I’ll be speaking at ETech this year on “Super Ninja Privacy Techniques for Web App Developers,” about the various techniques we use at Wesabe to keep people’s data private. Since we deal with very sensitive information (your money, how you spend it, and how you can get more out of it), we’ve tried to come up with as many new ideas for protecting users in the Web 2.0 world as we can.
My co-worker Brad Greenlee created a simple and very powerful privacy architecture, which we call the “Privacy Wall,” for separating sensitive data from personally-identifiable information like your email address, username, and public community posts on our site. Brad wrote up a description of the Privacy Wall and how users can understand it on our blog, and then a longer, more technical explanation of it for other web application designers on his own blog. I’d encourage anyone working on or interested in privacy-sensitive web apps to check it out.
We haven’t done anything to secure “intellectual property” rights over this idea. Instead, we’re disclosing it in detail, and we’re planning to release an open source Rails plugin to allow other developers to use the same approach very easily. We believe that Wesabe, and other Web 2.0/”harnessing collective intelligence” applications, will be more secure and more useful to their users if we have a very public discussion about how users’ privacy can be protected when their data lives on servers. With all the news about similar applications taking hold, I think the topic is timely and important.
This is one of six major techniques I’ll be talking about in the ETech presentation. If you’re interested in this topic, I hope to see you there.