The ones who brought you Let's Encrypt, bring you: Tools for gathering anonymized app usage metrics from netizens

Tech tackles two things: 'Aggregate statistics to improve an application, maintain the privacy of the people'

The Internet Security Research Group (ISRG) has a plan to allow companies to collect information about how people are using their products while protecting the privacy of those generating the data.

Today, the California-based non-profit, which operates Let's Encrypt, introduced Prio Services, a way to gather online product metrics without compromising the personal information of product users.

"Applications such as web browsers, mobile applications, and websites generate metrics," said Josh Aas, founder and executive director of ISRG, and Tim Geoghegan, site reliability engineer, in an announcement. "Normally they would just send all of the metrics back to the application developer, but with Prio, applications split the metrics into two anonymized and encrypted shares and upload each share to different processors that do not share data with each other."

Normally they would just send all of the metrics back to the application developer, but with Prio, applications split the metrics into two anonymized and encrypted shares

Prio is described in a 2017 research paper [PDF] as "a privacy-preserving system for the collection of aggregate statistics." The system was developed by Henry Corrigan-Gibbs, then a Stanford doctoral student and currently an MIT assistant professor, and Dan Boneh, a professor of computer science and electrical engineering at Stanford.

Prio implements a cryptographic approach called secret-shared non-interactive proofs (SNIPs). According to its creators, it handles data only 5.7x slower than systems with no privacy protection. That's considerably better than the competition: client-generated non-interactive zero-knowledge proofs of correctness (NIZKs) are 267x slower than unprotected data processing and privacy methods based on succinct non-interactive arguments of knowledge (SNARKs) clock in at three orders of magnitude slower.

"With Prio, you can get both: the aggregate statistics needed to improve an application or service and maintain the privacy of the people who are providing that data," said Boneh in a statement. "This system offers a robust solution to two growing demands in our tech-driven economy."

In 2018 Mozilla began testing Prio to gather Firefox telemetry data and found the cryptographic scheme compelling enough to make it the basis of its Firefox Origin Telemetry service.

In a blog post last year, Chris Hutten-Czapski, Firefox platform engineer, wrote, "Prio is neat. It allows us to learn counts of things that happen across the Firefox population without ever being able to learn which Firefox sent us which pieces of information."

Prio Services will let any company subscribe to have its product-generated data sliced, diced, and anonymized so it can be viewed in aggregate, without the risk that the data could be used to identify people.

Let's Encrypt warns about a third of Android devices will from next year stumble over sites that use its certs


ISRG will operate a data processing server, and subscribers will have to implement a second server and arrange to have its apps transmit their metrics so they can be divided between the two servers for subsequent anonymized aggregation and analysis.

"By offering low-cost and easy-to-use cryptographic privacy protection for user metrics, ISRG will be taking a significant step to protect the general public from privacy violations," said Aas and Geoghegan. "It is our hope that privacy respecting metrics collection will become an expectation for application developers."

Prio Services isn't yet open to the public. ISRG is working to implement the service with its first set of subscribers, and will provide more information at a later date. But the org says it expects to be the first organization running Prio as a production service.

In an email to The Register, Aas said it's too early to provide pricing details.

"While some subscribers down the line may be paying for the service, many will have access to the service through philanthropic contributions," he said. "We are not able to provide pricing for potential paying subscribers at this time."

Aas said companies that don't care about user privacy may not have much incentive to use Prio, though he suggested the service may appeal to those interested in returning from the dark side.

"Prio prevents both intentional and unintentional privacy violations, so the system benefits companies with the best of intentions," he said. "Being able to convince people that an application is trustworthy is important to many companies, and using Prio is a way for them to do that." ®

Send us news
Get our Security newsletter

Keep Reading

Days after President Trump suggests pausing election over security, US House passes $500m for states to shore up election security

Chances of it getting enacted in time for November – slim to almost nil

Legendary hacker and L0pht member Peiter Zatko joins Twitter as security chief

Mudge work to be done after high-profile Bitcoin scam earlier this year

Homeland Security demands a 911 for reporting security holes in federal networks: 'Vulns in internet systems cause real-world impacts'

Great – and who will be the first responders?

Verizon: Just 25% of global businesses comply fully with the Payment Card Industry Data Security Standard

Gives you confidence in an era where nobody accepts cash any more

Lenovo to slap ThinkShield security standard for laptop line-up on its Motorola mobiles

Scheme to roll out across firm's device portfolio in coming months

Election security fears doused with reality: Top officials say Nov 3 'was the most secure in American history.' The end

'No evidence that any voting system deleted or lost votes, changed votes, or was in any way compromised'

Softly-as-a-service: IBM whispers plan for security SaaS based on a Cloud Pak

Appears to cook a new way to shift containerised wares and get you onto OpenShift

Tech Resources

Navigating the New Era of Cloud Computing

Hear from Steve Sibley, VP of Offering Management for IBM Power Systems about how IBM Power Systems can enable hybrid cloud environments that support “build once, deploy anywhere” options.

Simplifying Hybrid Cloud Flash Storage

According to industry analysts, a critical element for secure hybrid multicloud environments is the storage infrastructure.

The Ransomware Hunt that Unearthed a Historic Banking Trojan

The Sophos Managed Threat Response (MTR) team provides customers with swift, human-led responses to the nastiest threats and most sophisticated adversaries.

IBM and Nvidia® Solutions Power Insights with the New AI

IBM is well-positioned to help organizations incorporate high-performance solutions for AI into the enterprise landscape.