Switchbit is now Ketch

The Swithbit team is driven by a belief in two key principles. First, privacy is an essential human right that all businesses should have the ability to respect and enforce. Second, data is property. Like land and other physical property, data must be protected and controlled according to the time, terms, and conditions of its owner’s choosing. 

We don’t see a zero-sum world where consumer privacy is protected and businesses lose. We believe that both consumers and businesses can prosper together. We’re determined to help businesses honor the data dignity of their customers, while also giving them the privacy and security tools that let them preserve and unlock the power of data for core operations and AI-enabled business processes.

Since our inception, we’ve been working hard to achieve the radical simplification of data privacy, which we believe is among the most critical imperatives facing our economy and our society. Undeniably, we are in the midst of the Data Rights Revolution.

As tends to be the case with revolutions, optimism and commitment are all mixed up with complexity and confusion. In our experience, most businesses want to embrace and implement a consumer-first privacy paradigm–the question is How to get there? 

We are committed to building powerful-but-simple infrastructure that guides our customers through the maze of laws and regulations, while at the same time recognizing and capitalizing on the opportunities along the way–opportunities hiding in plain sight.

Of course you need to achieve compliance and get the details right. But the companies that win this revolution will be those that go beyond, by creating privacy experiences that inspire customer satisfaction and trust. We help you imagine, design, and offer those experiences.

One of the many hurdles here is that the maze isn’t static. It changes as laws are born and evolve. All the energy you spent getting prepared for CCPA and GDPR? Congratulations! Your prize is…. CPRA and LGPD!. Data privacy is a dynamic challenge. That’s why we’re always focused on giving our customers a dynamic, deploy-once-comply-everywhere solution.

In this relentless pursuit of simplicity in the face of change, we’ll be with you every step of the way. And today, we’re practicing what we preach: We’ve decided our name adds more where less will do, and do better. Today, we’re saying goodbye to “Switchbit” and introducing you to “Ketch.” Strong and simple, just like our product and our mission. 

Ketch is blazing a path in the Data Rights Revolution. Join us in fighting for privacy as an essential human right, and data as property to be preserved and protected.

And if you don’t know, now you know. 

Can Orchestrating Privacy Data Subject Requests be Automated?

The complex, time consuming, and downright annoying process of exporting, erasing, or rectifying personal data to respond to valid data subject requests sanctioned under privacy data regulations like GDPR and CCPA likely has you wondering if there’s a better way. You’re not alone if you’re considering a ticketing-based solution touting the ability to automate this process. But can orchestrating data requests from customers be automated?

Personal data exists in multiple formats across multiple in-house, cloud-based, and third-party systems. It can be an email in one system, a rewards number in another, or a cookie in yet another. Before a data subject request can even be fulfilled, much less automated, you need to find the data. Easier said than done. Consider a request based on email address. If that’s not the system identifier, you need to either gather more information from the now-frustrated customer or delve into the system to try and determine the data format. That’s not always possible with systems that hold only obscure device identifiers or cookies. And by law, you can’t claim you don’t have the data just because you don’t have the identifier. Without this information, compliance is at risk and automation is not possible.

Even when the data is located, fulfilling the request requires knowing all the steps within the workflow of each system. For external systems, this could be sending an email or going through the user interface to generate the request. For internal systems, it means identifying the responsible system owner and operator. This is all compounded by the fact that you still need to determine if the request was even received and fulfilled—for every system.

Since the definition of personal data is broad, and it can reside in several linked systems and subsystems, the question also often remains whether the scope of all the data was even dealt with. You might think a data subject request only requires you to delete the customer table containing names, email addresses and account information. But if that customer’s data exists in other locations and formats like purchasing or browser history, you’re only in compliance if ALL the appropriate data is deleted. That also means you need to know what data is exempt and must be maintained for contractual, legal, or auditing purposes.

Considering the complexity of it all, don’t be fooled by ticketing-based system that have you thinking the actual work of fulfilling data subject requests will be automated. Sure, these systems may automate the creation of a ticket, an email response to the customer acknowledging the request, or the due date required by a specific regulation. They may even help you manage HOW to fulfill requests—that is once you’ve determined and set up all systems, identifiers and workflow requirements. But ticketing-based systems are simply not capable of automating orchestration.

So the question remains—can orchestrating data subject requests even be automated or is that just pie in the sky? That’s where Ketch come in.

