Saturday, April 5, 2014

Life-Cycle Ephemerality

There's a new app in town - and it solves one of the harder privacy problems in a cool, fun way. The digital breadcrumbs we leave behind us form a lifelong wake.  An immediate way to handle the issue is by avoiding the creation of electronic records that last.... IE: using records that self-destruct without a trace. Communications and other data that do this are usually known as "ephemeral". 


https://itunes.apple.com/us/app/glimpse-disappearing-chat/id809118767
There are a handful of mobile apps that do this now on Android and iOS. A year ago to the day, MIT Technology Review published an article outlining this technology and describing the companies providing this technology in the niche but growing market for this kind of service. Only two days ago, Bruce Schneier highlighted the need for this type of capability and the problem that existing providers may not truly meet the expectation.

A key issue, as echoed by Bruce's write up, seems to be whether the apparent disappearance of a message or other records reflects a full deletion across all apps, devices, services, platforms, networks and other systems that had copies or knowledge of the data. At a law and tech conference I was at in NY this week the audience loved a newly launched app call "Glimpse".  Elissa Shevinsky, CEO of Glimpse (who did a live demo!) said "We want to bring genuine privacy to ephemeral messaging, while still keeping things fun." Perhaps the best thing about the app is that the Glimpse team is a scrappy lot of entrepreneurs who have taken upon themselves to realize that goal within a system and architecture reflecting a very full expression of the ephemerality concept. This Techcrunch article provides a reasonable overview.

Lately, the EU is in the midst of attempting to regulate a "right to forget" into existence, affording people a new right to force deletion of personal data by organizations that hold it. While people should have the right to destroy any information they own and more rights to personal data about them generally, there are serious legal complexities and unresolved business challenges that must be addressed to achieve a universal right to forget. That will take many political cycles, incur significant coordination costs to ensure compliance hence requiring lots of money, other resources and years of effort.

Meanwhile, in Brooklyn, NY yesterday I saw one woman with a startup demo "an app for that".  I have heard of apps and services that provide ephemeral messaging but had not used one till I downloaded Glimpse, after the conference.  The audacious act of people who decide they can change the equation on privacy with exactly the right app at exactly the right time.  In prep for this blog post, I reached out to Pax Dickinson, the CTO of Glimpse, to get some more detail on how the app and backend system work. He was very up front that the implementation is still in the midst of significant testing and refinement during the initial launch phase. Once the growing pains are over and the network and services reach a stable state, the logging and audit data being gathered for system diagnostics and troubleshooting will be tapered back and terminated. The basic design and architecture of the overall system aims to answer head on Bruce Schneier's concern about residual copies lurking in the shadows. The creative intent of Glimpses social technology achieves is intended to realize full deletion using an approach, called: "Life-Cycle Ephemerality". The term life-cycle, in this context, means the message itself - and all related receipt, logging, routing and server copies are likewise vaporized. Poof. The transmission data on the senders app is not even kept in the first place and therefore need not be erased. This corner of the privacy preserving technology arena is one to watch for dynamic innovation in a competitive market that is changing the math on privacy. Pretty neat, huh?


Above is a clip that include a demo of Glimpse at timemark 12m15sec presented at Jonathan Askin's recent law and technology conference at Brooklyn Law School
 
I'm interested to learn more about this ephemerality approach to privacy and especially the factors to consider in order to achieve full Life-Cycle Ephemerality.  Digital evidence and forensics come in a wide variety of forms, some of which are nearly invisible.  Is it really necessary to eliminate every last potential for recovering a message, no matter how expensive or remote the possibility?  Or is there a balance point at which the effort to recreate or access a record of a message is "good enough" and if so, how might that point be quantified and expressed in a spectrum that could allow users to select the level of protection and understand the corresponding value, cost and risk associated with that level?  Please get in touch with you comments, ideas or further questions about this topic.  Perhaps we'll add this to the future Legal Science hangout series to share more learning and foster further dialog.

UPDATE: While fact checking this blog post with Elissa just now, the NYT published a great and in depth review of the story of Glimpse...

Email Updates