September 20, 2024 • 41 mins
Unlock the secrets of privacy innovation and assurance with our enlightening conversation featuring Aaron Weller from HP. Aaron walks us through his fascinating journey of establishing a new privacy engineering function at HP and expanding into privacy assurance. You'll discover how his team is tackling significant challenges, such as developing standards for data aggregation and preventing re-identification attacks, with practical examples like employee surveys and website performance metrics.
What happens when the need for privacy intersects with the rapid advancements in AI? We delve into this critical topic by examining the dual threats of data re-identification and evolving AI legislation. Aaron provides invaluable insights into the ethical principles and security measures necessary to navigate this complex landscape. Additionally, we give you a sneak peek into an intriguing upcoming panel on AI governance featuring a humanoid AI, highlighting the unpredictable and exciting future potential of this groundbreaking technology.
Looking to the horizon, we explore the future predictions in data governance and the revolutionary impact of quantum computing on cryptography. Aaron discusses the strategic rethinking required as AI and technology advance, emphasizing the importance of integrating privacy measures directly into the code. Join us as we reimagine our relationship with data, ponder the necessity for solid foundational frameworks, and highlight the critical role of early detection in privacy issues. This episode is a must-listen for anyone invested in the future of data management and privacy.
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Speaker 1 (00:00):
Gabe, it's all right.
Oh, does everyone know?
Does everyone?
Because I moisturize, and needI remind you it does not crack.
We are live, though, so thathappened, we are.
Speaker 2 (00:14):
Well, ladies and gentlemen, welcome back to
Privacy, please.
Cameron Ivey, here hanging outwith Gabe Gumbs and a special
guest today, aaron Weller.
He's the leader in privacy,innovation and assurance COE at
HP.
Aaron, thanks so much for beingwith us today.
Speaker 3 (00:31):
Oh, no problem, Thanks for inviting me back.
Speaker 2 (00:34):
Yeah, second time we had you back a couple of years
ago now, when you were kind ofrunning your own company and
doing stuff there there's beensome changes since own company
and do.
There there's been some changessince um.
Would love to hear about what,what you've been up to and maybe
for the listeners as well,what's going on in your life
right now sure?
Speaker 3 (00:52):
so, yeah, I'm coming up on two years at hp, so it
must have been a couple of yearsago, uh, we last chatted, but
uh, yeah, so I joined back inthe end of 22 to uh to head up
kind of a new privacyengineering function, uh, which
is something that I stood up.
I was the first person in thatteam and stood that up, hired a
few people and then, fairlyrecently, my role has expanded a
(01:16):
bit.
So we're now going to bestanding up a privacy assurance
team as well that I'm going tolead, as well as expanding kind
of rebranding more thanexpanding kind of the
engineering function to cover alot of the innovation that's
going on at HP.
Right, we've got a long historyof innovation and I thought
engineering doesn't really kindof cover all of the stuff that
we're doing, particularly whenyou get into the AI space.
So still the old stuff, but abunch of new stuff as well.
(01:40):
It's incredible.
Speaker 1 (01:41):
What are you most jazzed about?
Because this is definitely asignificant undertaking that
sounds like it is filled with alot of fun, but also a lot of
challenges.
What are you jazzed most about?
Speaker 3 (01:58):
Yeah, I mean I think I tell people I get to work on
the fun stuff.
My team is looking kind of intothe future and how do we cope,
you know, cope with stuff anddigest things before they become
problems.
So a lot of the I would say thewins that we've had are when we
can actually find a solution toa problem.
That wasn't necessarily obviousand it needed a bit of digging
to get there.
So even some of the work, Imean it sounds simple but one of
(02:21):
my team really recentlypublished a paper around
aggregation techniques wherethere's remarkably little in the
literature about aggregationfor privacy.
There's a lot around kind ofstatistical analysis and that
kind of thing, but reallyapplying that privacy lens to
something that you think is it'sa basic technique but it's so
commonly used that you knowhaving a standard for how do we
(02:43):
do that commonly used that youknow having a standard for how
do we do that.
You know how do we judge therisks versus kind of what we're
actually aggregating.
You know all the way up to then.
You know some of the stuffwe're doing around AI use cases
and really you know how do welook at what those risks are as
they're emerging and kind of asthe standards are being
developed to my team in someways is helping to develop those
standards Right.
So I think a lot of it comesback to just the chance to go
(03:06):
and solve problems, which issomething I've really enjoyed
throughout my career.
Speaker 1 (03:12):
I am intrigued by the aggregation problem.