Using technology rather than process, Ketch is working to solve the barriers of automation by invoking tools like open-source APIs, syntax command templates, and system integration in conjunction with a central control system that lets you automatically record, track, and respond to data subject requests. When it comes to privacy data compliance, our goal is to make data systems work so you don’t have to.

Complying with data security and privacy regulations like GDPR and CCPA isn’t just about avoiding penalties—it’s also about building trust with your customers. That means fast, effective response to data subject requests from individuals asking to discover, access, rectify, or delete their personal data that your company maintains.

With the data sitting in multiple systems and formats—from names and email addresses, to accounts and cookies—orchestrating data subject requests can be complex and labor-intensive, costing you money and tying up resources to respond by the deadline. Under CCPA, that’s 45 days. GDPR gives you just 30.

Ticketing systems make it easier for customer service and IT help desks to effectively respond to requests through an organized workflow. They’re a great tool for recording, assigning, prioritizing, and tracking support tickets. Many of these systems have now added support for managing GDPR and CCPA data subject requests. With features like tagging to ease searches, canned responses to prevent repetitive work, assignment rules to delegate responsibility, and customized reporting to help with audits, a good ticketing system can certainly make handling data subject requests more efficient. But if you think these systems will do the work for you, think again.

Ticketing systems can automate some of the workflow in responding to data subject requests. Think ticket creation, receipt acknowledgement, assignment, or due date alerts. But the actual work of fulfilling the request still must be done. Automation claims may give you the illusion that it will do it for you, but a ticketing system is never going to find and delete or change all the formats of someone’s personal data across multiple internal, cloud-based, data warehouse, and third-party systems. That’s up to you.

In other words, your ticketing system might tell you what to do, but you’re still stuck orchestrating the request through a combination of manual system hunt and peck, available data privacy APIs, and third- party requests—all of which then needs to be verified to ensure GDPR and CCPA compliance. This is what makes up the bulk of complexity and time within the workflow. But it doesn’t have to.

Ketch doesn’t just manage the workflow of responding to consumer data subject requests by creating and tracking tickets. We actually intelligently automate the fulfillment of those requests by directly integrating with the systems where the data resides. Instead of treating data privacy like help desk and investing in a ticketing system that at most creates a ticket, stop the manual, time-consuming process of closing that ticket with Ketch.

Click here to schedule your demo and learn how Ketch doesn’t just capture and track data subject requests but automatically orchestrates their fulfillment.

After decades of the unrestricted “Wild, Wild West” of the Internet, complying with consumer rights granted by data security and privacy regulations like GDPR and CCPA in the evolving digital landscape has likely become a struggle if your company is built with consumer and customer data. And frankly, there are few, if any businesses, that aren’t.

While complying with these complex provisions has undoubtedly been a bit of a bumpy road for your business, the crux of these regulations is that consumers are empowered to request that you disclose, provide access to, rectify or delete all their personal data. That’s anything from identifiers like names, email addresses, and account numbers, to commercial records like browser history, cookies, and online transactions. And when those data subject requests come in, it’s up to you to fulfill them across any and all systems where personal data resides.

Easier said than done, right?

Orchestrating compliance requests involves a complex workflow of verifying the request, finding the data—whether in-house legacy, cloud-based, data warehouse, or third-party systems—and going through all the steps within each system to fulfill the request. Depending on the size of your business, orchestration encompasses dozens, or even hundreds, of systems that collect and store data in multiple formats across multiple business units.

Think about it. All of advertising and personalization depends on personal data—what you buy, where you live, where you go, and even what you look like. You can be guaranteed that no matter what your business, personal data about your customers resides in far more places than just your CRM. It’s in everything from financial and customer-service systems, to logs, developer data stores, backups, websites, and all over the cloud. To complicate matters, a customer may be John Smith in one system, reward member #45783290 in another, and cookie AqfaAU9kUEpEbAtlD in yet another.

Much like a conductor charged with directing dozens of instruments across various sections all playing a different score, no job in data compliance is more difficult, and more important, than orchestration. But unlike the conductor who knows exactly when and to whom to wave the baton, the time-consuming and daunting task of orchestrating data compliance requests is lumpy and unpredictable; there is no warning and no ability to plan, causing your business to scramble and disrupt daily business operations.

Sure, you have spreadsheets, documented procedures, or even third-party ticketing solutions to help you organize requests and cobble together your workflow for determining all affected systems and those responsible for fulfilling data subject requests within each of those systems. But regardless of how efficient your approach and the fictitious claims of “automation” from third-party privacy and ticketing solutions, the actual process required to manually remove personal data from every system takes time and resources.

