Technology

Don’t Want Facebook to Read Your Messages?: Meet the Start-Up Making Communications 100 Percent Private

Priv.ly Putting Privacy Back in User Hands, Making Communication on Social Media Encrypted and Private

When you message a friend on Facebook, post a tweet for all your followers on Twitter or send an email using Gmail, your communications are being recorded by these sites. But Sean McGregor, 26, doesn’t think they should be — if you don’t want — and he wants to give you back control over your privacy.

McGregor said in an interview with the Blaze that he believes right now there are two options. Option A) surrender your privacy in favor of continuing to use social media and other forms of online communication (most would probably choose this). Option B) abandon all online communication. McGregor is developing a middle ground. It’s a function he says will “only enhance the capabilities of the social web” by putting control of who sees what into your hands.

(Related: Here‘s how to create an email that will ’self-destruct’)

The function is called Priv.ly — short for Shared Priv(ate)ly — which was started by McGregor and other computer science PhD candidates at Oregon State University. The team is currently raising funds on a Kickstarter site to take the project to the next level. So far they have exceeded their goal with more than $17,000 raised. In nearly doubling their original goal of $10,000 and with five days left on the funding website, McGregor said he sees the support as “validation of the concept.”

“It’s a fairly technical concept to grasp,” McGregor said. “A lot of the support is a statement that people really care about privacy.”

Priv.ly would allow for you to:

  • Maintain control of your content wherever you post it
  • Delete emails after you send them (no more send regret)
  • Share content across social networks, email, blogs, and forums using the same privacy settings
  • Prevent governments from shutting down free speech
  • Prevent companies from selling and scanning your most private communications
  • Have easy use of modern encryption technologies

Priv.ly works by encrypting communications through a browser extension. Those with whom you are communicating can see your full text while the sites you are using to communicate only see a Priv.ly link. The Atlantic explains further:

Through browser extensions, Privly allows you to post to social networks and send email without letting those services see “into” your text. Instead, your actual words get encrypted and then routed to Privlys servers (or an eventual peer-to-peer network). What the social media site “sees” is merely a link that Privly expands in your browser into the full content. Of course, this requires that people who want to see your content also need Privly installed on their machines.

Priv.ly Putting Privacy Back in User Hands, Making Communication on Social Media Encrypted and Private

Example of how Priv.ly works. (Image: Priv.ly via Kickstarter)

“Encryption has been a round for a while but what we‘re trying to do is bring encryption and privacy into an arena where you didn’t have control over your data before,” McGregor said.

Check out the site’s Kickstarter video to see demonstrations:

McGregor provides an example to explain privacy on communication sites now and what it would be like with Priv.ly enabled. “If Google were the U.S. Postal Service, Google would be opening every letter, reading them and sending you ads based on that. [With Priv.ly,] Google and Google+ won’t have access to personal communication.”

Using Facebook as another example, McGregor explains that what should be interesting to sites like this are semantics, not your personal communications. For sites like Facebook, they should want to know things like if you recently got engaged, what your favorite movies are, etc., and target ads based on that. McGregor says there is no real reason for your communications between one or more parties using the site to be recorded.

As for next steps, McGregor said the team will be moving forward with an open source encryption library, creating and refining a user interface and eventually conducting user studies to evaluate how to refine the product. But, for now, they have a proof of concept that works. McGregor said anyone can try it out but the final product will have more functionality built into it. Check it out here.

If Priv.ly does become mainstream, a timeline that McGregor said he is too unsure of to pinpoint, the Atlantic points out several important impacts it would have on the Web:

Privly could be a useful tool for activists who want to use social networking tools but don’t want their opponents to be able to see their posts. That its to say, it could provide a new avenue for free speech on the Internet. As noted earlier, we assume cloud-based email and applications to be durable records of communication. That would not longer be the case. And of course, this model runs directly against the standard social network business model of running ads against the specific type of content you’ve posted.

On an even more longer term vein, I asked McGregor how Priv.ly would impact law enforcement using social media at times in criminal investigations. McGregor said it hasn’t been a concern with the project yet but that they would “want to spell out in plain English where data is being stored; what the risks are;  and how we would respond to subpoena requests.” Social media sites like Facebook and Google notify the users when information is requested by the authorities when legally permissible.

(Related: We now know what Facebook turns over to the cops when subpoenaed)

With Priv.ly, McGregor said the court would have to issue subpoenas for information to Facebook, for example, Priv.ly, and the sender or receiver of the information to get a key to the unlock encrypted material.

McGregor is a PhD candidate in machine learning at Oregon State. The idea for Priv.ly originated in 2009.

Check out the Kickstarter site for more information on the project here.

Comments (23)

  • JEANNIEMAC
    Posted on April 13, 2012 at 5:01pm

    When using social sites or sending emails or texts, etc., do not write anything you would not want your employer or the government to see. Keep it light and easy, nothing really important. Nothing private.

    Report Post »  
  • one.dakine.howlie
    Posted on April 13, 2012 at 12:51pm

    How will these guys make money if they have no marketing value? People will have to pay to use their service is what I‘m thinking and if that’s the case they will not survive because all other social networking sites are free to use.

    Report Post »  
  • sbenard
    Posted on April 13, 2012 at 12:37pm

    I want this so bad it hurts! Go Priv.ly!

    Report Post » sbenard  
  • Mr Sanders
    Posted on April 13, 2012 at 12:25pm

    If they came up with that good of a program, the NSA would want to talk to them. They may even be funding it and they wouldn’t even know it.

    But…. someone out there has to be developing something for US private citizens to use?

    BTW – neither do I use social sites; don’t have time. Besides, for intelligence services, these sites are the greatest collectors of personal information , chain of friends/family/ biz assoc/ alike in the history of mankind. But they [NSA] still builds that huge facility in Utah. Interesting….