We don't have to dig into itnow, but I feel unfamiliar
enough with it that I'm almostcompelled to clarify it for the
listeners as well.
Speaker 3 (03:25):
Yeah, so it comes up in a number of different areas.
So you could be aggregating,like a common use case would be
with surveys, right, we do asurvey.
What is the?
If we want the respondents toremain anonymous, what's that
minimum aggregation limit?
But if you're looking at kindof tabular data some different
kind of there's more richness tothat data.
(03:46):
So potentially you've got moreavenues of attack.
So we're really looking at someof these things for a privacy
attack perspective.
How would you identify anindividual?
How would you single out thatperson within that data set?
You can imagine that withemployee surveys.
Right, we know something aboutthe employees as well.
So if you don't have a minimumsize, it's fairly easy to say,
(04:07):
oh, that must be Joe, becauseyou know, I know how Joe writes
and that's how kind of theyanswer the question.
So it's everything from kind ofthat kind of survey-based stuff
to then when we're looking atkind of getting more, you know
what's the performance of thiswebsite or this app and we're
getting more of those aggregatedstatistics.
So, yeah, lots of.
When you get into the actualdata itself, that's where you
(04:29):
start getting some of thesedifferent nuances, and that was
really where the research wasfocused is what's out there in
the literature.
A lot of the stuff that's outthere publicly is around health
data right, because a lot ofthat data is then published as
research studies, but you don'twant to identify the people who
are part of that.
So try to take that health databecause of course, we're not a
health care company and how doyou then apply and generalize
(04:52):
some of that stuff to the kindsof data that we work with?
Speaker 1 (04:55):
So now you're talking my language.
You see, this is the problem assomeone who just thinks purely
as an attacker More days thannot You're.
You're thinking about it verymuch from a defender's
standpoint, which I get now thatyou say it that way.
So what you guys are lookinginto are novel ways to prevent
re-identification attacks,exactly.
Speaker 3 (05:14):
Yeah, so re-identification is a big part
of.
I actually have someone who'spretty dedicated to
re-identification attacks.
And then how do you calculatesome of the probability of that
re-identification beingsuccessful?
So we're doing a study at themoment, for example, around
different synthetic datagenerators and can you compare
their re-identifiabilitydepending on kind of how they
(05:37):
generate that synthetic datafrom real data?
So, yeah, a lot of it's reallygetting back to how do we go
away from this very fuzzyconcept of risk that a lot of
people use and really being ableto quantify some of those
things using kind of engineeringand stats, to imagine that the
person that does this full timeon your staff.
Speaker 1 (05:56):
There's all of these other aspects of re-identifying
data by itself, aspects ofre-identifying data by itself.
It's obviously, by definition,not really possible, because if
it's been de-identified andthat's all you have, sure.
But then you start addingdifferent source data to it and
that's where you start gettingthe crossover in those tuples,
(06:18):
but that seems almost like itmight be.
Well, it's a hard problem.
Let's start there, which is whyI presume your team's on it,
because it's sure it's fun.
Well, it's a hard problem.
Let's start there, which is whyI presume your team's on it,
because sure, it's fun, but thisis a hard problem.
You don't know what you don'tknow, and you also don't know
what data sets might be released, by whom and under what
circumstances, including thosein the dark web, for example,
(06:38):
that could be used tore-identify data.
Speaker 3 (06:43):
Yeah, all of those things go into the threat model
that we've developed.
So we're looking at, you know,is it just going to be used
internally?
We're going to be publishingthis stuff externally.
Is there the possibility of adata set that you could, as you
say, kind of recombine?
Because if you remember back inthe day, right, the Netflix
example, aol search results,right, there were these data
sets where you had the samepeople in the data set.
(07:03):
The good news for us is a lot ofour data sets are really about
the devices that we sell, sothere isn't really a direct
compare.
It's not really thattraditional, you know what you'd
think of as personal data forthe most part.
So that does mean it's a harderproblem for someone to attack
because they don't really have a.
There's no good starting pointfor them to perform an attack
(07:23):
against the data set, unlessthey've got something else.
But, yeah, all of that stuffgoes into our threat model and
then we can kind of makedeterminations based on those
different factors.
And, as you say, you don't knowall of this stuff, but you can
make a pretty, you know a prettysolid set of guesses that give
you at least some outlines ofwhere you want to be.
Speaker 1 (07:40):
This is fascinating.
I do not know how much of thiswork will make its way well, the
substrate of the work but I'dlove to get a better
understanding of what are-identification threat model
looks like through the eyes ofsomeone who's researching it
daily.
That would be of high interestto me, just from a personal kind
(08:05):
of.