Amidst the legal and regulatory risk of compliance and the manual, error-prone process of responding to data subject requests, you are not alone if you’ve found your business needing to hire more staff, tying up your development team, or simply pushing out all the work that you do to grow your business—all of which are bad (and expensive) choices. These are, however, choices you don’t have to make.

We built Ketch to automate the capture and fulfillment of consumer data subject requests. We actually automate workflow—not just the creation of tickets—to give you robust orchestration without having to conduct a complex symphony of systems, ending your compliance headaches and doing away with that $100K data compliance analyst job you posted last week.

Click HERE to schedule your demo and learn how Ketch can help your organization automatically orchestrate data subject requests to cost-effectively and easily comply with privacy regulations.**

Stop Worrying About Regulations

To stay compliant, focus on fixing your data-tech stack

For global businesses, the data-privacy rulebook isn’t getting any shorter. The GDPR and the CCPA are just the tip of the iceberg; over 80 countries have passed or strengthened data privacy laws. Industry-specific regulations such as HIPAA and FERPA further complicate matters, while COVID-19 contact tracing will open a whole new Pandora’s box of regulatory complexities. With China and India also joining the party, the regulatory landscape will only grow more tangled in coming months.

There’s no way to avoid all those rules and regulations. Data, not oil, is the fuel powering our economy, and we’re using more of it than ever. New innovations such as AI and IoT constantly add to the torrents of data inundating businesses: a single smart-car produces 300 terabytes of data a year; by 2025 the world will generate a colossal 175 zettabytes of data a year. Companies can no more opt out of using data than a fish can opt out of the ocean.

But managing all that data while simultaneously complying with a constantly changing and growing body of regulations is a major challenge, one most companies aren’t equipped to handle. Firms typically respond to new regulations by patching their data management tools to ensure data is handled correctly, but taking an iterative, point-solution approach while navigating the expanding global regulatory morass is like playing Whac-A-Mole — except that the field is growing, the moles are proliferating, and you have only a single mallet. No matter how fast you hammer, you’ll never be able to keep up.

That’s the bad news. But there’s good news, too. While the challenges are real, there’s also a real and practical solution that can help businesses to stay compliant amidst a sprawling and ever-changing regulatory landscape. And paradoxically, the best way to stop the bleeding and stabilize the patient is to stop worrying so much about regulations.

Put Data First

Obviously, you can’t ensure compliance without paying attention to regulations. But that doesn’t mean everyone in your organization should be constantly fretting about how regulations affect them.

Under the current paradigm, when new regulation is enacted, businesses have to gather together everyone — business leaders, legal experts, developers, and so forth — to hammer out a fix. That’s fine when you’re dealing with modest amounts of data and a circumscribed body of regulations. But when you’re dealing with rapidly changing data and regulations on a global scale, it simply isn’t sustainable. All too soon, you’re left with a patchwork of point solutions — complex, brittle, failure-prone, and impossibly expensive to maintain.

This Rube Goldberg approach to regulatory compliance also takes up huge amounts of time and energy, driving up costs and distracting your legal, business, and technical teams from more important matters. It also stifles innovation and slows product development as engineers shelve other projects to bolt yet another set of unscalable compliance solutions onto an already struggling tech stack. And it forces legal and business stakeholders to second-guess what’s technologically possible, and engineers to parse the nuances of statutes and regulations as they struggle to ensure their code is compliant.

What’s really needed is a more efficient approach: not an all-hands effort to rebuild your data management system each time a new regulation comes along, but rather a mediating layer between legal and business experts, on the one hand, and developers and engineers on the other.

Instead of treating compliance as a regulatory problem, treat it as a data-processing problem — and build a data-tech stack that’s capable of natively support any new regulations, and applying changes seamlessly across your entire data-set without requiring legal folks to understand code, or developers to understand the fine points of privacy statutes.

A Scalable Solution

That’s where Ketch comes in. Our platform decouples your data handling and compliance processes by establishing a central control system that lets you update data governance protocols without ever touching the code driving your data-handling tools.

By separating these functions, we free legal and business teams to focus on articulating a data governance worldview that’s aligned to the latest regulatory requirements, and to consumer needs and rights, without worrying about execution. On the tech side, developers can integrate data-handling systems with the data governance module once and once only, and never worry about compliance again.

