You are viewing a read-only archive of the Blogs.Harvard network. Learn more.

Berkman Klein Assembly Blog

Building Solutions

A mid-way update: So what have we really been up to?!

Now that we’re nearly 6 weeks into the Assembly development sprint, we Assemblers thought it’d be a good time to start revealing bits and pieces of our projects to our broader blog audience. Even if terms like “differential privacy,” “internet of things,” and “information fiduciary” cause you to shrug or cringe, please keep reading. We promise we’re about to give you a thrilling inside look into our projects using explanations already tested on and approved by our own mothers and fathers. And for those looking to get into the technical weeds, hang tight until we release code on GitHub in April.


Project #1: Clean Insights


There’s no doubt about it: when you navigate to a webpage or open an app on your phone, it’s a magical, seamless experience. Remember those times you logged into Facebook and saw ads perfectly tailored to those gadgets you’d just considered buying on Amazon? Or that time you opened your Uber app on a Saturday morning and it gave you a miraculous suggestion to travel to your favorite coffee shop? Perhaps unbeknownst to you, you at some time provided enough packets of data to these corporations to make such scenarios possible. Data fuel insights, which in turn fuel a beautiful customer experience.

But like most fuel, data generate harmful byproducts (think the car emissions of the 21st century), and irresponsible data collection threatens basic privacy rights, and in extreme cases, physical human lives. To highlight some recent news stories, 500 million people just lost control of their personal data in a major Yahoo breach, while another 11 million people learned that their Vizio smart TVs were spying on them. It might be difficult to put a clear price tag on privacy these days, but it’s certainly not free, and the worst is yet to come.

With these problems in mind, a group of Assemblers has set out to build the Tesla of data analytics, a “clean” statistical tool that enables companies to gather insights on users — like where they live, what they like, what device they use — without compromising their privacy. We’re calling it Clean Insights, and we’re psyched to start giving companies ways to reduce their data carbon footprint.

This all sounds simple, right? We’re going to build a tool to track users without actually tracking them. Yeah, it’s not that simple. In fact, it’s incredibly difficult from a technical standpoint, but we’re lucky to have Professor Cynthia Dwork, the pioneer of a mathematical concept called differential privacy, on our board of advisors (joined by many other wonderful advisors). In a nutshell, differential privacy is like a game of “two truths and a lie” — you put three pieces of data through a magical machine (read: a mathematical formula), and two come out unchanged while one comes out completely jumbled. The key: you don’t know which ones changed and which ones stayed the same, so you no longer trust any of them. With enough data at scale, you can lean on concepts like differential privacy to uncover statistically significant patterns about your users without having to collect and retain individual data points. Problem solved!

As you can see, we have our work cut out for us. Thanks to Assembly, however, we’ve got the combined brainpower of a seasoned privacy app developer at the Guardian Project, a software engineer at Apple, a former product manager at Square, and many, many others, so we’re pretty psyched and hitting the ground running. Stay tuned to see what we put out at the end of our development period in April!

In the meantime, if you’re feeling all jazzed up about joining our efforts to clean up toxic data spills, we’d love to hear from you:

Data is the New Oil

oil spill duck

What happens when there’s a breach?

On the internet, you are your data.

Securing customer data–their virtual lives–is essential in today’s reputation-based economy.

That’s why, as part of the Berkman Klein Assembly this year, we’re building an industry consortium to address responsible data collection, use and storage practices.

the time is now

With great power comes great responsibility. Industry self-regulation is preferable to kneejerk federal legislation.

building trust

Data-sharing with third parties is a critical component of doing business today. But where does the data go? who uses it? what for? how do they secure customer data?

Trust begins with transparency.

data transparency

Show your work. Let consumers and regulators know that you are doing your due diligence When it comes to protecting customer data, doing the right thing makes good business sense.

to be continued…

The proposed consortium, and proof-of-concept data transparency tools, remain a work in progress. The Assembly will launch the initiative officially in April, 2017.

A Silicon Valley Girl in an Assembly World

Having spent the last 3 years and change at a fintech company in San Francisco, I landed in Cambridge, MA in January thrilled to break out of my office walls for a period of time to learn from and collaborate with 16 other cyber-geeks in an academic setting. The inaugural Assembly gave me an excuse to get back into the classroom, to nerd out on books, articles and (gasp) law cases, and to set aside some of the daily concerns of an industry job to think big for a few months.

While Assembly has certainly given me a change of scenery (read: views of the golden gate bridge swapped for views of snow banks), the experience has in many ways more closely resembled my day job than I expected.

For starters, my peers at Assembly are not so different from my InfoSec coworkers back home. At the end of the day we’re all security freaks, and I’ve felt right at home in Cambridge discussing with fellow Assemblers our preferred 2FA methods or complaining about the latest social app that demands every ounce of our Facebook data to sign up. We all know too much, and we all share a cynical, paranoid side that I personally wouldn’t trade for anything.

I’ve also felt “right at home” in Assembly for another reason: like my gender-skewed team back home, I am part of a small minority of female Assemblers, and it only feels natural that I’m the lone woman in most meetings. That said, the ratio of women in Assembly is quite impressive (30% here vs. 13% on my security team in SF), and the women themselves even more impressive.

Of course there are also many key differences, most of which make Assembly so exciting. Unlike my job back home, I’m not driven to generate ideas that generate revenue or to make decisions based upon specific business needs. At Assembly, the only business is the business of making things better for as many people as possible, no strings attached. That’s a pretty rare and awesome opportunity.