Speaker 3 (08:05):
Yeah, it's.
One of the real interestingthings for me is that when my
team go to conferences andthey're like other people aren't
thinking of this stuff or we'refurther ahead in kind of the
thinking than some of theseother folks, which is it's
always gratifying that we'realong the same track and
oftentimes it's having thatperson who can go and dedicate
time to, to really thinkingabout these hard problems right,
(08:26):
as opposed to me beingscattered in 50 different
directions.
It's nice to be able to givepeople a smaller set of problems
and say go and work these untilyou get to a good point.
Speaker 1 (08:35):
That's awesome.
That's really cool.
I am super fascinated by thisparticular.
I mean for what it's worth,full disclosure, excuse me, I
mean for what it's worth fulldisclosure, excuse me.
Right before COVID, we'd setout to do some research in this
area ourselves, just some verylight kind of side work, and I
(08:56):
just never got the cycles tofinish up the work.
But the theoretical portion ofit, having done a bit of looking
on, excuse me, I feel like thethreat of re-identification is
growing and growing.
I mean, I don't know how youguys feel about it, but I don't
think that there's two things.
I think that there's twodynamics.
The first is, to your point, alot of people just don't seem to
be thinking about it.
(09:17):
And then the second point isthere are a lot of people
thinking about it and they'redata brokers.
They are.
They're all aboutre-identification attacking
Excuse, people thinking about it.
And they're data brokers.
They are.
They're all aboutre-identification attacking,
although, excuse me one, I don'tknow if you would call them
re-identification attackers,although that's a.
That's a better name than databroker.
Data broker makes it sound likethey're in the.
It's some kind of legitimatebusiness what do you mean?
Speaker 2 (09:37):
that's not a legitimate business I mean so is
so?
Speaker 1 (09:42):
is, you know, la costa de nostra?
Hey, you didn't hear it from me.
Speaker 2 (09:48):
I'm still sitting on the part, aaron, where you said
that HP wasn't a health company.
I'm just my goofy self justthinking that H and HP being
health obviously is not to thePack backward, but still, what
do you think the biggestchallenge in AI today is just,
(10:08):
generally speaking, maybe fromall your research that you found
interesting, or maybe somethingthat you didn't realize.
Speaker 3 (10:14):
Yeah, for me I think that the challenge is and even
just it's keeping it.
I've read a couple of articlesthis morning and I just got off
a call about some of the AIlegislation landscape.
There's so much going on thatjust trying to understand you
know, what are the things thatthat I should be concerned about
, and I was giving apresentation yesterday that
(10:36):
someone asked me the questionhow do you keep up?
A lot of it comes back to theprinciples we just published
externally our ethicalprinciples, which you can find
on our website, and really Ithink having that strong
foundation of what we're aboutwhen it comes to AI, it helps to
make sure that when we'relooking through the lens of
these new laws and things thatare coming out, we've got kind
(10:58):
of those foundational things wecan always come back to around
transparency, fairness and thosekind of things.
Speaker 2 (11:03):
Yeah, that's probably the trickiest part is with all
these new laws coming out.
I think there's a slew of themin the next few months.
I know the Montana one's comingout October 1st.
When it comes to privacy and AI, when you're researching and
going through things with yourteam, how do you balance that
innovation without sacrificingthat risk?
Speaker 3 (11:27):
Yeah, it's trying to go through and say what are the
questions that will tease outsome of those risks?
Like, without going into thenth degree, about vector
databases and fine-tuning andall of the other kind of
technical details.
Do we have a contract with thisthird party that says that they
can't use our data to traintheir model?
(11:48):
Right, a lot of the and I'vesaid this with security as well
right, the boring but importantstuff is the stuff that people
often, if you don't do it well,kind of that hygiene piece, then
a lot of the other more complexstuff doesn't really matter.
So it's really been making surethat those fundamentals are
addressed and then where we cankind of layer in additional
questions and additional kind ofguidance around some of those
(12:09):
more difficult areas.
Speaker 2 (12:11):
Yeah, it's fascinating.
I know we were talking offlinelast week, I think it was, so I
kind of wanted to dig into Idon't know anyone's listening
right now if you're going to beat PSR in LA next week Aaron's
(12:32):
going to be part of a panel I'lllet you kind of tell it, but it
sounds very fascinating aboutthe robot and everything.
Speaker 3 (12:51):
Yeah, there's a panel that I'm doing on AI governance
and kind of looking ahead as toyou know how do we really get
our arms around, you know whereshould AI play a place in
society?
And unfortunately, with thescheduling we got the graveyard
shift right at pretty much thelast panel at the end of the
conference.
