We can already see a glimpse of what tomorrow’s internet will bring. I book a train or plane ticket, and my email provider scans the receipt that is emailed tome. Then on the day of travel, my phone alerts me that I need to leave for the train or airport at a specific time, as it knows where I am, and what the local traffic conditions are. This convenience is great, but the privacy and security issues are a big problem. It seems everyone wants to know where we are, what we are doing, and even what we are thinking. In addition “bad guys” could get hold of this information and use it for evil purposes, such as blackmail, bodily harm or even terrorism.
Furthermore, we have seen in the last couple of years sophisticated individual targeting of advertising campaigns and news articles (whether real or fake) so as to influence election campaigns and mold public opinion. The power of such micro targeting is something which mid-20th century dictators would have relished. Each person has a specific bias or concern, which when targeted correctly can push that person to support a desired political outcome.
This increase in “intelligence”, decrease in privacy, and increase in micro targeting is going to continue. Whether it be applications related to Smart Cities, or Smart Homes, or Personalized Health Care, or Automated Driving, or politics; the increase in convenience, utility and power seems to come inevitably with a decrease in privacy, an increase potential security risks, and a decreasing ability to make ones own independent choices.
There are three ways to mitigate the risk going forward as a society. In the first, and probably most important method, we need to educate end users more about what information they are giving up, and the associated trade offs they are making. Thus citizens will be able to make informed choices about how they interact with technology, and how technology influences them.
Secondly, we need to improve the legal framework under which organizations operate on the internet. Should we restrict what information organizations are allowed to collect on users (even with informed consent), should we restrict how data is used and stored, should we make deliberately misleading someone a criminal offence, and extend this to politicians and news outlets?
Thirdly, we need better technology to enable the utility of tomorrow’s internet to be combined with a respect for privacy, the individual, and protection of society. These so-called “Privacy Enhancing Technologies” are beginning to be deployed. Technologies such a “Differential Privacy”, which enables statistical inferences to be obtained whilst hiding information about individuals, are starting to become more practical. Unbound is at the forefront of these technologies, our expertise in Multi-Party Computation (MPC) can allow parties to compute on data, without ever seeing what it is.
As an example of how MPC could mitigate some of these concerns, lets return to the example at the top of this blog. There is no need for whomever, or whatever that is alerting me to go to the airport, to know where I am and where I am going. This is just an algorithm running, which combines data from various sources to obtain the desired outcome. We know how to execute such algorithms obliviously without seeing the data using MPC. The task is now to turn this potential application into reality.