Fortifying Privacy in the AI Era with Privacy Enhancing Technologies

The EU AI Act came into effect on August 1, 2024, marking an important step in mitigating the risks associated with AI deployments. This legislation focuses on creating a comprehensive regulatory framework to ensure the safe use of AI across various sectors. It aims to establish a risk-based approach to AI regulation, with strict requirements for high-risk AI systems, and it encourages innovation while safeguarding fundamental rights. The EU AI Act parallels efforts in the United States, where the Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence, issued on October 30, 2023, also addresses the challenges posed by AI technology.

Fully Homomorphic Encryption (FHE) Bridges the Gap

These initiatives are major steps toward ethical AI development, emphasizing the principles of safety, security, and trust. While these steps are laudable, they also spotlight an underlying truth: relying solely on governmental regulation may fall short in the face of rapid technological advancement. Achieving genuine privacy security necessitates moving beyond legalities and embracing the capabilities of cutting-edge Privacy Enhancing Technologies (PETs).

PETs encompass a range of strategies designed to fortify individual privacy in a connected world. From anonymization to data minimization, PETs work to curtail unnecessary data exposure and grant users greater control. Among these technologies, Fully Homomorphic Encryption shines as a beacon of innovation and protection.

Fully Homomorphic Encryption (or FHE) is a cryptographic breakthrough that permits computations on encrypted data without the need for decryption. In simple terms, it empowers data to remain encrypted while being processed, ensuring that sensitive information is never fully revealed. This transformative concept has the potential to revolutionize AI-powered landscapes by preserving data confidentiality during analysis.

Key industry leaders are already at the forefront of embracing FHE. Tech giants like Microsoft, Google, Apple, IBM, and Amazon have implemented FHE tools and libraries, paving the way for broader adoption of this potent technology. Unlike traditional encryption methods, which mandate data decryption for analysis, FHE operates entirely within the encrypted domain. This leap forward ensures that privacy remains paramount, addressing the core privacy-utility trade-off.

Deploying AI without Compromising Privacy

Consider the implications in the healthcare sector. Medical researchers can use advanced AI to analyze encrypted patient data without exposing individual health records, achieving a delicate balance between data utility and privacy. The healthcare sector is just one of many that would benefit greatly from implementing AI tools along with Fully Homomorphic Encryption (FHE). In the insurance industry, AI can assess risk and personalize policies based on encrypted data. Retailers can analyze purchase data for trend prediction and personalized experiences, while in education, AI can tailor learning experiences while keeping student records secure.

Governmental emphasis on responsible innovation and legislation aligns perfectly with the integration of PETs. Privacy enhancing technologies like FHE can bridge the gap between regulations and technological advancement. This union ensures that innovation flourishes while individuals’ rights and safety remain uncompromised. The fusion of robust privacy solutions and regulatory initiatives is the driving force behind a digital ecosystem where privacy and progress coexist harmoniously.

In the end, the protection of privacy is not a mere aspiration but a steadfast commitment that demands both ethical principles and powerful technological tools. As the digital landscape evolves, the recognition that privacy preservation requires more than trust reaffirms the importance of privacy enhancing technologies. Beyond regulation and commitment lies the realm of actualization, where FHE becomes the linchpin of a privacy-centric AI era.

About the EU AI Act

The EU AI Act is the first comprehensive regulation on artificial intelligence by a major regulator. It categorizes AI applications into three risk levels. First, applications with unacceptable risks, like government-run social scoring similar to China’s, are banned. Second, high-risk applications, such as CV-scanning tools for job applicants, must meet specific legal requirements. Finally, applications not banned or deemed high-risk are mostly left unregulated.

About the Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence

The order outlines the administration’s AI policy goals and directs executive agencies to act accordingly. Goals include promoting AI industry competition and innovation, upholding civil and labor rights, protecting consumer privacy, setting federal AI procurement policies, developing watermarking for AI content, preventing intellectual property theft from generative models, and maintaining global AI leadership.

How Privacy Enhancing Technologies Can Protect Us at the Airport

Privacy Enhancing Technologies (PETs) address the dire need to safeguard private and proprietary data in a variety of industries and platforms. One of the possible applications of PETs is in the field of travel, where they could be introduced in TSA checks at the airport.