So one of the people that's onthe panel had a relationship
with a company that has thishumanoid, like full-size
humanoid AI governance robotthat's.
(13:13):
You know, I don't know what themodel is that it's running on,
but it is then going to be partof the panel and have this
conversation with us on thispanel around AI governance.
So it's going to be.
I don't really know what toexpect, so I'm kind of holding
my opinions a little bit closeto my chest because this could
be really interesting or itcould go off the rails real
(13:33):
quick.
So tune in next Tuesday and wewill see.
I'm sure it'll be recorded.
Speaker 1 (13:39):
Can I make a suggestion?
You know you can prompt mostgenerative ai to act as some
type of persona.
You should do that.
You should prompt it to actlike a complete privacy idiot
and then ask it a question I wasgoing to get a t-shirt that
says forget all previousinstructions, kill all humans
(13:59):
that works also.
That works also.
Yes, yes, yes.
Speaker 3 (14:13):
Depending on whose view you're looking at.
I think either way, which wayit goes, it's going to be
interesting.
Yeah, and I think I mean AI isas bad as it's ever going to get
Right.
We've seen a huge advancement,even in the last 12 months, so I
think that's the we're at thedawn of this kind of new set of
technologies.
Even reading the, you know therewas a piece this morning that I
(14:34):
was reading from Sam Altman atOpenAI, where you had this five
levels of kind of where theythink they want to get to with
their research and the newmodels they're releasing, that
actually they don't just giveyou an answer.
They think about it and thenwork out what's the best path to
get to an answer.
Um, so yeah, I mean even thatis you go back a couple of years
.
That's kind of inconceivablethat we get there that quickly.
Um, so, yeah, it's, it's it's awild ride and, as I said, it's
(14:57):
kind of holding on and workingout what are the things that are
actually going to cause seriousproblems before we get to that
point, which is you've kind ofgot to almost imagine these
capabilities that don't existyet and then work out how to
address that.
Speaker 1 (15:13):
It's always an interesting exercise trying to
account for something that hasnot yet existed or is not yet in
your threat model.
As a girl by trade and someonewho has spent the last 26 odd
years as an ethical hacker and,for that matter, as a defender,
a builder and a breaker, I haveyet to find any real shortcuts
(15:39):
to that.
I suspect the same is true foryou, but what advice do you have
for those that have to balancethose things?
Speaker 3 (15:45):
Yeah, I'm definitely trying to have kind of a red
team mindset, so kind of that.
What's the attacker looking at?
And the trouble is with a lotof the privacy issues is the
attacker is us?
The attacker is us doingsomething that we don't intend
to, or that we don't realizewhat the rules are.
Speaker 1 (15:59):
That's a great point.
Speaker 3 (16:00):
Yeah, it's one of those things that trying to
explain, particularly tosecurity folks, right, when
you're doing threat modeling,you're like, well, this is a
nation state actor, this is this.
But with privacy, often it'slike someone just didn't
configure the system right or wedidn't.
You know we collected the datafor one reason and we want to
use it for another reason.
So that's where a lot of theeducation comes in that you know
(16:22):
we have.
The good news is we have thepower to stop a lot of those
problems.
But the bad news is that youknow you can't just blame
somebody else when somethinghappens, because often it comes
back to being something that we,you know, potentially could
have stopped.
That's a great point.
Speaker 1 (16:36):
The call is coming from inside the house, isn't it
Exactly?
Speaker 2 (16:40):
Not surprising though ?
I guess no, when it comes to anoperational standpoint or just
for other businesses or just asan individual.
Aaron, is there a place thatyour team actually shares these
research findings and thingsthat others can actually look up
or read into or stay up to datewith?
Speaker 3 (17:02):
We are, we are trying to work out.
So the answer is no.
Today.
We are involved with a lot ofgroups, and one of the things
that my team is is directlyinvolved in is with the ISO SC42
committee, which is the newcommittee around AI standards
development.
So we are kind of working insome of those groups that will
then lead to things that arepublished.
But, yeah, in terms of, we'relooking at several kind of more
(17:24):
research groups and try to workout.
One of the phrases that hasreally stuck with me was the way
you speed up innovation.
Is you make the borders of yourorganization porous, right?
You let ideas come in, you letideas go out and you kind of you
find stuff that you wouldn'thave considered, and we've
really found that with, uh, witha lot of this more advanced
research oriented stuff, is thatit doesn't matter how smart
(17:47):
your folks are, uh, just thatmore brains being applied to a
problem uh, gives you things youhadn't really thought of, right
?
