Swiss tech tackles the siphoning of our online private lives

Internet users leave many traces online, which can be misused. © Keystone / Gaétan Bally

Anyone who uses the internet is monitored or even manipulated through the exploitation of clouds of digital noise – or metadata. Two Swiss firms, including one backed by US Army whistleblower Chelsea Manning, are erecting smokescreens to shield prying eyes and protect from government and GAFAM surveillance.

This content was published on April 06, 2022 – 10:23

Nym Technologies and HOPR use mixed networks (mixnet) to consolidate metadata abandoned by Internet users. As a result, it is impossible to link an individual to the digital fingerprints thus scrambled. These are two of the few players – including Orchid and xxnetwork (founded by David Chaum, the first to use the mixnet concept in 1981) – launched in the fight against the erosion of confidentiality and privacy online.

“Being constantly watched makes people tired. They are scrutinized every second, every click and do not know where this information is going or how it is being used. This situation is starting to have a long-term impact on our mental health, ”explains Chelsea Manning, active as counsel for Nym Technologies.

Around 2010, Chelsea Manning, who served in the US military as Bradley Manning, leaked sensitive documents about civilian casualties during the Iraq War and the mistreatment of Guantanamo detainees. Today, she fights data surveillance by governments and big companies and advocates stronger protection of privacy online.

“People know their privacy is being violated but they expect someone else to come and fix it – government, civil rights organization or supranational agency like the European Union. But things don’t happen that way,” she said.

A wealth of info

Metadata is sometimes likened to exhaust fumes left in the wake of any online activity, social media interaction, or smartphone use. They do not necessarily reveal their content but, put together, make it possible to determine who was contacted, how often and where the other party was during the exchange.

Powerful machine learning tools use metadata to get a surprisingly accurate picture of individuals, their preferences, personality and movements. This is the finding in particular of researchers at Stanford University.

All of this offers the possibility of revealing private lives, targeting consumers with ad hoc advertisements and manipulating neither seen nor known everyday behaviors such as voting choices. The Covid-19 pandemic has, in this regard, only increased the time spent online by the population, for various tasks and work meetings.

The Russian invasion of Ukraine also highlights the burning issue of government control of information. A tool that allows them to put forward their arguments or to attack the protesters.

Via technology

Instead of waiting for regulators to act to protect Internet users, Nym and HOPR are betting on digital means. “The goal is to provide technology that empowers the individual. We badly need resilient systems that allow us to use the digital world without Facebook and Google harvesting our data”, explains Sebastian Bürgel, the founder of HOPR.

To achieve this, both systems use the same principle of decentralization that underlies blockchains and bitcoin. Networked computers operate independently, but are simultaneously interconnected and cooperate to transmit data. The theory goes that a swarm of this order is more reliable than a single corporate entity putting its commercial interests before those of the users.

In order to convince people to get involved as data mixers, Nym and HOPR developed an incentive system that rewards these activities with digital tokens. These are also used as a means of payment to use the services of the two firms.

When fully operational in the coming months, mixnet systems could accommodate a wide range of uses – from decentralized finance to sending personal data to hosting digital chatrooms. HOPR is even in talks with a medical technology company developing alerting devices in the event of a fall or sudden deterioration in the state of health of vulnerable patients. All while ensuring the security of their data.

Risks too

While individuals welcome privacy-protecting technology, governments and law enforcement agencies point to the risks. Earlier this year, the British National Crime Agency raised concerns. She fears that the full encryption introduced by social media could hamper efforts to detect criminals.

Rob Jones, head of the NCA, felt that “this capability risks extinguishing the light of police departments all over the planet”. In some countries, moreover, in the United States in particular, the regulator is cracking down on cryptocurrency mixers (or “tumblers”). The attempts to blur the circuits of digital currencies are for some considered illegal.

Nym co-founder and CEO Harry Halpin rejects the criminal haven mixnets argument. “Confidentiality isn’t about hiding from everyone, it’s about selectively disclosing the information you want to reveal. (…) The regulations have not led to the end of surveillance. But only to annoying pop-ups and a few relatively small fines.”

The same Harry Halpin points out that his firm benefits from funding from the “Next Generation Internet” initiative wanted by the European Commission. A program that aims to create a more inclusive web. The public operator Swisscom has undertaken to participate in the operation of this system.

It’s urgent

The fight for digital privacy is being lost, argues Harry Halpin. “We have to defend ourselves through technology, using software that makes surveillance impossible or at least allows it not to be the default option on the internet.”

Technology already offers solutions. In Switzerland, ProtonMail and Theema encrypt email and messaging traffic. The Brave web browser blocks online advertisers while The Onion Router (Tor) protects anonymity by routing traffic through relays housed in various layers of the system.

But Nym and HOPR say their technology goes further than those of their rivals in terms of privacy protection, as it specifically targets metadata and introduces leaner and faster operating models.

While blockchains have a reputation for preserving anonymity, Sebastian Bürgel points out that decentralized databases are even more risky than the Internet from a privacy perspective.

Blockchains work by broadcasting transactions – but not the identity of individuals – to the entire network of users.

On the web, users increasingly use specialized sites to verify that their transaction has been carried out. Or to access services such as currency exchange. Each time, they leave traces in terms of metadata. Their IP address for example.

“At this stage, this information is only accessible to the access provider. But there is the risk that your IP address will be disclosed to the entire network and that it will be used to determine the origin of a transaction”, warns Sebastian Bürgel.

Mixing metadata to make it invisible is, according to the HOPR boss, the only way to prevent this from becoming a serious problem.

In accordance with JTI standards

In accordance with JTI standards

More: SWI certified by the Journalism Trust Initiative

Leave a Comment