By [email protected] (Joel Khalili) Brave has open sourced a new technique for collecting user data without compromising on privacy.
Software company Brave has published details of a new method of data collection said to be capable of guaranteeing user privacy by default.
Developed by a team of its researchers, the STAR system is designed to eliminate trust from the equation, by offering a technical guarantee of user privacy based on cryptographic techniques.
The technology will be deployed on an opt-in basis inside a range of Brave products (including its popular web browser) and considered for standardization by the Internet Engineering Task Force (IETF).
Data collection, but private
In an ideal world, users would be required to share none of their personal or usage data with software developers. But the reality is that data collection is an important part of ensuring software runs smoothly and does not contain dangerous cybersecurity vulnerabilities.
The challenge facing developers in a market in which consumers are increasingly suspicious of data collection is how to gather telemetry data without compromising the needs of either set of stakeholders.
“Existing systems are extremely expensive to deploy (making them unusable for all but the largest companies), require trusted third-parties or special hardware, and/or require millions of users to achieve useful results,” explained Brave, in a blog post(opens in new tab).
“STAR, by contrast, provides privacy guarantees similar to, or better than, existing systems, while being practical and affordable for projects and organizations serving anywhere from dozens to millions of users.”
Specifically, the STAR system is based around a premise known as k-anonymity, whereby the data points available to the collector are never unique to a specific individual. In practice, this means the collector can never use data values to build a picture of the original provider.
Although other data collection systems have deployed k-anonymity in the past, Brave claims STAR is able to do so at a much lower performance cost, which means no specialist hardware is required. According to the company’s tests, its own system is “24 times cheaper than the existing state-of-the-art approach”.
To encourage the adoption of STAR, Brave has open sourced the model (in both Rust and WASM versions) under the Mozilla Public Licence v2, which gives any organization the right to adopt or modify the system as they please.