Um, so we're, we are looking athow do we get some more?
You know things that could bepublished, particularly where
it's going to advance, uh,things moving forwards, uh, but
we're not quite at the statewhere some of the, uh, the
(18:07):
companies that do have similarteams to mine.
Uh are maybe a little bitfurther along with actually
having a, you know, publicfacing blog where they publish
some of these things.
Uh, I'd love to get there, butit's kind of there's other work
I want to be prioritizing first.
Speaker 2 (18:20):
Yeah, that's fair.
Oh, man, so many ways that wecan go with this conversation.
I you know, throughout yourjourney you've done a lot of
things.
What would you say, I mean, atthis point in your career, is
there one thing that kind ofhelped you land in a position
that you are now that you couldgive advice to others?
(18:41):
Um, that you maybe didn'trealize?
I think uh probably the biggest.
Speaker 3 (18:47):
The biggest reason I am where I am now is I was
willing to take risks.
Uh, right, I started my careerin the big four.
Right, not, not not known forfor accountants and not known
for being risk takers.
But then I moved intoinformation security, knowing
very little about it, in thelate 90s, and managed to kind of
(19:09):
say this is a new area that Iwant to be more involved in and
similar with privacy.
People will say, well, you knowwhy would you want to go into
privacy, like money's, themoney's in security?
Right, right, it's much morewell-established privacy.
We don't even know this waspre-gdpr.
We don't even know if it's evergoing to become a big thing.
Um, so I think, yeah, always beable to take those, or willing
(19:30):
to take those risks and thenpick myself up when things
didn't work out right.
I've been a co-founder.
I've been a co-founder of twocompanies.
I haven't made my big exit andretired, but I've picked myself
up when things haven't gone theway that I've wanted it to and
said, okay, what could I do next?
So I think that's the big thing, it's being prepared to follow
(19:52):
the stuff that you find isinteresting, and that's the fact
.
You know the fact that I kindof get to work on innovation.
Uh, it's really because I putmyself in a position where I'm
like I'll do the new stuff right, the stuff that's not so safe
and not so well established.
Any advice you'd give to?
Speaker 1 (20:07):
your past self in that vein uh, it's a really good
question.
Speaker 3 (20:12):
Uh one maybe I haven't thought about as much as
I should have done, but uh, butI think maybe it's kind of it
it's easy to have the survivor'sbias right given, kind of I'm
looking back but to say, maybe,maybe, have faith in yourself
that you can just go out and dothese things and you can cope
with the ups and the downs.
And you know, not every day isan easy day, but as long as you
(20:33):
keep kind of with a goal in mind, you'll, you'll still get to a
good place.
Keep kind of with a goal inmind, you'll you'll still get to
a good place.
But yeah, it's, it's easy tosay that, looking back and at
the time, right, you never knowhow things are going to go.
Speaker 2 (20:43):
So that that's that's a challenging question to to
answer.
It is what?
Let's talk about the future alittle bit.
What?
What kind of predictions doesI'm guessing, since we didn't
know how busy you are and it maybe a few more years until we
have you back on the show, butwhat do you kind of see
(21:04):
happening going into 2025, 2026?
Speaker 3 (21:17):
It's crazy to say, but what do you kind of see
happening and what do you hopethat kind of happens when it
comes to AI and technology andprivacy?
Yeah, so one of the big thingsthat I'm looking at is around
kind of almost this nexus ofdata laws, particularly coming
out of Europe, where thisdistinction between personal
data and non-personal data and Ithink, gabe to what you were
saying earlier about the youknow that there's so much data
out there now that almost anydata can be personal or
(21:37):
connected back to an individual,particularly with things like
the EU Data Strategy, the DataAct, e-privacy already doesn't
care about whether something'spersonal data or not.
So I think, while we almostwe're going to have this
situation where this kind ofgovernance of data overall cyber
privacy, ai you know overallkind of governance of data
overall cyber privacy, ai youknow overall kind of governance
(21:58):
and hygiene they're going to becoming much more together
because I think some of theflexibility that organizations
have had to manage data, the waythat works for them, is going
to get eroded further andfurther as these new laws come
in right.
The Data Act, for example, saysyou says, any data that comes
(22:19):
off of a device potentially canbe subject to a data subject
request, not just personal data.
So that kind of almostartificial distinction we've had
in the past is going to go away, which means kind of strategic
rethinking around what even isdata we want and how much we're
using it.
I go back to a study from a fewyears ago from IBM that that
says, like I think it was, likethree quarters of all the data
(22:41):
organizations collect is neverused, um, so you're effectively
paying four times the price, uh,for kind of storing and
protecting that data.
