Privacy by design: Protecting privacy in the digital world

Privacy by design, however, does not mean disconnecting from the online world and putting on a tinfoil hat — far from it. “There’s already a lot of data stored about each and every one of us — the things we buy, the food we eat, the health issues we have — and for each of these market segments, there are perfectly legitimate uses for that data,” adds Crowcroft. “Collecting healthcare data is fantastically useful for tracking pandemics, preventative care, more-efficient treatment, public health — those are all perfectly reasonable and positive uses for big data. At the same time, most sites gather information in order to target ads more accurately, and most people are actually okay with that. So the question then becomes, what is privacy by design?”

“What we’re trying to do is develop processing frameworks that would allow this data to be useful and to be used, without the somewhat creepy feeling that you’re constantly being watched,” says Crowcroft’s colleague Dr. Richard Mortier.

The type of system that Crowcroft and Mortier envision is one in which the user has the scope to allow access to their data on a case-by-case basis, rather than it be harvested whether they like it or not: computations are performed where the data is gathered, and the results are pushed back to the organization that wants the data.

“We can change the big data problem completely by moving where the data is processed,” explains Mortier. “Rather than having systems where all of the data is gathered in some huge central location and processed, if you reconstruct the system so that the data is processed in the same place it’s gathered, individuals would be able to take some of the control of their information back from corporations and surveillance organizations. Instead of one huge central processing node, we want to see billions of smaller nodes, which would make information quicker to access, and could potentially be stored at lower overall cost.”

The release notes that Crowcroft and Mortier have designed and partially built systems where a person’s data stays local to them, and they can have the option to decide what is shared and with whom. For example, a patient can share their healthcare data with their GP, but the GP would have to get authorization from the patient before sharing that data with a pharmaceutical company.

“People realize they’re being marketed to, but I don’t think they realize the scale of it — it really is a hidden menace,” says Crowcroft. “The point is that we could build systems that could stop that completely, and re-enable it on the basis of a level playing field. We want to see systems where people have agency over their data, giving them the ability to allow or prevent certain types of access.”

Contrary to what some people may assume about the nature of digital life, adds Crowcroft, the vast majority of people highly value their own privacy. He points to the launch and then recall of Google Glass, a wearable computer worn like eyeglasses. “People started wearing these things into restaurants and other diners wouldn’t put up with it, because they didn’t want to be recorded while eating their lunch — it really creeped people out,” he says.

“And that’s in a public space: imagine the same sort of thing happening in a private space. It’s about the asymmetry and the idea that this is being done to you and you have no comeback. The problem with digital infrastructures is you don’t see them, and to a certain extent companies depend on people not understanding them — we can build systems where there are mechanisms through which they can be understood.”

Crowcroft and Mortier recognize that they will never convince everyone to ditch cloud computing and switch to a decentralized system. This is not their goal, however. “It takes a while to show that new ways of doing things can really work,” says Crowcroft. “If these sorts of systems become a reasonably widely used alternative, it will go a long way towards keeping companies and cloud storage providers honest. The very small number of providers leads to the exploitation of the network effect, where they have a strong monopolistic position over a certain type of data. And monopolies are not good for economies. If a decentralized system is more ethical, enough people using it may incentivize the big providers to be more ethical too.”