In March 2024, the TSA rolled out a new experimental self-service screening system security check at the Harry Reid International Airport in Las Vegas. Passengers who use the self-screening stations are asked to voluntarily share their ID, including name and picture, as well as their height, travel information, and even an X-ray of the contents of their carry-on.

The goal of the self-screening is to expedite the screening process. However, uploading, sharing, and digitally storing these highly personal details raises major privacy concerns.

The TSA has faced privacy issues in the past as well. In 2023, a Swiss hacker leaked the 2019 TSA No-Fly List containing the personal information of 1.5 million people who were barred from flying due to security concerns. The TSA regularly shares its No-Fly List with airlines around the world so they can screen passengers, and this leaked list was discovered on an unsecured server belonging to CommuteAir.

How can the TSA and airline industry keep individuals’ private information safe, while still maintaining the same vigilance about potential security threats?

Fully Homomorphic Encryption Protects Your Privacy

The most promising PET for securing passenger privacy is Fully Homomorphic Encryption (FHE). FHE allows applications to perform computation on encrypted data without ever decrypting it.  By applying FHE to its databases, the TSA could maintain the ability to analyze and share passenger data without revealing or compromising any of the information. This would also hold true for any outside agency or company that would need to use the data, including airlines. Whether in self-screening stations or on airline servers, sensitive information would always be stored, transferred, and, thanks to FHE, even processed in its encrypted format.

Chain Reaction is at the forefront of the race to design and produce a processor that will enable real-time processing of Full Homomorphic Encryption. This cutting-edge technology will usher the TSA and similar governmental agencies into a new era of privacy-preserving data collaboration and security.

AI is Driving Growth in Cloud Usage, But Concerns About Privacy Persist

Artificial Intelligence (AI) can access large pools of data and make logical inferences from billions of pages of information. Therefore, it can solve complex problems and can be leveraged to enhance business outcomes.

As a result, cloud providers have seen double-digit growth in traffic since the release of ChatGPT, Gemini, Claude, and other GenAI tools. Amazon Web Services, for example, reported an increase of 13%, and Alphabet saw an increase of 26% in its cloud unit, year-over-year. Similarly, Microsoft said its Azure cloud business grew 30% and credited 6 percentage points of its growth directly to the increase in demand for AI.

“The uptick in AI usage on the cloud is in large part thanks to enterprise customers testing use cases,” said Stefan Slowinski, global head of software research at investment bank BNP Paribas Exane. However, financial companies, healthcare institutions, and government agencies, among others, are still waiting to see whether crucial privacy concerns can be resolved before fully investing in AI.

One of those concerns is that every time a user interacts with an Artificial Intelligence tool, the information from that interaction is automatically recorded into the machine learning functionality, exposing private data to the AI learning model and the hosting company. Currently, there is no way to delete or prevent this from happening. Slowinski points out that the risk for the hyperscalers who host AI models is that too few use cases (for AI) make it past the pilot phase because they are not able to develop clear enough safety controls.

Fully Homomorphic Encryption Creates Private LLM

For AI to fulfill its potential, proprietary and sensitive information must be secured. The most promising innovation under development to secure private data is Fully Homomorphic Encryption. FHE allows AI applications to perform computation and analysis exclusively on encrypted data, so that it is never exposed to the learning module.

As an emerging leader in Privacy Enhancing Technologies, Chain Reaction is at the forefront of the race to design and produce 3PU™, a revolutionary processor that will enable real-time processing of Fully Homomorphic Encryption. This technology will enable AI to process data without compromising privacy, creating a Private LLM (Large Language Model). This would finally enable corporate entities, public institutions, and hyperscalers to embrace the full use of AI, confident that their proprietary code and sensitive information remain secure and anonymous.