You should be, uh.
The trouble is, of course, it'svery hard to work out what the
25 is that really is valuable,uh, so that's kind of I think
that's an interesting place toreally be, you know, at the
center of as we start to almostrethink our relationship with
(23:02):
data.
Right, since the cost ofstorage plummeted to almost zero
, people are like more data isbetter, right we can make, and
especially you've seen thearticles about the LLMs will
have sucked in the entireinternet.
There'll be no new data by 2026, 27 for them to continue to
train on.
So you know, do we need tochange our relationship with
(23:24):
data fundamentally?
That's kind of an interestingthing I'm keeping an eye on.
Speaker 2 (23:28):
Yeah, that is Gabe, and I have had conversations
about this.
This kind of rings a bell.
Gabe, if you're still there, Iknow you're probably dealing
with something technical.
Speaker 1 (23:35):
I am on minor technology, technology issues,
but ignore it okay, no, I wasgonna.
Speaker 2 (23:41):
I figured you might want to chime in here because it
sounded similar to theconversation we had about data
backups and how a lot ofcompanies are still not really
doing that yeah, and some aredoing the exact opposite, which
is even worse to aaron's point,which is they're getting rid of
nothing, nothing at all.
Speaker 1 (24:00):
In the analytics space, we see exactly both they
get rid of nothing, and nothingis sacred enough that it is
preserved, such that you havecopies of it for when you need
it.
It's this weird dichotomy wherethere seems to be no middle
ground, and so I'm inclined toagree.
Our entire relationship withdata needs to change.
Our entire relationship withdata needs to change
(24:21):
fundamentally because, as we'vetalked about in the show,
privacy is a byproduct ofsecurity, not the other way
around.
It just cannot be right.
You cannot have privacy withoutsecurity.
You can certainly have securitywithout privacy, but you cannot
have it the other way around,and that part of the way we
think about data feels likewe're pushing a rock up a hill.
(24:42):
Still some days and by somedays I mean days that end in y,
but you know only some of thedays that end in y- why do you
think that is, though?
Speaker 2 (24:53):
why?
Why do you both feel like?
Why?
Why is that such a?
Is it because we don't like?
Nobody has the direction tochange or want to change?
Speaker 3 (25:06):
I think part of the problem is it's easier to ask
for new data sometimes than itis to curate what you have or to
find where it is alreadyexisting and what if it's
existing.
But it's only two thirds of thedata.
You the data you want, goingand asking for that whole new
data set.
So yeah, I've seen across awhole bunch of companies, I've
worked with that kind of thebias towards well, let's just go
(25:27):
and get what we want, ratherthan kind of extracting the 80%
we may have already it's likewhen you make too many different
email accounts because youdon't want to deal with the spam
, so I'm just going to create anew one.
Speaker 2 (25:44):
Am I the only?
Speaker 1 (25:44):
one.
No, you're not the only onethat has happened.
Speaker 3 (25:49):
Well, there's that, or I mean, even if I think back
right, I've lived in differentcountries around the world.
The number of bank accounts outthere that I probably have like
five bucks in that I don't evenknow how they would ever know
how to get hold of me at thispoint.
Speaker 1 (26:01):
So they're compelled to keep your five bucks.
Speaker 3 (26:08):
Well, yeah, and at some point, yeah, I don't know,
but yeah, with the emailaddresses I mean, and especially
I was trying to get into anaccount the other day and they
wanted to send a password resetto an email I no longer have
access to and there's no kind ofside channel to be able to say
I don't have access to it.
Authenticate me some other way.
I think we have this kind ofdigital legacy that at some
(26:32):
point you don't have access toall of that data that maybe you
once did.
Speaker 2 (26:37):
I just blanked out.
I had a question and it dropped.
This happens often.
My brain goes everywhere.
Speaker 1 (26:43):
Well, I have a question.
I asked you what advice you'dgive to past self, but what do
you see five years from now?
Where is not Aaron himself?
But where is this program at?
What does the world look likeand what has changed?
Because, yeah, that's a goodquestion.
Speaker 3 (27:01):
I think I do have more of a sense of that, right,
I think maybe an easier questionto answer.
For me, the fundamentals of alot of what I do is down to
let's take kind of the itdepends out of some of these
answers.
Right, I know that it's kind ofthe classic answer, but to an
(27:21):
engineer, it depends is not arequirement, right, you can't
build something on the basis ofit depends.
Maybe you need to build adecision tree that says, well,
if it goes this way, we do this,or this way it goes that.
