05 July, 2021
Anonybit & the GDPR
One of the key concerns of users in relation to consumer products today is the degree to which they preserve and protect their privacy. This is especially true when it comes to sensitive biometric data. We have therefore consulted our lawyers, who are experts in European privacy regulation, to explain how Anonybit works, and how it is the best solution to protect individuals’ sensitive personal data.
Stage 1: When first signing up, the user will provide a biometric sample. For example, the user might use the camera of their cell phone to capture a photograph of their face. The system will take this photograph, convert the image into vector, split it up into a number of pieces, encrypt and spread the pieces amongst the various users of the system.
Stage 2: When a user then seeks to verify their identity via the system, they will provide a biometric sample (e.g. via the cell phone camera) for comparison. The sample will then be converted into vectors and queried against the vectors spread out amongst the various users. A positive match will allow the user into the system. A negative match will prevent entry.
This process is known as “Zero-Knowledge-Proof” authentication, which means that there is no single point where the information, in its entirety, is stored, and therefore no single point of failure exists. The only time at which the data is “whole” is when it is initially captured by the device which the user is using to provide the biometric sample.
A key point to understand about the system is that neither the entity which is seeking to verify the user’s identity in order to grant access to the system, not Anonybit, nor any of the other users of the system, has access to the data as a whole. Each user only holds a partial, anonymized, completely isolated and encrypted vector representing a portion of the biometric data. This partial piece of data is completely meaningless on its own.
The General Data Protection Regulation (or GDPR, the key regulation which governs privacy and data security in Europe) operates under the assumption that a single entity (called a “controller”) collects and processes personal data provided by a data subject, and must therefore put in place processes and protections to ensure the integrity of the data.
Anonybit breaks this mold. Similar to the distributed ledger technology on which blockchains and cryptocurrencies are based, the Anonybit system distributes the data amongst the various users of the system. However, a key difference between distributed ledgers and the Anonybit system is the status of the data stored in the system. The main “flaw”, from a privacy perspective, of the distributed ledger model, is that every user holds a full copy of the entire ledger, and the entire ledger is fully available to the public (e.g. each Bitcoin user holds a digital wallet which contains the entire history of all Bitcoin transactions ever made). The positive element of the distributed ledger model is that it eliminates the need for a centralized body to regulate the system. The users regulate the system by ensuring everything is public and permanent. However, this system presents many privacy challenges under GDPR.
Contrary to the distributed ledger solution, so long as the data under the Anonybit system is divided amongst the various users of the system, each individual user has a fractional, encrypted, and completely meaningless piece of the “puzzle”, when looked at in isolation. It is only the joining of all the points together (i.e. de-anonymization, a task which is practically impossible other than by using the system, as explored below) that the identity of the individual is confirmed. And no one is able to perform this task without access to the system. In reality, the data never actually leaves the possession of the data subject in a form capable of identifying an individual.
Most solutions today are focused on reactive privacy measures (adding layers of security to existing processing, adding stronger encryption, etc). Rather than adding reactive security measures aimed at protecting access to, and the integrity of, the personal data, Anonybit solves these privacy concerns at their source by addressing the concerns that trigger GDPR in the first place. Instead of adding protective layers, Anonybit prevents third parties from ever processing the data in the first place, ensuring that the user retains full control over their data, while at the same time not hindering the system’s technological abilities. Anonybit shifts the paradigm by returning the power and control over the data to the user, and by empowering the user to decide which entities are able to use the system to verify their identity.