From Satoshi to Stability: Bitcoin Distinctive Edge
Emerging from a bear market, 2023 proved to be a remarkably successful year for Bitcoin, and 2024 has begun on an equally impressive note, with the cryptocurrency reaching the $50,000 mark for the first time in over two years. With bitcoin gaining more public exposure, it’s important to explore what makes it stand out among other cryptocurrencies.
Approximately 22,932 cryptocurrencies have materialized since Bitcoin arrived on the scene in groundbreaking fashion in 2009. While cryptocurrencies vary in use, they all utilize a distributed ledger technology known as the blockchain, a shared public database in which new entries can be added but existing entries cannot be altered.

Types of cryptocurrencies include stablecoins, non-fungible tokens, central bank digital currencies, security assets, and crypto assets like Bitcoin. It’s easy to assume that all cryptocurrencies are more or less the same, but bitcoin stands apart in the crowded cryptocurrency landscape, not merely as the pioneering digital currency, but also due to its distinctive protocol. This sets it apart from its peers, cementing its role as the ‘anchor’ of the industry – a symbol of stability and enduring presence.

Bitcoin distinguishes itself from other centralized cryptocurrencies by offering the largest available network, a predetermined supply, full sovereignty over one’s coins, and a transparent structure that cannot be easily influenced by any one organization.

In fact, Bitcoin is sometimes referred to as “digital gold”. People in all walks of life have always looked for assets that were not controlled by governments, and for centuries, gold has been the standard-bearer for such commodities. However, as governments have moved off the gold standard and as we have moved into the Internet age, Bitcoin has become the ultimate example of a decentralized financial asset.

Much like gold, Bitcoin has a low correlation to the stock market, and it has therefore become a viable option for those looking for hedging opportunities, fungibility, and many of the other characteristics of gold.

A Brief History Of “Digital Gold”

Bitcoin was invented 15 years ago by the mysterious Satoshi Nakamoto – a pseudonym for a person or persons unknown. Published on Oct. 31, 2008, a transcript known as the Bitcoin Whitepaper laid out plans for a computer technology that would enable multiple parties to send payments online without verification from financial institutions, such as banks. The creators of Bitcoin utilized the principles of cryptography, to develop a decentralized digital currency system that ensures secure and verifiable transactions, protecting them from unauthorized access or tampering by third parties.

A set of Bitcoin transactions from a certain period of time is known as a block. Each block is stacked in such a way that one block depends on its predecessor. This series of blocks, or the blockchain, holds a complete, public, and permanent record of every Bitcoin transaction. This means that anyone can see where Bitcoin is flowing at any given time.

In the years since its introduction, Bitcoin has reigned as the world’s largest cryptocurrency in terms of market capitalization. Decentralized digital scarcity is the real innovation and Bitcoin was the first to introduce this concept.

There will only ever be 21 million Bitcoins in existence, meaning that people who own Bitcoin will not have to worry about their coins losing value through the inflation caused by printing more of a currency. This has been a major issue for modern currencies, which can rapidly decrease in value over time.

Furthermore, as most learned in their first economics class, the supply of an asset plays a big role in determining its price. A scarce asset is likely to be more valuable, meaning the limited supply of Bitcoin is an attractive quality.

Another attractive feature of Bitcoin is its anonymity. While Bitcoin transactions are recorded on the blockchain, users’ identities are kept pseudonymous. This helps create privacy for those who wish to keep their financial transactions secret.

New adoptions like Ordinals are a great example of how Bitcoin technology is continuing to evolve over time. Ordinals are digital assets that can be inscribed on a satoshi, the lowest denomination of a Bitcoin. In this sense, Ordinals are very similar to Non-Fungible Tokens, or blockchain-based tokens that each represent a unique asset like a piece of art, media, or even a contract.

As more people and businesses adopt and use Bitcoin, its network effect grows stronger. The larger the network, the more valuable and widely accepted Bitcoin becomes as a form of currency.

As such, it seems that although other cryptocurrencies will come and go, Bitcoin’s popularity has remained strong for over a decade, and it is built to last.

Bitcoin Miners Create A Network With Integrity

Bitcoin’s network is key to helping maintain its viability and integrity.

Bitcoin runs on a peer-to-peer, decentralized network to help verify transactions, keep records, and prevent fraud. This network relies on a process known as Bitcoin mining to verify that all transactions are legitimate and to add new coins to the network. This process prevents people from spending Bitcoin that they don’t own.