But you can't just have thisgray area in the middle.
So a lot of what my team isfocused on in five years we will
have done, hopefully, is toreally get those foundational
(27:43):
pieces of that very solidfoundation of a program that
whenever anyone has a questionabout the program we have a
black and white answer, up tothe point where we don't right,
because there's always going tobe emerging stuff.
But we know that for therepetitive questions and the
things we should have answers tohow many countries do we
operate in?
There's one answer to that, butif I ask three different people
(28:04):
, they're probably going to goto three different data sources
and come back with maybeslightly different answers,
right?
So that's the kind of stuffthat I want to provide, that
framework and foundation foreverybody else, where the good
thing is, then, that we canactually focus on the problems
we haven't solved rather thankeep re-answering the problems
we already have.
Speaker 1 (28:22):
Yeah, that's good.
Gabe's back, we're good.
Yeah, apologies, all of thetechnical issues today.
Speaker 2 (28:29):
You're good, so I was going to go to what you and
Aaron were talking about.
When there needs to be this.
What was it?
The change with the way that wehandle data, or was it?
Speaker 3 (28:40):
the kind of our relationship with data right.
More is not always better.
I'd rather have more highquality data, the more data, and
I think we've.
We're at the point where, uh,what is it?
Uh, quantity has its ownquality or there's some variety
of that right in order forsomething to change there.
Speaker 2 (28:59):
Do you think that there is going to be some kind
of major event or something thathappens to, where it's
basically a force of changerather than someone actually
being innovative and making achange for all?
Speaker 3 (29:12):
I guess uh, the trouble is, the only kind of
events that I can see are badones.
Right, you know, an election isverifiably influenced and you
go back and say, well, thereason we could do this is
because we knew, down to thehousehold level, x, y, z about
these things, and maybe all ofthat stuff shouldn't be as
(29:35):
available as it is.
So, yeah, it's.
I unfortunately I can't thinkof a good.
I think the Europeans are kindof more pushing in this
direction with some of theiroverall data strategy, but I do
think something's going to haveto break at a pretty significant
level before that changes,because otherwise there's no
real incentive for companies torethink that.
I think what's working isworking well enough, but then,
(29:58):
pre you know, pre GDPR and postGDPR, the world didn't end right
where suddenly some of thesethings came in.
So, yeah, companies will adapt.
Speaker 2 (30:07):
You mean like when 2000 hit and all the computers
didn't explode?
Oh yes, Yep.
Speaker 3 (30:12):
No, I was doing a whole bunch of 2000, year 2000
consulting back in the day, so Iwas going to say that there was
a lot of money to be made onnot solving the problem yeah,
well, you guys were in theindustry around that time, right
yeah um, not sorry to age youum, but where do you guys
remember that day?
Speaker 2 (30:32):
do you remember where you were?
Do you remember all that fuss?
Speaker 3 (30:37):
I was at the uh, the millennium dome inome in London
for the end of the MillenniumParty.
So yeah, I know exactly where Iwas, but I don't think I was
thinking about computers.
Speaker 1 (30:49):
I knew where I was because I was on call.
I was a network engineer backthen.
I was put up in the HelmsleyHotel in New York City waiting
for something to burn down.
I remember exactly where I was.
Did you believe that it forsomething to burn down?
I remember exactly where I was.
Did you believe that it wasgoing to burn down, fairly
certain it wasn't going to be asbad as the news said it was.
But I was pretty certain noteverything was going to go well
(31:10):
because you know technology.
Speaker 3 (31:14):
Well, yeah, and I just spent the last two years
fixing stuff that would havebroken to some level of broken.
Um, I think what we didn'treally realize was what we
didn't people over exaggeratedmaybe was broken often doesn't
mean that nothing, nothing works.
It's like some level ofdegraded functionality that you
(31:35):
can still, you know, get by onuntil you fix it exactly that
makes me think well, when?
Speaker 2 (31:41):
when do you think?
Well, I mean, now that we havewhat?
Quantum computing?
Um, apparently isn't that goingto be around 2030, is the
estimation, something like that,yeah I mean do you think that
that's the next like type of2000 computer I don't know phase
(32:01):
where people are going to overexaggerate, or do you think
that's going to actually besomething pretty?
Speaker 3 (32:07):
I think for certain things, particularly around
cryptography.
Right, it's going to break abunch of stuff, but we've
already released devices thatare post-quantum ready, so in
the last year or so.
Yeah, 2030 is kind of about, Ithink, when those things are
going to change.
But there's already, you know,quantum resistant algorithms and
(32:29):
things like that that you canstart putting in place and then
at some point will deprecate theolder versions.
