When you enter a search query, visit a website, or share a social media post, your personal data can be tracked, repackaged, and sold without you knowing about it. While recently there has been broader public awareness, new government policies enforced, and pushback from advertisers partnering with social media, everyone from large companies and government agencies to individual users are at risk for data breaches or having data shared in ways they do not expect. Today’s computing systems are infinitely useful: We can access huge amounts of information with a few keystrokes, conduct online banking, and video chat with colleagues halfway around the world. How do we continue to get the benefits of using these systems without mitigating our security and privacy?
“We use the internet for essentially everything today. We put so much trust into our computer systems, and our computer systems haven’t been doing a very good job of safeguarding our information and protecting our own interests,” says Professor Henry Corrigan-Gibbs, an assistant professor in the MIT Department of Electrical Engineering and Computer Science (EECS) and a member of the Computer Science and Artificial Intelligence Laboratory (CSAIL). Prof. Corrigan-Gibbs is working to find alternatives to the way we currently approach privacy, with a focus on building systems that use cryptography to empower and protect their users.
One of the areas he is working on right now is private information retrieval, which lets users query a database without revealing their query to the database server. This research has applications from privacy preserving advertising to privacy preserving search. “The reason this is interesting to me is because we know that computer systems get broken into all the time,” he says. “I’d like to move us into a world in which, when a server gets broken into, it’s not holding any sensitive user information unencrypted that can then be stolen or sold off or abused in some way that would end up harming the end users.”
Inherently, data collection isn’t a bad thing: It can help organizations improve user experience and can give companies important insights about consumer behavior. If your web browser crashes on a certain website, for instance, that URL gets sent back to the browser vendor so that they can debug the issue. But today, much more data is being shared than is necessary.
“Today when you send a URL directly to Google and say, ‘Here, this is a URL that crashed my browser,’ you are leaking to Google information about your web browsing history,” says Prof. Corrigan-Gibbs. “One of the systems I’ve been working on is designed to allow a vendor to collect that type of important telemetry or statistical information about how a product is being used, without having to collect any sensitive information about the user’s web browser behavior directly.”
In a similar vein, he is designing encrypted messaging systems that hide not only the contents of your communication, but hide the end points of your communication — who you’re talking to, when you’re talking, and how much you’re saying — essentially, communications metadata. He explains, “If we’re successful in building the data-hiding messaging systems, this could allow all of us to get stronger privacy protections as we’re chatting with each other, organizing a protest, or just moving through the world.”
A common thread among these projects is the challenge companies face in incentivizing the user to adopt state-of-the-art technology that is also secure. “When you’re building a new privacy-preserving technology or a new security technology, you’re competing with the state of the art, which is often very little security and very little privacy. The difficulty is making your system attractive enough in terms of cost for people to use it while still providing extra properties.”
Another challenge is convincing tech companies of the importance of privacy. “Tech companies often feel that they’re incentivized to collect the most sensitive information about everyone they can and store it forever. We’re entering an era in which that’s no longer the case,” he says. “One of the things I’m trying to do with my work is to re-emphasize to people that this is not for free, that collecting sensitive information has a cost.”
Long term, he is working to change the way these systems work, whether changing our current communications systems to high communications metadata or changing the way the advertising ecosystem works to do a better job of respecting user privacy. “It’s not convincing one company to do one thing; it’s convincing an entire industry to change the way they think about a computer security problem or a privacy problem.”
Prof. Corrigan-Gibbs is up to solving these challenges in the course of his research, which he says is “endlessly fascinating.” He finds cryptography and security so exciting because “it touches on every area of computer science, going even beyond computer science into social science questions, especially when we’re talking about privacy.” There are “lots of philosophical questions that are tied up with privacy and identity, and all these issues that come up in the context of computer security.” He adds that “if you think about the social challenges we’re facing, many of them are related to computer security and privacy… It’s really exciting to be working in this field that’s both so rich in terms of ideas and theory, but also has such a close connection to the human experience on a day-to-day basis.”
These types of interconnected areas of study are also what drew him to CSAIL. “At CSAIL there are so many people in so many areas of computer science who are doing such exciting, brilliant things,” he says. “The breadth and depth of expertise in the building is just fantastic. I think it makes it a really exciting place to be a computer scientist, especially when you’re in an area like computer security that interfaces with every other area of computer science.”