messaging.
“Different versions of this technology have been around for a decade plus, it’s only been in the past three years that it’s become very active, and it’s become an area of the largest major companies,” Rohloff said. “The early adopters have been in the regulated data industries, like healthcare and finance, where there are very strong regulatory concerns. But what we’re seeing is that a lot of these liability issues and really embarrassing data breaches, like Cambridge Analytica, have been driving companies not necessarily in data-regulated industries to adopt these PETs to better protect themselves from liability and the privacy of their user base.”
The tech industry may still need strict privacy regulation, but Rohloff thinks PETs “could help in some very serious ways.”
“We’re starting to see this in our work in the financial industries,” he said. “Up until now, if big banks wanted to coordinate to fight financial fraud, they’d basically have to sign some very strong legal agreements and then share data in the clear to build up financial fraud cases. Now what we’re starting to deploy is banks’ ability to encrypt their transaction data so they can run joint analytics with no leakage of sensitive information.”
As tech companies continue to gather more data on internet users every second, software engineer Andreas Poyiatzis said its more important than ever that they address privacy concerns — with homomorphic encryption.
“Fast forward few years from now and imagine this fictional scenario: Facebook can use your chat history to give you a personal intelligent agent that can respond to chats in your messenger on your behalf with the exact same writing style as yours,” Poyiatzis wrote in a blog post. “Also, you can give Amazon all your banking details and roll out specifically crafted shopping/grocery lists (now that acquired Whole Foods) that match your financial status and preferences! A new genome company can use your DNA sequence to give you a detailed list of medicines that would work really well on you.”
“As you can see,” he added, “all of these come at a cost. The cost of giving away your privacy, to access all these services.”
Because homomorphic encryption can allow tech companies to continue to improve products and services while retaining user privacy, Poyiatzis thinks it will be the “cornerstone” of the future of privacy.
“PETs allows folks to have better control of data and less centralization of data clearinghouses and less trusted parties for performing joint analytics on data, which philosophically gets at some of the libertarian aspects of cryptocurrency and blockchain and things like that,” Rohloff said.