PrivacyThe Brandeis program: Harnessing technology to ensure online privacy

DARPA the other day announced plans to research and develop tools for online privacy, one of the most vexing problems facing the connected world as devices and data proliferate beyond a capacity to be managed responsibly. Named for former Supreme Court Justice Louis Brandeis, who, while a student at Harvard law school, co-developed the concept of a “right to privacy” in a seminal article under that title (Harvard Law Review, December 1890), the new program seeks to explore how users can understand, interact with, and control data in their systems and in cyberspace through the expression of simple intentions which reflect purpose, acceptable risk, and intended benefits such as “only share photos with approved family and friends.”

The right to privacy, as Brandeis argued in 1890, is a consequence of understanding that harm comes in more ways than just the physical. Brandeis was reacting to the ability of the “instantaneous camera” to record personal information in new ways. Since then, the ability of technology to collect and share information has far exceeded judicial and social expectations. DARPA says that the goal of its newly launched Brandeis program is to enable information systems that would allow individuals, enterprises and U.S. government agencies to keep personal and/or proprietary information private.

“Democracy and innovation depend on creativity and the open exchange of diverse ideas, but fear of a loss of privacy can stifle those processes,” said Dr. John Launchbury, DARPA program manager. “We aim to develop methods that can help protect private information without having to impose cumbersome protective mechanisms that ultimately deplete the larger value of the information at hand.”

Existing methods for protecting private information fall broadly into two categories: filtering the release of data at the source, or trusting the user of the data to provide diligent protection. Filtering data at the source, such as by removing a person’s name or identity from a data set or record, is increasingly inadequate because of improvements in algorithms that can cross-correlate redacted data with public information to re-identify the individual. According to research conducted by Dr. Latanya Sweeney at Carnegie Mellon University, birthdate, zip code and gender are sufficient to identify 87 percent of Americans by name.

On the other side of the equation, trusting an aggregator and other data recipients to diligently protect their store of data is also difficult. In the past few months alone, as many as eighty million social security numbers were stolen from a health insurer, terabytes of sensitive corporate data (including personnel records) were exfiltrated from a major movie studio and many personal images were illegitimately downloaded from cloud services.

“Currently, most consumers do not have effective mechanisms to protect their own data, and the people with whom we share data are often not effective at providing adequate protection,” said Launchbury. “The goal of the Brandeis program is to break the tension between maintaining privacy and being able to tap into the huge value of data. Rather than having to balance these public goods, Brandeis aims to build a third option, enabling safe and predictable sharing of data while reliably preserving privacy.”

The potential impact of the Brandeis program is significant. Assured data privacy can open the doors to personalized medicine by discovering, for example, hidden correlations between genetic information and the relative effectiveness of different therapies; smarter and more efficient cities where buildings, energy consumption and traffic controls are all optimized minute by minute; crowdsourced collections of publicly useful data about the environment, weather and emergency situations; and fine-grained Internet awareness and protection where every company and device instantly shares network and cyber-attack data. Without strong privacy controls, none of these possibilities could come to full fruition.

The Brandeis program is structured as a four-and-a-half year effort, split into three 18-month phases. Each phase will result in the demonstration of experimental systems that show privacy technologies at work. For more information about Brandeis, please refer to the Broad Agency Announcement.

— Read more in Samuel D. Warren and Louis D. Brandeis, “The Right to Privacy,” Harvard Law Review 4, no. 5 (15 December 1890)