Another liberating aspect? I don’t have to consult a lawyer each step of the way (ironic coming from someone who will begin law school next fall!). One of our advisors, Andrew McLaughlin, gave a talk early in the program on how to turn an idea into reality, and the entire room laughed when I asked at what stage we should seek legal advice. The old Grace Hopper mindset that “it’s easier to ask for forgiveness than it is to get permission” clearly works much better around here than at a publicly traded company in Silicon Valley.

One final adjustment I’ve had to make since arriving in Cambridge falls under the embarrassing “Silly Valley” category of #entitlement. I’ve had to relearn how to grocery shop and make my own coffee and meals…. because no more pour over coffee stations, microkitchens full of snacks, and dining halls serving warm food. You can ask my fellow Assemblers the number of times I’ve used the word “Hangry” (Hungry x Angry) since arriving, but hopefully that’s trended down as I’ve adjusted back to the real world again.

Now that I’ve reached the halfway mark of my time in Cambridge, I can say with confidence that I (and the rest of the Assemblers) have had plenty of time and space to think big. We’ve had no choice but to think big given our epic Assembly challenge of figuring out how to “move beyond a world where virtually every computing device and network is insecure.” While I can’t promise you that we’ll have it all figured out by the end of our 14 weeks, given the current trajectory of our various projects, I can promise you that we will make a small yet important dent. And when we disperse back to our homes at the end of our stint, we will certainly take a piece of the “think big” Assembly spirit with us.

So what is this Assembly thing anyway?

Good question.

Until three weeks ago, when I first sat down in the Millstein-West AB lecture hall at Harvard Law School, I had no idea.

People asked me, “What’s this thing you’re doing at Harvard?”

To which I’d shrug, and joke about how we were going to magically fix computer security over the course of four months. And maybe rewrite the laws of thermodynamics while we were at it.

The truth of the Assembly is far more practical, but no less magical.

For two weeks we were treated to an intense lecture series, dubbed “Internet & Society,” by Harvard Law professor Jonathan Zittrain and MIT Media Lab boss Joi Ito.

A week after class finished, nothing echoes in my head so much as the laughter.

What is this new world we have built for ourselves–what is this thing–this internet?

By turns delightful, charming, disturbing, occasionally (often?) gross–but always weird–the internet, as chronicled by Zittrain & Ito, provoked nothing so much as laughter.

Not mirth. But the laughter of a child at an especially gruesome clown–or the first sight of an elephant–a teenager’s first slasher flick–a caveman holding fire for the first time. Ever.

The gaspy, rasping laughter of Colonel Kurtz at the end of Apocalypse Now:

What have we built? What Promethean fire do we now hold, wildcat by the tail, hoping and praying somehow to survive?

We stand in the doorway. No Singularity, no black monolith a la Arthur C. Clarke awaits. But our stories and our fears and our hopes and our dreams reveal the truth: We are becoming something else.

If “the human” is “animal that makes tools,” then what could be more human than to make tools of such sophistication and complexity and power that we lose ourselves to the machine?

Some call this progress–an irresistible, inevitable advance of technology for much benefit world peoples. Others paint a gloomier picture of man become machine, souls sold at millisecond-long auctions to display advertising–and not even good advertising, at that.

Don’t drink the Kool-Aid. But perhaps avoid the hemlock too. Will we remain flesh but lose our values, or become pure values and lose our flesh? Joi asked in class.

Probably neither.

We will muddle along, killing and enslaving each other with each new wave of technology-inspired bloodshed, punctured by occasional bursts of enforced “peace.” We will lie to each other, cheat each other, and stab each other in the back–all for a poisoned pile of money or power…poisoned by our own mortality, for what profiteth a man to gain the world, only to discover, when flesh withers, the utter pointlessness of it all?

But we will also love each other, and comfort each other, and build masterpieces of sculpture in the shifting sands of time. We will succor each other in the face of our own humanity, the horror bearable only in the companionship of our fellow travelers on this painful, astonishing, unique journey from primordial squirt to disintegration of the bodies we do not inhabit so much as are.

The cyber domain, in which we now live, changes none of this. Rather it distorts, distends, amplifies, and twists us like funhouse mirrors at a cheap carnival.

We must not make the mistake of thinking we are powerless in the face of this awesome monstrosity. The juggernaut need not crush us–although some will surely throw themselves before it in some techno-utopian inspired ecstasy.

We are actors in this drama. Not spectators. Powerful forces lean heavy on the scale, but wise innovation, projected asymmetrically, can change the balance of power, and give voice once more to the weak, the oppressed, the colonized, the exploited.

I think of nothing in this moment so much as the final image of On the Beach, the nuclear holocaust dystopia agitprop from the 50s:

There is Still Time...Brother

Avert your eyes. Think of something else.

Because maybe there is time and maybe there isn’t. I don’t know. But I do know that defeatism is a self-fulfilling prophecy. Let us do, and let us do well, and do now. Let us change the world or go down swinging.

That is all.

And that is what I hope the Assembly will become: a place where engineers from the world’s biggest tech companies come for perspective–and, armed with the view from 30,000 feet, work to secure the weak from the powerful, the plundered from privateers, the people from the state, to ask what democracy looks like on the cyber domain–and then build that.