Participants in the Bitcoin network, called miners, verify and collect transactions. Miners are responsible for ensuring that all transactions are valid and that no fraud is taking place within the network.

Before a miner can add a transaction to the blockchain they must solve a complex mathematical problem. This concept is known as “proof of work” and typically requires powerful, single-purpose computers to verify and approve transactions. Miners compete with each other to solve the problem and the first one to solve it is allowed to verify the transaction and collect the reward.

Further verification by fellow miners results in a new block being added to the blockchain. The successful miner is rewarded with newly created Bitcoins and transaction fees from the added block.

The fact that Bitcoin miners are rewarded with Bitcoin is a critical component that helps maintain the network’s integrity. If miners were to try and undermine the network, then the value of Bitcoin would likely fall, along with the price of Bitcoin.

This reward system, which helps align miners’ incentives with that of the network, is one of many characteristics that make Bitcoin’s model so unique. After laying the groundwork for other cryptocurrencies, Bitcoin has the longevity and track record that only come with a cryptocurrency that has seen such widespread adoption.

These are among the many reasons why Bitcoin has been called digital gold. With a finite supply, Bitcoin is the rarer of the two assets, benefiting those who have invested in the 19 million bitcoins that have been mined so far and are currently in circulation.

Google and Meta Pursue FHE for the Privacy Challenge

Why the biggest advertisers in the world, hyperscalers such as Google and Meta, are opting for Fully Homomorphic Encryption (FHE).

Targeted Advertising

Google and Meta, the biggest names in search engines and social networking, are essentially in the same business – advertising. Their most recently published figures for annual advertising revenue indicate that the Google Ads platform generated $224.47 billion (about 80% of revenue), and Meta generated $113.6 billion (about 97% of revenue) in 2022. Because a great deal of their advertising is ‘targeted’ based on their customer data and targeted to relevant customers, it is essential for the success of their core business. However, laws and limitations on the use of private customer data (e.g., GDPR) are being enacted and strongly enforced.

As the Web has evolved and laws for user data security measures have tightened, valuable customer information is more diligently protected than ever. Increasingly, popular privacy-enhancing technologies like HTTPS, VPNs, and end-to-end encryption mean that fewer and fewer data chunks are available for online advertising businesses to harvest – and this is hurting their business. Data regulations are getting stronger, and users more vigilant. So big tech firms are seeking solutions that satisfy user privacy and data security concerns while allowing them to run a range of key analytics on customer data, and thus maintaining the vitality of their business.

For companies whose lifeblood is targeted advertising, encrypted customer data can become a valuable resource due to the advent of FHE. Tech titans, like the headlined Google and Meta, as well as Microsoft and Amazon, are known to be working on Fully Homomorphic Encryption (FHE) to analyze user information for ad-tracking and more, without encroaching on individual privacy. Not only does FHE mean that customer data privacy is ensured, but it can also ensure that cloud-based personal information can be invulnerable to leaks, hacks, or other tech data spills. Last but not least, FHE can also close the door on the increasingly common data leaks emanating from the use of AI, ML and other deep learning productivity applications.

FHE – Fully Homomorphic Encryption

Before we go on, it is worth describing the promise of FHE technology. In brief, FHE allows running analytical functions directly on securely encrypted data without decryption, while delivering the same results as analytics run on plain text. This means that plain text information belonging to the user never escapes a trusted domain. It also means that the user doesn’t have to ‘trust’ any third party with their data and eliminates any data usability and privacy tradeoffs. Importantly, for FHE to function as intended, the user data must be encrypted with a fully homomorphic encryption scheme.

FHE sounds like a magic bullet for tech companies that traditionally benefited from user-targeted Web advertising, and there is already evidence that it is being prepared for prime-time. In 2021, Facebook (Meta) confirmed that it was researching ways to analyze encrypted data without decrypting it. The Information (Aug 2021) reported that Meta had just hired an exec from Microsoft, a key pioneer in the application of FHE, to join its artificial intelligence (AI) team.

