Irene Knapp, a former Google privacy expert, discusses Privacy Enhancing Technologies that protect personal data while still allowing for data insights. She shares insights into Google's privacy approach and her experiences at the company. Topics include secure multi-party computation, zero-knowledge proofs, and the challenges of balancing privacy with data collection in the age of AI.
Differential privacy adds noise to data for anonymity, balancing utility and protection.
Homomorphic encryption allows computations on encrypted data, promising secure data processing.
Secure multi-party computation combines data without compromising privacy, fostering collaborative information analysis.
Deep dives
Irene Knapp's Experience at Google's Privacy Department
Irene Knapp, a former Google information privacy expert, shares insights from her five years at Google's privacy department. Initially attracted by the company's ideals, Irene faced challenges advocating for user privacy due to internal strife between employees and upper management. This turmoil led Irene to believe that change must come externally, prompting her departure from Google.
Privacy Enhancing Technologies (PETs) and Differential Privacy
Privacy Enhancing Technologies (PETs) like differential privacy aim to balance data utility with privacy protection. Differential privacy adds calculated noise to datasets to prevent individual identification, crucial for scenarios like census data. This approach addresses the challenge of releasing useful data while safeguarding individual privacy, ensuring a balance between data analysis and data protection.
Potential Applications of Differential Privacy and Challenges of Homomorphic Encryption
Differential privacy finds applications in healthcare and disaster management, where aggregated data insights are vital without compromising individual privacy. However, the complexity of applying differential privacy on individual records raises challenges, emphasizing the need for stringent data protection measures. On the other hand, homomorphic encryption, allowing computations on encrypted data without decryption, holds promise but requires further development before practical application.
Utilizing Privacy Enhancing Technologies for Data Processing
Employing technologies like secure multi-party computation to combine data from separate sources while ensuring privacy is a promising way to process information without compromising individuals' data. These methods involve sophisticated encryption techniques that facilitate data comparison without revealing sensitive details, ensuring mutual agreement on shared criteria like common preferences without the need for full data disclosure.
Importance of Regulatory Scrutiny in Data Protection
Regulatory oversight plays a crucial role in holding companies accountable for data processing practices. The discussion emphasizes the significance of regulatory scrutiny to address privacy concerns effectively. By enforcing regulations and ensuring transparency in data handling, companies are compelled to prioritize public interest over profit motives, fostering a culture of responsible data management and innovation within the industry.
We're generating a ridiculous amount of data every day. Much of it is highly personal and that's dangerous. But there are actually several Privacy Enhancing Technologies that may allow us to use this personal data to improve our collective quality of life without ruining the privacy of the data subjects. I'll be discussing these PETs with Irene Knapp who spent five years working in the privacy department at Google. I will also spend a good bit of time asking them about what it's like working at Google and get some insights about the company's approach to privacy from the inside. (Spoiler: it's not good.)
Interview Notes
Internet Safety Labs: https://internetsafetylabs.org/about-us/
Irene’s Google departure post: https://medium.com/@Irenes/on-the-occasion-of-leaving-google-b8c7029c8d8b
Coworker.org: https://coworker.org
Google loses privacy chief: https://www.techspot.com/news/103268-google-privacy-chief-head-competition-law-leaving-not.html
Further Info
BOOK SURGE!! https://fdsd.me/booksurge
Send me your questions! https://fdsd.me/qna
Subscribe to the newsletter: https://fdsd.me/newsletter
Become a patron! https://www.patreon.com/FirewallsDontStopDragons
Get your Firewalls Don’t Stop Dragons Merch! https://fdsd.me/merch
Give the gift of privacy and security: https://fdsd.me/coupons
Table of Contents
Use these timestamps to jump to a particular section of the show.
0:01:40: Interview setup
0:03:56: What is Internet Safety Labs and what do you do there?
0:05:45: Why do we not have liability in the software industry?
0:07:02: How did you come to work for Google and what was your experience like there?
0:07:58: What caused you to eventually leave?
0:10:26: How did private policy evolve while you were at Google?
0:12:36: What was happening in Google that impeded your efforts?
0:19:19: How does Google compare to other companies like Facebook?
0:20:56: What's your take on Google's new Privacy Sandbox technology?
0:27:24: Can we do some good with all the data we're collecting?
0:33:51: From where do we derive a legal right to privacy?
0:35:10: How does differential privacy work?
0:38:49: Where might we use differential privacy?
0:41:59: What is homomorphic encryption and how does it work?
0:44:47: Are there any other promising PETs?
0:46:49: How do zero knowledge proofs work?
0:49:20: Which of the PETs seem most promising right now?
0:51:20: Do we need privacy regulations to save us here?
0:56:19: What's next for you?
0:58:31: Interview wrap-up
1:00:52: BOOK SURGE!!
Remember Everything You Learn from Podcasts
Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