Sound too good to be true? Here’s how it works:

First, using our simple but feature-rich Regulatory Harmonization tools, legal and business folks develop policies setting out what’s allowed and what’s not. Imagine TurboTax, but for privacy regulations instead of the tax code: a simple, slick dashboard that requires no technical expertise, but lets you draw on Ketch’s experience and templates, plus your own industry knowledge, to create a customized rulebook that determines precisely how your company can handle data.

At this point, the legal and business team’s work is done, but Ketch is just getting started. Based on the policies you’ve defined, we automatically generate permits — a kind of smart contract that sets out the precise rights and obligations of every user or piece of data in your system. Enforced through high-end encryption, the permits make it literally impossible for data to be used incorrectly, much as DRM makes it impossible for IP assets to be improperly shared.

Finally, we assign each piece of data a unique identifier, a bit like the barcode that identifies every can on a supermarket shelf. That’s important because it’s the only piece of our system that developers need to worry about: using a simple API, developers can use that identifier to check whether a specific action is permissible for a given piece of data. They never have to interpret the rules themselves — they just ask the question, and get a straightforward answer.

The power of that approach should be obvious. If a new law is passed, or an old one changes, the only people who have to worry about it are your legal and business team. They can implement the new policies, and know that their changes will propagate instantly across the company’s entire data infrastructure. And because compliance is handled centrally, your codebase never changes or needs revising — while the permitted actions for any given user or bit of data might change, the infrastructure itself remains the same.

The result: a top-to-bottom governance system that ensures future-proof compliance without forcing you to rewire your data infrastructure. Policy changes propagate through your system automatically, even extending downstream into middleware, or to partners and consumers who access or use your data. And because you’re no longer working with a patchwork of point solutions and custom fixes, the entire network is more secure, more efficient, and easier to maintain.

Deploy Once, Secure & Comply Everywhere™

For too long, digital enterprises have been running to stand still when it comes to data compliance. It’s time to get off the treadmill, and find a new, genuinely scalable approach that treats data compliance first and foremost as a data-processing problem.

Ketch is that solution. Just as Stripe revolutionized online payments with an API approach, so we’re turning data compliance into a solvable problem. No matter how quickly regulations change or how fast your business grows, you’ll never have to waste time rewiring your data management tools — you’ll just update your data policies, and get back to serving your customers.

Global regulators aren’t about to stop passing privacy laws, but you don’t have to let your company get swept away by the deluge. If you’re ready to stop playing catch-up, get in touch today, and let Ketch change the way you think about compliance.

A Primer on Data Privacy

What is data privacy and why does it matter? How did we get here, what does “here” look like, and what’s ahead?

At a recent Ketch meetup, I presented a primer on data privacy, exploring the past, present, and future of privacy law. Below are my slides, as well as summary takeaways.

Thanks to those of you who attended our virtual event! Join Ketch’s #PrivacyTech group for updates on our upcoming meetups.

Key Takeaways

  • Data Privacy is here to stay
    • Global regulations are increasing in number and severity.
    • Growing demand for privacy experts in tech.
    • Everybody needs to know the basics, and it’s not rocket science (credible online resources are everywhere).
  • Know the privacy lingo
    • GDPR: personal data, legal basis, controller, processor, sub-processor, data subject, DSR, DPIA.
    • CCPA: personal information, consumer, business, service provider, business purpose, sell.
    • Other: HIPAA, COPPA, PII, PHI.
  • Data isn’t dead
    • Data + Privacy is more than the sum of its parts.
    • The laws still allow enough flexibility to use data. Yes, everything is harder now, but it was too easy before.
  • Practice privacy-by-design and privacy-by-default.
  • Be vigilant: there are lots of bad (or ignorant) actors out there.

Respect data, respect privacy!

Meetup Slides


previous arrow
next arrow
previous arrownext arrow
Slider


Could Your Privacy Policy Cope With Explosive Growth?

Zoom’s coronavirus boom-and-bust shows why brands should communicate clearly about privacy

Six months ago, Zoom was a buttoned-down, business-focused video-chat tool with 10 million daily users — but by March, its user-base had surged to over 200 million as the coronavirus pandemic drove countless organizations to move online. Almost overnight, Zoom became not just a household name but a generation-defining cultural touchstone, and its stock price more than tripled.

Great news, right? Well, sure — except that Zoom’s explosive growth also exposed serious weaknesses in its privacy policy. First, it emerged that Zoom’s app was leaking user data to Facebook; later, cybercriminals began trading exploits, meetings were crashed by foul-mouthed “Zoom-bombers,” and it became apparent that Zoom’s vaunted end-to-end encryption didn’t actually exist.

