I try to think a bit ahead about data. Question: What will the consumer privacy and cybersecurity landscape be like when the first generations of internet companies possibly start to fall behind the curve? It is easy to imagine Big Tech will be "big" forever, but these companies are actually demonstrative of a long-term trend in the United States where corporations grow large more quickly and then also shrink and die more quickly than in the past. In this video I discuss these broad trends, what I think they might mean for technology long-term, and go into some specific, illuminating examples where social media companies like Twitter and Meta have added security features in paid tiers... because they are ostensibly struggling with cash flow and lack of investor interest in a new way.

WE HAVE THE TECHNOLOGY!

I'd like to eventually convince you that #PrivacyEnhancingTechnologies (or P.E.T.s) might represent money on the table for your organization and you should look into developing competency with them. In this video, via a demonstration of our #Python SDK Ghost PII, I make some important points towards this end. Specifically, this technology is not science fiction and not something you need to be a genius to use. It is something that is ready to go right now, can be made very seamless and easy to use (and we have!), and the performance is pretty damn good. #CyberSecurity #DataPrivacy #ArtificialIntelligence #DataScience

#MadisonSquareGarden is using #FacialRecognition tech to kick out lawyers that work for firms it is seeing in court. I discussed a specific incident in a past video, but this has apparently become common practice and the topic of a public kerfuffle. I cover some of the interesting details like how apparently this practice can only be continued legally if the venue stops serving #beer at hockey games and how apparently owner James Dolan is threatening to do just this in order to continue his blacklist.

#ArtificialIntelligence #DataPrivacy

NEW RELEASE: Take a moment to get the detail on our extremely sexy new release of Ghost PII improvements.

Dubbed "Cheetah" it includes a variety of world-class performance improvements - the real action is deep in the back-end, but the benefits for applications like encrypted search and machine learning are tangible and substantial. Private computation needs to be something everyday people can use and this includes the ability to build familiar models at scale on a timeline that fits into your day.

Cheetah is going to take good care of you in a way you may not be able to find elsewhere.

#ArtificialIntelligence #Python #Privacy #CyberSecurity

#FacialRecognition technology keeps coming up in the news as an #ArtificialIntelligence technology that seems to generate especially nightmarish #DataPrivacy issues (and maybe just general nightmares). In this video I tell the story of a woman trying to attend a show with her daughter's Girl Scout troop before being instantly singled out by security and ejected... because she worked for a law firm that was involved in litigation against the venue owner. She got to cool her heels outside waiting out the show, separated from her daughter. Oof...

In many ways #FTX appears to be a very classic sort of scam writ large. In this video, I will talk a bit about what history tells us to expect going forward from here. I think the possibility of #LawEnforcement clawbacks of money spent by #SBF are particularly fascinating here given how freely he spent and into the pockets of so many influential people. I give some sketch about what might happen and talk a bit about some other clawbacks of history including the fallout from #BernieMadoff's charitable giving being clawed back to compensate victims.

The #DataPrivacy regulator in #Ireland recently fined #Meta, parent company of #Facebook, $275 million for a breach last year. In this video I elaborate on a couple weird situations embodied in this event including the awkward role that Ireland plays enforcing #GDPR disproportionately for #Europe as a whole and then also the legal haze regarding when letting people scrape your website too easily should be called a #DataBreach.

#Crypto will likely find itself at the crossroads following the #FTX collapse so I thought it would be a good time to revisit the world of #privacy coins, #Litecoin especially, and check in on how some of the themes discussed in my past videos have played out. To recap, #Litecoin is an old #Bitcoin clone than recently adopted sexy new privacy features to differentiate itself. You can see the cons have played out to a small degree, with two small exchanges in South Korea de-listing it for #AntiMoneyLaundering concerns, but also maybe some signs of the pros in that the forward look around privacy has helped feed perceptions that Litecoin is a "good" project worthy of surviving crypto winter.

THE MINI-SERIES CONTINUES: multi-party computation edition.

I focus primarily on defining and motivating multi-party computation but I also outline a bit some of my remaining topics like federated learning and zero-knowledge proof. I will be starting to emphasize a little more the boundaries between these ideas (or not) and tell you a bit more of the big story about the big shared ideas.

I conclude my mini-mini-series with discussion of differential privacy, its imposing mathematical theory on Wikipedia vs. the relatively prosaic implementation reality of simply adding noise, why adding noise provides more privacy than you might think, and how these methods can go bad when used on datasets where outliers are numerous, extreme, or important.

As it is Election Day in the United States I have decided to set aside regularly scheduled programming to talk about the power of encrypted data-in-use techniques to better secure voting and voting machines. A little more obvious is how these techniques could improve the privacy of your vote, and then a little less obvious is how powerful they are for preventing tampering and improving auditability. I close by explaining the more general cybersecurity relevance of these ideas and give a bit of a teaser trailer for some future videos with the real sexy big ideas about transforming what it means to own data.

I continue my mini series on privacy-enhancing technologies with a two part mini mini series on synthetic data and differential privacy. In addition to giving some very basic definitions, I will focus this week especially on some shared pros and cons between these two techniques. Next week, I will admit to some minor lies I told about differential privacy and clean things up to give the full story of that technique.

This week we talk homomorphic encryption... I will give a basic definition, talk a little about examples vs. non-examples, give a brief demonstration via Ghost PII, talk applications around data sovereignty going forward, and Meta's struggles with international data transfers under GDPR.

MINI-SERIES EVENT! Over the course of Quarter 4, I will be posting a series of videos giving an overview of what are increasingly grouped together as "privacy-enhancing technologies" or PETs. (This will include homomorphic encryption, secure multi-party computation, zero-knowledge proof, differential privacy, synthetic data, and maybe a little bit on trusted execution environments.) I will take special care both to point out why the business side might decide to care about these things and to clarify the rather problematic and messy nomenclature in my last sentence's parenthetical word salad.

This video is a whirlwind tour of what is to come. A specific schedule is coming soon.

#DataScience #Privacy #Cybersecurity

It's very unusual these days that an executive face criminal liability related to corporate wrongdoing so the story of ex-Uber CISO Joe Sullivan is a notable one. I discuss the relevant 2016 ransomware incident, the key legal role played by notification of law enforcement (or the lack thereof in this case), the gray zone around bug bounty programs, and the broader debate about when criminal liability is appropriate. I think this story has many interesting angles and I will also digress a little into executive compensation, the Theranos trials, and the legal meaning of the "O" in your favorite "C?O" title.

Uber's recent breach is about as classic as it gets. I talk about what is classic in it including the role of social engineering, lateral movement and using some access to get more, and the sad predictability about who it is that got taken. I also discuss some unique wrinkles including the announcement of the breach by the hacker in an internal company chat only to receive jeering and disbelief.

I talk about Huobi's recent decision to delist privacy coins like Zcash and Monero, contextualize it within broader conflicts between law enforcement and digital privacy, and talk in detail about enforcement goals vs. business incentives on both sides.

Like #emojis?

Since you have said yes, you can definitely spare ~2 minutes to spend with Jack Phillips and I checking out a fun encrypted search & basic sentiment analysis demonstration using Ghost PII.

#Python #DataPrivacy #CyberSecurity

Today I have a goodie bag of test drive toys for the cool kids that are actually watching and listening in detail... #Python #DataScience #CyberSecurity

In this video I fill in some of the details about how Federal law enforcement has shut down the Tornado Cash transaction mixer because of its involvement in money laundering by North Korean hackers and then backtrack to answer questions like "What is a transaction mixer?" and "Why might you use it for money laundering?"