    Report Post » Mr Sanders  
  • TheSoundOf Truth
    Posted on April 13, 2012 at 12:10pm

    I can’t really see this as catching on in the same way as facebook. It is a super concept, but account fees can reach upwards to over $50/month. I can’t see how they can compete with the “free” service of facebook (even though you are paying for the service with your surrendering of your personal information, people still think it’s “free”).

    Nice idea, but the facebook cabal is maybe too big right now….

    Report Post » TheSoundOf Truth  
  • ExSophus
    Posted on April 13, 2012 at 11:05am

    And when the “social networks” simply ban posting hyperlinks to the priv.ly servers? (they can simply opt to delete the hyperlink while retaining the post, or simply not publish the post. It’s a trivial bit of programming to do so.)

    After all, in some minds “people who use encryption” are considered security threats, so the websites would have an argument they are protecting “cybersecurity”. Also, CISPA, etc. could allow 3rd parties to demand the social networks remove such links WITHOUT probable cause. Re encryption, people have been penalized by courts for not disclosing their passwords to their own data, despite the 5th Amendment. Even though there are massive resources being created and used to decrypt data, legislative attempts continue to push through laws requiring EVERY encryption program/service to provide master decrypt keys to the government. Also, note that in this article (Feb2012) one person’s appeal was granted “United States vs. Doe”, while another person was STILL being required to provide her password, until the constitutional issue in her case was rendered moot (Mar2012) because her hard drive was decrypted by the government (note that the US v. Doe win apparently didn’t affect her case or others in the same “being forced to provide password” situation)
    https://www.eff.org/press/releases/appeals-court-upholds-constitutional-right-against-forced-decryption
    http://www.theregister.co.uk/2012/03/01/forced_decryption_ruling_moot/

    Report Post »  
    • ExSophus
      Posted on April 13, 2012 at 11:35am

      I should clarify that it’s my belief an encrypted server likely will not be a practical solution, and my post provides multiple reasons why that would be so.

      A couple of additional observations:

      We don’t at this time know whether the 3rd party service might use master decrypt keys (regardless of whether the government requires them to have them). In theory such a service could be compelled to hand them over via court order. There is no 5th amendment protection from that.

      It also depends on how “strong” the encryption is. There are MANY ways to encrypt data and far too many provide little resistance to standard decryption tools.

      The degree of protection provided also depends on whether the encryption/decryption is performed on the end-user’s computers or on the server (and uses a trusted encrypt/decrypt program) E.G. whether the data are transfered “in the clear” between the server and the end-users…“in the clear” would enable easy intercept of the unencrypted information anywhere on the connection between the server and end-users…not a problem for the government.

      Report Post »  
  • THX-1138
    Posted on April 13, 2012 at 10:32am

    Encryption has always been the answer. It’s there for the hard core techies but this might make it available for the average user.

    I refuse to use *any* social networking software. Up to now. This might change my opinion…

    Report Post » THX-1138  
  • MrKnowItAll
    Posted on April 13, 2012 at 10:21am

    I’ll play the GOOD Francis Piven. Our Fourth Amendment Right has been taken and no one is in the Street Protesting???????

    Report Post » MrKnowItAll  
  • tbb
    Posted on April 13, 2012 at 10:19am

    My husband and I also have a fairly secure social web site. You are free to say what you want with no one from the site reading your messages. We are a family centered web site so even little johnny can go on and communicate with family. There are family pages, personal pages, pages for people who have passed on even pages for your pets. We would love to be able to hire more people and create jobs. Like the saying goes you have to have money to make money and we are fast running out of money. We only make money from the adverts on the pages. Right now it is just my husband and myself running this company.

    Report Post »  
  • 1956
    Posted on April 13, 2012 at 10:04am

    Risky? Maybe. But you know what they say: No balls, no babies.

    Report Post » 1956  
  • cranberry
    Posted on April 13, 2012 at 9:45am

    Isn’t that what Facebook is about, getting your face out there? Confused but really don’t care…

    Report Post » cranberry  
  • PistosEnAgape
    Posted on April 13, 2012 at 9:18am

    As a privacy orientated person, I’ve given up Google, Facebook, and Twitter. It gets lonely not having instant communication with family. If – please note there’s an intended emphasis – if this is what it claims to be, I would be willing to look into the service. But I won’t be the first to sign up!

    Report Post »  
  • Meyvn
    Posted on April 13, 2012 at 9:15am

    Private social media is an oxymoron.

    Report Post » Meyvn  
  • Grillmark55
    Posted on April 13, 2012 at 9:05am

    Nothing is private any more. If you are on this or any other site, you are being tracked. Period.

    Report Post » Grillmark55  
  • nilo
    Posted on April 13, 2012 at 8:41am

    I don‘t use ’em.

    Report Post » nilo  
  • Mr.Fitnah
    Posted on April 13, 2012 at 8:16am

    Yeah I trust that.
    Dont get involved with anything .

    Report Post » Mr.Fitnah  
  • blaaaaackwoman
    Posted on April 13, 2012 at 8:07am

    That company is probably a front for some government data gathering agency.

    Report Post »  
  • Delta D-5-3
    Posted on April 13, 2012 at 7:48am

    Sorry, NO such thing as a “secure” communication anymore. Ask all those high security firms and government agencys that have been hacked how that worked out for them. But, it‘s better then what’s out there now I guess.

    Report Post » Delta D-5-3  

Sign In To Post Comments! Sign In

Sign Up For Our Newsletter!

Glenn Beck Radio

Listen to Glenn Beck 24/7 Listen Now
Restoring Love