The upshot: serious damage to Zoom’s brand, with corporations banning employees from the service, irate users filing lawsuits, and regulators launching a flurry of investigations. “We have fallen short of the community’s — and our own — privacy and security expectations,” admitted CEO Eric Yuan. “We did not design the product with the foresight that, in a matter of weeks, every person in the world would suddenly be working, studying, and socializing from home.”

Zoom’s growth might have been unanticipated, but its privacy failure was a self-inflicted injury. By following a few simple guidelines, Zoom could have implemented far more effective policies, and spared itself a litany of headaches. So where did Zoom go wrong — and how can you ensure your own company’s privacy policy is ready for whatever the future brings?

1. Compliance is just the beginning

Many companies see the privacy policy primarily as a necessary but annoying document required by law — begrudgingly admitting that such policies are increasingly important given the rise of complex new frameworks such as the GDPR and the CCPA. But don’t take a bare-minimum approach and assume your privacy policy is ready for primetime just because you’ve ticked a few regulatory boxes. Your policy should aim higher, and be transparent, truthful, and forthcoming. Don’t just promise to play by the rules. Go further, and explain in positive terms exactly how you’ll collect, use, and protect your customers’ data.

2. Keep it simple

Your privacy policy doesn’t have to be a fusty legal document: turn it into a living, breathing opportunity to build and strengthen relationships with visitors who have shown an interest in what you do. The key is to thread the needle between using legally precise language, and expressing your company’s approach to privacy in terms that are simple enough for users to understand. It’s a fine line to walk: ambiguities could leave you legally liable, while dense legalese will make customers’ eyes glaze over. Imagine your grandma is reading your privacy policy — if she gets confused, or can’t make it through without taking a nap, then it needs more work. And remember it’s not illegal for the policy to have a little personality.

3. Make your policy a no-spin zone

Treating your privacy policy as a communication tool doesn’t mean putting your PR team in charge and calling it a day. As Zoom learned when it claimed to have E2E encryption, buzzwords and impressive-sounding jargon can come back to haunt you if they don’t reflect how your product actually works. You can’t spin your way to a successful privacy policy, so don’t tell people what you think they want to hear. Just tell them in plain English what you’re actually doing. And if you include specific technical claims, make sure they’re true.

 4. Sweat the small stuff

When it comes to your privacy policy, the devil is in the details. The snippet of Zoom’s code that leaked data to Facebook probably seemed inconsequential when it was first written, but when the world started paying attention, Zoom wound up with egg on its face. When thinking about privacy, don’t focus solely on the processes that are central to your business. Ultimately, trivial-sounding cut corners, workarounds, and hand-waved details can harm your brand.

5. Think of the children

Part of the reason Zoom slipped up was that its product, designed for enterprise users, was suddenly adopted by 90,000 schools for online teaching. Zoom got an unscheduled stress-test as children began mucking about with features and settings, and its privacy policies were swiftly put under the microscope by worried parents. The key lesson? Make your privacy policy robust enough to cater to sensitive or specially regulated users — and if kids might use your product, consider havinga separate privacy policy to explain how you’ll handle their data.

6. Put your money where your mouth is

Whenever a product gets popular, hackers start sniffing around. Zoom tripped up by failing to anticipate that, and leaving it to its own business partners to root out vulnerabilities in its platform. A better approach: spend some money early on, and pay “white hat” hackers to dig up problems that need patching. There’s little point crafting a transparent, effective privacy policy if you don’t also do your utmost to keep your users’ data safe from cyberattacks and other predictable threats.

Make privacy a priority

It’s easy to sympathize with Zoom. After all, how many startup CEOs can say, hand on heart, that they could handle a twentyfold growth surge without a few growing pains? Ultimately, though, Zoom’s privacy problems were an unforced error. Digital startups are built for rapid growth, so there’s no excuse for having privacy policies that aren’t future-proofed.

The real takeaway is that whatever business you’re in, the days of neglecting privacy are long gone. You never know when your user numbers will skyrocket, and you’ll never get a second chance to make a first impression, so you can’t afford to treat your privacy policy as an afterthought.

Fortunately, the solution is simple: instead of viewing privacy as merely another box to check, bring your whole team into the process, from top-level leaders to legal, technical, and communication experts. Establish privacy as a genuine priority, then use your privacy policy to communicate that commitment and make it a key differentiator for your brand.

Despite Zoom’s missteps, implementing an effective and resilient privacy policy isn’t rocket science. If you take your customers’ privacy seriously, and craft a policy that clearly and honestly explains your values, you’ll be well-placed to succeed — no matter what the future holds.

Part 3: Privacy-Preserving Contact Tracing at Scale

As I previously discussed in Part 1 and Part 2, to defeat COVID-19 we’ll need effective contact tracing — but in order to win widespread buy-in for digital tracing, we must also commit to zealously defending users’ privacy rights.

In Part 3, I’ll map out the path to privacy-preserving and effective contact tracing at scale. Watch the third video explainer, then see below for more.

The good news is that this is a solvable problem, and there’s a way to bring Americans on board as we deploy new contact-tracing apps. The bad news is that when it comes to winning the trust of the public, the teams building tracing apps have a lot of room for improvement.

According to a recent survey, 56% of Americans say they don’t trust tech companies to manage and protect tracing data. That’s 13 percentage points less than those who say they’d trust government health agencies or universities with their data.

Winning hearts and minds is going to be an uphill struggle. That’s why Ketch is calling for a new initiative to develop industry-wide privacy standards — a joint collaboration between tech firms, privacy advocates, health workers, and universities. This would be a foundational step toward genuinely trustworthy contact tracing.

In practice, what does that mean? In addition to developing contact-tracing apps, we must also build digital infrastructure capable of fusing tracing and health data and delivering the actionable insights we need to curb and preempt outbreaks. Crucially, we need to do so in a way that is unimpeachably secure, and that transparently safeguards users’ privacy and data rights.

To achieve this, we need three big things:

#1 Threat Exposure Notification Protocol (TENP)

#2 A commitment to citizen control

#3 A robust privacy standard

#1 Threat Exposure Notification Protocol (TENP)

The Internet couldn’t exist without the HyperText Transfer Protocol (HTTP), which sets the standard for formatting and transmitting messages online. To collect the data needed to derail coronavirus transmission, we need a similar standard for contact tracing: a Threat Exposure Notification Protocol (TENP) that articulates how data can be gathered, stored, communicated, and shared between authorized stakeholders. Google and Apple’s new software kits empower individual applications, but we need a unified TENP to prevent the fragmentation of data across multiple tracing apps, and to allow analysts and health workers to leverage a unified data-stream as they work to thwart future pandemics.

#2 A commitment to citizen control

In developing a TENP, we need to put end-users in the driver’s seat. Only by empowering citizens can we secure the buy-in that’s needed to trace contacts at scale. That means giving users the power to seek out information on their own terms, and to decide precisely how much of their data to hand over along the way. To be effective, any contact-sharing standard will need to have the user’s Right to Be Forgotten baked into its fundamental structure. We’ll also need to ensure that users can give, withhold, or withdraw consent for the use of their data at a granular level, and also veto the use of their data by authoritarian states such as Russia and China. These are foundational issues that need to be addressed as such, and not reinvented from scratch each time a developer sits down to code a tracing app.

#3 A robust privacy standard

Finally, we need to codify a privacy standard that is flexible enough to allow researchers and public health actors to fuse potentially chaotic health, location, and proximity data at scale, but also robust enough to give users reliable control over their data. The more we can ensure privacy, the more willing users will be to share their information, enabling not just basic contact tracing but perhaps also the use of more advanced health data, such as biometric data or medical results, to spur the development of new treatments for COVID-19. The potential is enormous, but only if we can give users an ironclad guarantee that nobody’s taking liberties with their data.

At Ketch, we’ve taken the first step towards these interconnected goals by launching the Threat Exposure Notification Protocol (TENP), a new standard for sharing data across contact tracing applications, data providers, public health institutions, and policymakers. Essentially, TENP is a framework that lets tech companies incorporate meaningful and verifiable privacy and data security into their tracing systems, and also gives users, regulators, and health professionals reassurance that tracing is being carried out in an effective and secure way.

Of course, TENP is only the first step. By establishing a clear standard for data sharing, we’re enabling the kind of collaboration and innovation that’s needed — but others, from policymakers to tech companies, will now need to step up and make use of these tools. What’s needed is a groundswell of support for these ideas, driven both by users and by tech companies themselves.

These are early days, and we don’t claim to have definitively solved the privacy challenges inherent in contact tracing. But with TENP, we’ve created a connective framework that the tech industry, the healthcare sector, and policymakers can build on to develop more robust tracing tools. Now, we need collaboration and creative thinking to move the ball forward — and to reassure users, in the United States and all over the world, that it’s safe to share their personal data.

