Method to keep private data private proves perfect

November 2018

Professor Dan Boneh is the Rajeev Motwani Professor in the School of Engineering and head of the Applied Cryptography Group. He and advisee, PhD candidate Henry Corrigan-Gibbs, developed a system called 'Prio.' Their data privacy system aims to allow data collection to be strictly device data, not personal data.

Many internet-enabled devices need to know how people use their products in order to make them better. But when faced with the request to send information about a computer error back to the developers, many of us are inclined to say "No," just in case that information is too personal.

The Applied Cryptography Group, has developed a new system for preserving privacy during data collection from the internet. Their technique emphasizes maintaining personal privacy.

"We have an increasing number of devices – in our lightbulbs, in our cars, in our toasters – that are collecting personal data and sending it back to the device's manufacturer. More of these devices means more sensitive data floating around, so the problem of privacy becomes more important," said Henry Corrigan-Gibbs, a graduate student in computer science who co-developed this system. "This type of system is a way to collect aggregate usage statistics without collecting individual user data in the clear."

Their system, called Prio, works by breaking up and obscuring individual information through a technique known as "secret sharing" and only allowing for the collection of aggregate reports. So, an individual's information is never reported in any decipherable form.

Prio is currently being tested by Mozilla in a version of Firefox called Nightly, which includes features Mozilla is still testing. On Nightly, Prio ran in parallel to the current remote data collection (telemetry) system for six weeks, gathering over 3 million data values. There was one glitch but once that was fixed, Prio's results exactly matched the results from the current system.

 

"This is rare example of a new privacy technology that is getting deployed in the real world," reports Dan, "It is really exciting to see this put to use."

 

Excerpted from Stanford News, "Stanford researchers develop new data privacy technique" November 1, 2018.

Related News: