We’re excited to bring Transform 2022 back in person on July 19 and virtually July 20 – August 3. Join AI and data leaders for insightful conversations and exciting networking opportunities. Learn more
Today, Meta engineers delivered a talk as part of the Systems@Scale virtual event describing the organization’s approach to data minimization and developing an internal solution called the Anonymous Credentials Service (ACS).
Meta’s ACS is designed to allow users to authenticate in an “anonymized manner”, allowing access to services without collecting data that can be used to identify the person’s identity.
Under the ACS, a client contacts the server through an authentication channel and sends a token, which the server signs and returns.
Then the client uses an anonymous channel to send data to the server and authenticates it with a modified form of the token instead of the user ID. This allows servers to authenticate clients without knowing which client a token belongs to.
The organization’s approach points to a potential alternative for enterprises and technical decision-makers seeking techniques to minimize the amount of data they collect.
The need to de-identify data
Meta’s ACS comes as data privacy rules increase around the world and the organization comes under fire under the GDPR for transatlantic data sharing, with the company recently announcing that it would be pulling Facebook and Instagram out of Europe. if the GDPR prevented the sharing of user data from the US to the EU.
“We have absolutely no desire and no plans to withdraw from Europe, but the simple reality is that Meta, and many other companies, organizations and services, depend on data transfers between the EU and the US to operate global services” , a So says a Meta spokesperson.
For all organizations that do business, it is necessary to collect the minimum amount of data to prevent personally identifiable information from falling into the wrong hands.
Meta’s development of the ACS provides a new technique that the organization can use to authenticate users and ensure the security of important services, while decoupling their identities from personally identifiable information.
“Collecting the minimum amount of data needed to support our services – is one of our core principles at Meta as we continue to develop new privacy-enhancing technologies (PETs). We are constantly looking for ways to improve privacy and user data about our product family,” said Meta Software Engineers Shiv Kushwah and Haozhi Xiong in the official blog post.
The ACS provides a way to keep protected information private while ensuring that the organization has enough data to perform its critical tasks.
“So we took advantage of the ‘anonymous credential’ developed over the years by industry and academia to create a core service called Anonymous Credentials Service (ACS). ACS is a highly available, multi-tenant service that allows customers to authenticate in an anonymized manner,” said Kushwah and Xiong.
It improves privacy and security while being computationally conscious. ACS is one of the newest additions to our PETS portfolio and is currently being used in several large-scale use cases at Meta.”
The trials and tribulations of data protection
Meta’s tech talk comes at a time when the data protection market is in a state of growth, with the market expected to grow from $61 million in 2020 to $11 million in 2027 as data volume increases alongside government regulations that set new data protection standards. implement.
There is certainly a need for innovation in data protection among social media companies, with Twitter was recently fined €450,000 ($502,440.75 USD) by the Irish Data Protection Commission for GDPR violations following a data breach in 2019.
Similarly, TikTok made costly mistakes in data management, when the Dutch Data Protection Authority (CBP) imposed a €750,000 ($837,198.75 USD) fine last July for violating children’s privacy for failing to provide the privacy statement. in Dutch .
Currently, Meta is striving to differentiate itself from other social media providers by developing a new data sharing solution that ensures that data can be exploited without exposing personal information to legal obligations and threat actors.
VentureBeat’s mission is to be a digital city square for tech decision makers to learn about transformative business technology and transactions. Learn more
This post Meta says its Anonymous Credentials Service (ACS) will help reduce data collection activity
was original published at “https://venturebeat.com/2022/03/30/meta-says-its-anonymous-credentials-service-acs-will-help-reduce-data-collection-activities/”