There’s still plenty of work left to do, so if you’re interested in helping us figure out how to realize this vision, please get in touch. Defending privacy while building contact tracing systems at scale is a challenge that’s bigger than any one company or organization — but together, it’s a challenge we can overcome. Our ability to defeat COVID-19, and to prevent similar crises in the future, depends on it.

Part 2: What’s Holding Back Contact Tracing Success?

In Part 1,  I explained that for contact tracing to achieve the requisite adoption levels in America, tracing technologies must be accompanied by robust privacy protections.

So what does it take for Americans to lay their personal data on the line in the name of public health? Watch the second video in our series below. Read on for more.

Contact Tracing’s 3 Big Challenges

Despite the runaway success of digital contact tracing in places such as Taiwan and South Korea, about 60% of Americans don’t believe digital tracing will help us beat COVID-19. Yet 50% of Americans also say they’duse a contact tracing app if one were available.

Clearly, Americans are skeptical but persuadable. To overcome skepticism and win large-scale buy-in for digital tracing, we’ll need to address three big challenges:

  1. Consumer Adoption
  2. Citizen Control
  3. The Oligarchy
1. Consumer Adoption

The first challenge lies in gathering data in useful volumes. According to Covid-Watch, tracing technologies must be used by over 50% of a given population in order to be effective. Paradoxically, the current proliferation of tracing apps and technologies makes that goal harder to achieve ––unless apps share their data each new platform further fragments the total data-pool.

Clearly, gathering sufficient data will require careful coordination and data-aggregation between platforms. That’s especially important in a sprawling, geographically and demographically diverse country like the United States. The same network effects that lead kids to use TikTok and old-timers to use Facebook, or prompt Twitter users to coalesce into echo-chambers, could drive different groups to preferentially adopt different tracing apps. Without the ability for those apps to talk to one another, our ability to curb this pandemic is severely limited.

The bottom line is that the coronavirus doesn’t respect our app preferences, our social groupings, or our demographic and geographic divisions. As new genetic testing shows, the virus simply rolls across state lines and national borders, rippling inexorably from one hot spot to the next. To counter that, we’ll need tools that can share data effectively, both with each other and with researchers and health workers.

2. Citizen Control

We need to gather as much data as possible, but to achieve that goal we’ll have to give users the right to opt out of contact tracing, and to delete any data they’ve previously shared. That’s because unless we put users firmly in control of their data, we’ll never achieve a critical mass of registered app users.

At a minimum, anyone who’s sharing personal data through a tracing app should be able to quickly and easily do the following:

  • Invoke their Right to Be Forgotten;
  • Decide for themselves how their data will be used; and
  • Explicitly block authoritarian states from accessing their data.

Many contact-tracing solutions ignore these requirements, claiming they’re unnecessary for tools based on Bluetooth-powered proximity detection rather than GPS location tracking. But while the Bluetooth solutions touted by MIT, Apple, and Google are promising, citizens seeking to manage their personal health risk need more than a scary message telling them they’ve been in the proximity of someone who tested positive.

In the wrong hands, information about the people you’ve met can be just as sensitive as data about the places you’ve visited, and users have every right to demand control over how that data is stored and shared. Control works both ways, too: some app users might be happy to freely share both location and proximity data, at least in some circumstances. Rather than forcing users to wait for alarming messages to pop up on their cellphones, we should put them in control, and let them seek guidance on their own terms.

3) The Data Oligarchy

A lot of this boils down to giving people control of their data, and using their information only in ways to which they’ve explicitly consented. That might sound like a no-brainer, but it rubs up against some of the defining challenges of our modern world.

From digital staples such as web search and email to innovations such as contact tracing, we’re utterly reliant on big tech firms such as Apple and Google to build and maintain our digital infrastructure. Necessarily, and discomfitingly, that means trusting those companies to build a neutral infrastructure that serves our collective needs rather than their own corporate goals.

Don’t get me wrong: when it comes to COVID-19, we’re enormously lucky to have Apple and Google fighting in our corner. But there are real privacy concerns that come with the tech titans’ market dominance. The rise of privacy regulations such as the GDPR and the CCPA reflect legitimate concerns about the rise of a largely unregulated data oligarchy.

We Can Get This Right

Tackling these concerns head-on, and building a system that handles privacy properly, should be a shared priority for regulators, users, health workers, and tech companies. We’ll need effective tools if we’re to solve this crisis and future ones. But we’ll also need apps that we can deploy on an enormous scale without sparking a privacy backlash. If we don’t get this right, we could be dealing with the consequences for years to come.

I’m hopeful about our ability to solve these problems and build a contact tracing network that respects people’s rights while delivering the data we need to defeat the coronavirus. In the next post, I’ll outline how we can unite to create the new data and privacy standards needed to win the fight.

Part 1: Will Contact Tracing Work?

It’s the question of the day: will contact tracing work? The short answer is yes, if we do it right. And since doing it right involves data privacy, data security, and data management –– right up our alley at Ketch –– we created a three-part series on contact tracing challenges and solutions . To kick off Part I, here’s an overview video on how contact tracing works and what’s at stake. Read on for more.

A Tale of Two Countries

In mid-March, the United States and South Korea had each seen around 90 coronavirus deaths. By the end of April, however, the two countries were a study in contrast. South Korea lost just 85 more people to the pandemic — while the United States lost over 62,000 souls, at an average of 85 COVID-19 deaths per hour for the entire month.

The key difference between the two nations isn’t their size. It’s that from the earliest days of the COVID-19 crisis, South Korea implemented “virtuous surveillance,” or the use of digital contact-tracing technologies to track the movements of coronavirus carriers, identify people they may have infected, and help public health officials to break the chain of transmission.

Here in the U.S., we’re only now rolling out contact tracing at the start of May. Health experts are calling for a $3.6 billion push to support the effort, following successful examples in South Korea, Taiwan, and Singapore. Some of America’s best and brightest, including engineers at Apple, Google, and MIT, are now developing the contact-tracing technologies to safely reopen our economy and avoid future pandemic crises.

But contact tracing isn’t just a technological challenge: it’s also a cultural one. To deliver results, we’ll need the American people to set aside partisanship and anti-scientific posturing, and actually use the contact tracing technologies that we develop.

The early signs are that winning the battle for hearts and minds could be a bigger challenge than developing effective tracing technologies. In fact, surveys show that 60% of Americans currently feel that location-based tracking would make next to no difference to our fight against COVID-19.

Those numbers are disheartening. But I believe they reflect skepticism less about the efficacy of tracing technology than about the likelihood of Americans collectively embracing a technology that’s explicitly designed to collect their personal data.

Paradoxically, Americans are willing to click away their data rights if it means they can share cat photos more easily, but they’re deeply skeptical about giving people in positions of authority permission to digitally track them. They’re also skeptical about sharing potentially sensitive health information with their neighbors. That’s understandable: people quite rightly consider their health, movement, and social interactions to be private, and right now the stakes are higher than ever.

We’ve already seen ugly cases of Asian-Americans being victimized for supposedly spreading the coronavirus, and fights breaking out after people cough in public places. Now imagine the chaos that would ensue if everyone in a grocery store learned someone present had been exposed to the coronavirus — or if everyone in an apartment building discovered one of their neighbors had tested positive.

There Has to be a Better Way

For contact tracing to work at scale, we can’t dodge these critical questions of privacy, consent, and control. This isn’t an either-or situation: the idea that we can have privacy or public health, but not both, is a false choice. There has to be a better way.

Here at Ketch, we believe that tech companies need to step up and help address this thorny issue, just as they are doing in developing the core technologies that make large-scale contact tracing possible.

MIT’s Private Kit has led the way by promoting the use of Bluetooth, not GPS data, to drive contact tracing. That approach — now implemented by Apple and Google in APIs for Android and iOS devices — allows apps to focus on tracking users’ proximity to one another, rather than their specific location. Using Bluetooth, apps can identify the people you’ve had contact with, without recording more sensitive information such as whether you met them at church or at the liquor store.

Bluetooth doesn’t solve every problem: it’s easy to imagine marketers using stationary Bluetooth beacons to piggyback on contact-tracing infrastructure to track shoppers passing through their stores, for instance. But such strategies are a step in the right direction, and a sign of the kind of innovation we’ll need to build a trustworthy tracing system that respects users’ right to privacy.

To ensure contact tracing success in the U.S., we’ll need robust, verifiable, and scalable privacy protections to win the buy-in that will allow us to scale this vital technology.

Fortunately, this is a challenge the tech industry knows how to solve. In my next blog post, I’ll dig deeper, and show how we can start to build a contact tracing infrastructure that combines both effective tracking and utterly trustworthy privacy protections.