This message will self-destruct in three seconds…

Foto: deyangeorgiev | Photocase

More and more US companies are finding that encrypted communication is a selling point. Not only is this good for their balances, it’s also good for our democracy: on today’s internet real privacy is becoming an ever-scarcer commodity.

When the US government announced in October 2015 that they were ruling out in advance a law that would give them access to encrypted communications and data—known as “Key Escrow”—they made sure they had a plan B. FBI director James Comey gave the go-ahead for intensified discussions with the industry. In order to be able to fulfill its role, he argued, the FBI required access to their data, as criminals and terrorists are increasingly turning to the internet and encryption for their communications.

According to Comey, these discussions with the private sector seemed to be going well: the CEOs of tech firms, he said, are all people who have America’s security interests at heart. However, they also value privacy and civil liberties. Similarly, in the wake of the Snowden scandal, the US government has been at pains to show how seriously it takes civil rights and the privacy of American citizens.

Radical new thinking

But as dearly as Silicon Valley tech companies may long for government contracts, they are hardly willing to hand over their customer data to the authorities. This is about more than mere political calculation. Silicon Valley has found that privacy and data protection are a business model, and is rigorously following this strategy by opposing legal and regulatory encroachment, not only with armies of lawyers, like Apple, but also with technology.

Internet companies have caught up with Privacy Enhancing Technology, or PET, after being strongly criticized for giving the government customer information as required under the terms of legal warrants. Many, like Amazon, Google and Facebook, offer their customers the option of encrypted communications. Whatsapp has opted for the encryption method which made Signal—developed by cyberpunk Moxie Marlinspike—the most secure app for electronic communication and telephony available. “In five years we will probably look back in astonishment and wonder how we were ever so stupid as to send unencrypted messages online ”, says Gerhard Eschelbeck, Google’s chief of security.

Some companies take care to ensure that they neither have access to the encrypted communication, nor to the encryption key. That way, they will be able to comply with the legal requirements of the FBI, and hand over the client data—encrypted and without a key.

Mission ANON

Anonymity protects lives, and not only those lives of criminals and terrorists. Privacy is vital to the health of a democracy, but the framers of the US constitution clearly did not reckon with the internet. Studies are providing more and more evidence that it is not possible to use the internet anonymously, neither by means of social networks nor smartphones, which systematically and constantly collect their users’ information. This was demonstrated by an evaluation of publicly-accessible—anonymized—data from New York taxi companies by Anthony Tockar of Neustar Research. He cross-referenced this with the—also public—electoral roll. This has allowed him to identify well-known visitors to the Hustler Club. Including their private addresses.

Likewise, a group of MIT scientists headed by Yves-Alexandre de Montjoye have been able to cross-check anonymized credit card bills. Using nothing more than a list of figures from three monthly statements, without user name, card number or other personal information, the scientists were able to match the transaction data with publicly-available information in order to find out the customers’ names and addresses—and they were able to reconstruct their entire shopping history. Only four invoice items were necessary to unambiguously identify 90 percent of credit-card holders. Often a photo of people drinking coffee together on Instagram, a tweet about a newly-purchased smartphone or a single credit card payment as all that was needed.

Anonymity online: impossible

But the word “impossible” is simply not a part of the vocabulary of Silicon Valley. Craig Federighi, Vice President Software Engineering with Apple, announced in his keynote speech at Apple’s Worldwide Developers Conference in San Francisco that Apple practices what he calls “differential privacy”.

And even if Federighi didn’t give away any technical details, it is clear that Apple intends to use new methods and technologies to shore up its position as Silicon Valley’s privacy champion. First, by using end-to-end encryption for iMessage and Facetime. and now with differential privacy. Add to this the company’s efforts, as outlined by CEO Tim Cook, to preserve as little user data as possible on its servers.

Behind the announcement of differential privacy, though, lies another message: that Apple is still saving user data. The method used is designed to permit the evaluation of large volumes of data without opening any back doors to individual data sets. Differential privacy means that the data sets are set amongst a kind of noise which defamiliarizes them but does not influence the result of the statistical evaluation. In its simplest form, differential privacy can be achieved by means of hashing. The pioneer of the method, Cynthia Dwork, is still active in the industry: she works for Microsoft Research.

Homemade 
Mission Impossible

Other ideas are still waiting to be tried out in practice, such as homomorphic encryption: a kind of holy grail of cryptography, which involves database enquiries being done in encrypted form, so that the analyst or analysis algorithm never sees the original data. Or secure multiparty computation, which recalls the secret system which was used for translating the Bible, whereby data sets are divided out and distributed across different points (such as databases). No-one has access to the entire database, or to the full data sets.

While anonymity can be very expensive to implement for databases, big data or health data, it can be achieved relatively easily in everyday use. Here the target is throwaway, ephemeral communication, where the short lifespan of the information is in focus. Internet companies like Twitter, Microsoft or Facebook support the social trend with transient messaging and specially-designed security measures. Businesses, security experts say, often fail to automatically delete emails after 90 days. Instead of emails, colleagues would prefer to use chat or services like Snapchat, so that their messages are automatically deleted upon reading.

That seems like a scene from Mission Impossible, but the idea is clear: data which doesn’t exist can’t be stolen, misused or compromized. The business of data protection is booming. The demand for self-deleting photos and videos is so high amongst individual consumers that Snapchat is valued at nearly 25 billion US-Dollars.

While businesses in Germany and Europe are still hoping to make big money from big data, the Silicon Valley companies are already a step ahead. They are opting for a new business model: collect NO data at all. That is, at least not data that’s not good for business.


“Das Netz – digitalization and Society. English edition” gathers writers, activists, scientists, politicians and entrepreneurs to think about the developments of our digital life. More than 50 contributions reflect on the digital transformation of society. It is available as a free PDF. Download here!

Aleksandra Sowa

Aleksandra Sowa

People have secrets, and that’s a good thing. Dr. Aleksandra Sowa, alongside the German cryptologist Hans Dobbertin, founded and led the Horst Görtz Institute for Security in Information Technology; she is the author of various books, a speaker, data protection commissioner and an IT compliance manager. As an essayist for the debate magazine The European, and columnist for the newspaper Neue Gesellschaft—Frankfurter Hefte she defends the idea that privacy should remain private and secrecy secret.
Aleksandra Sowa

Latest posts by Aleksandra Sowa (see all)