WhatsApp’s End-to-End Encryption Conundrum

One of Meta’s biggest properties is the popular instant messaging platform WhatsApp. A key feature that attracts users and keeps them loyal to WhatsApp is its end-to-end encryption scheme. In the WhatsApp Help Center you can read that “privacy and security is in our DNA”, and that WhatsApp keeps all messages, photos, videos, voice messages, documents, status updates and calls private between user and recipient. Unfortunately for Meta, keeping this promise severely blunts ad-targeting. Less-than-best ad targeting results in less-than-best returns.

If FHE could be implemented on WhatsApp, for example, it would be a huge boon to the platform’s advertising relevance, and hence the monetization of the millions of WhatsApp users, without endangering customer privacy. Meta would satisfy not just governmental privacy laws, but security conscious users and its own platform’s marketers.

Currently, as far as we know, Google is not using FHE in any of its well-known Web and app products and services. What we do know about Google’s work with FHE is that it has done the groundwork to create an open source Fully Homomorphic Encryption Compiler (made available back in Feb). This compiler can convert today’s C++ programs that work on plain text to work on FHE ciphertexts. A fair section of the linked blog post, published by Google developer Jeremy Kun, highlights the significant processing, RAM, and storage overhead with FHE on conventional processors/data centers. Perhaps Google is preparing the software for when FHE accelerating hardware becomes a reality.

Industry Needs FHE Acceleration

Despite the promise of FHE, it is currently held back from mass rollout as it is so computationally expensive. From earlier reports, we know the likes of Meta have probably been working to implement FHE or equivalent for a number of years, but a major roadblock to a rollout to millions of users is the processing power and computer resources required.

Chain Reaction noted the potential processing bottleneck facing FHE several years ago and is now in advanced stages of preparing the first Application Specific Integrated Circuit (ASIC) designed to deliver the performance and efficiency required to make the technology real-time. The first chips from Chain Reaction were launched to accelerate block chain computation, and it is expected that the company’s first Privacy Preserving Processing Unit (3PU™) for fast and efficient FHE will be launched by Q4 2024.

Wider Uses for FHE

Although our article highlights the hyperscalers and their potential use of encrypted user data for advertising, there are a multitude of other potential users of FHE. Chain Reaction’s co-founder and CEO, Alon Webman, described real-time accelerated FHE technology as “the holy grail of cloud computing.” The cloud is currently an untrusted environment for financial institutions, health care and big pharma, defense and government, and oil and gas businesses – but with practical FHE technology this could all change. “Our technology will enable enterprise and government to modernize compute infrastructure by moving private data to the cloud,” said Webman.

Google and Meta shareholders would surely enjoy the opening up of targeted advertising that FHE could deliver, but advertising is just one use-case for this technology. Enterprise and government organizations can make use of the same FHE technology to garner actionable insights on confidential and safely encrypted data. In one example of an FHE use-case outside of advertising, a researcher might want to access data from a hospital but can’t do so due to privacy regulations. However, if the hospital has homomorphically encrypted its medical records and put them in the cloud, a researcher could run analyses while the source data remains safe and encrypted. With the growth of machine learning and AI, the benefits of accessing large data sets to achieve the best results have become highly evident.

The US Government’s National Institute of Standards and Technology (NIST) also sees benefits in promoting the adoption of FHE. It is currently consulting on FHE schemes that are amenable to threshold cryptography (where several parties must come together to decrypt a particular data) and that are quantum-cracking resistant.

Developers might be interested to know that computer industry stalwarts IBM and Microsoft have helped drive FHE forward for some time. Currently IBM’s Homomorphic Encryption Services help get clients ready for FHE by facilitating the development of prototype applications on the IBM Cloud. Meanwhile, Microsoft is promoting Microsoft SEAL, as open-source homomorphic encryption technology, which is currently manifested as a set of encryption libraries for developers.

Conclusion

Chain Reaction’s 3PU™ is designed to enable secure data and applications to move to the cloud, and to potentially generate billions of dollars in new business. This accelerated privacy infrastructure solution is designed to be a plug-and-play product for hyperscalers, enterprises, and governments delivering FHE with high performance and efficiency.

For more information on Chain Reaction’s latest developments and advances, please visit our Resource Hub.