But as long as you're releasingthe products and it's all in
there now, you can deprecate itlater on.
So I think certainly bigcompanies are already thinking
about that, and I'm sure thatthe RSAs of the world are well
on top of that with.
How are we going to migrateaway from these existing
(32:50):
technologies?
Speaker 1 (32:50):
That's definitely the biggest challenge is there's a
lot of data that is sittingencrypted that once we have
stable quantum computing, itwill not take long to decrypt
that data.
Speaker 3 (33:05):
Yeah, and I think that the use case that I've been
thinking of is like if wecollect foreign adversaries
traffic and we can't get into it, we're still going to have a
really good picture of what theywere thinking, even if it's
historical that may inform thefuture.
So I'm sure that's one of thebig things that's going to
happen as soon as we get thatcompute power at scale.
Is all of this stuff that'sbeen sitting there waiting for
(33:25):
the ability to get into it willthen be, you know, analyzed,
probably by AI, I would suspect.
Speaker 2 (33:31):
Probably A couple more things, aaron, anything
that we haven't talked aboutthat you might want to bring up,
that that you've been digginginto recently, that, uh, has
been interesting to you or thatmight be interesting to the
listeners trying to think whatwe haven't covered.
Speaker 3 (33:46):
Um, yeah, I mean, we we're also.
One of the other things wehaven't talked about is kind of
trying to get back into the codeand work out and I think, gabe,
you'd appreciate this is youknow, where are their privacy
problems originating in the codeitself, rather than doing more
of a manual review or going andtalking to the developers, what
is the code that they've writtenactually say?
(34:08):
So that's something we're inthe middle of working on right
now as well is, how do we go andwork out?
Where do we find these problemsas soon as they're put into the
repositories, so that we canfix them before they go into
production?
So, yeah, trying to get that.
You know, I do feel the shiftleft is probably a bit of an
overused term, but kind of we'retrying to get back into the
development cycle to be able toaddress those problems, kind of
(34:31):
as they you know, as they areactually written, rather than
picking them up, you know,months later.
Speaker 1 (34:36):
No, I have a strong appreciation for shifting left
in that analogy.
We began doing that with codefrom a security perspective
quite some time ago.
Speaker 3 (34:44):
Oh yeah.
Speaker 1 (34:44):
Yeah, and it's a classic sync to source problem,
right, you were highlighting thehuman version of sync to source
, which is we collected thatdata in this sync and we said
that it should only be used forthis purpose over here, but the
code seems to have multiple waysthat it allows it to be
(35:05):
accessed by multiple differentstreams or you know that kind of
thing.
I can very easily picture noshortage of ways, especially
with the type of applicationsthat pick data up, hold on to it
and then make some decisionsabout where it goes.
Right, like you know, thinkthose kinds of technologies and,
yeah, there's definitely a lotof privacy code issues just
(35:29):
waiting, hopefully, to be solvedfor, and not just Is this
something that AI could actuallybe helpful with?
Speaker 3 (35:38):
Yeah, there's pieces I mean, the technologies we're
looking at do have some AIcomponents, but a lot of that
would be for well.
It's both for looking at theoutput but also helping to.
For example, one of the coolthings we're looking at is how
do you effectively understandthe contract with a third party
and then compare what's in thecode with what's in the contract
(35:58):
?
Right, because usuallydevelopers don't see the
contract and lawyers don't seethe code, so you've kind of got
this assumption that both ofthose two things are equal.
But yeah, that's really.
You can do that at scale muchbetter with AI than having some
poor person go through eachcontract individually and type
it in.
I can't even imagine.
Speaker 2 (36:16):
Coders are unique.
Speaker 1 (36:19):
Whichever developer committed the lines of code that
had the privacy violations willmake that person into the
contracts.
Speaker 3 (36:27):
Make the punishment fit the crime.
Speaker 1 (36:30):
They'll start writing better code.
I promise you, it'll happenevery time.
Yeah.
Speaker 2 (36:35):
Oh, did you have something else, Aaron?
Speaker 3 (36:36):
Oh, did you have something else, aaron.
No, I was going to say we'reactually.
My team is developing sometraining right now with.
The idea is that we're aimingfor this golden code that meets
the business objectives and theprivacy objectives at the same
time.
So we've got some pretty coolthoughts we have around how we
do that and how we kind ofengage with people.
But yeah, the idea is thatquality code is code that meets
(36:58):
privacy requirements.
So really kind of tying thatinto it's not like it's this
whole separate thing, it's justone aspect of quality.
You know, meet people wherethey are Gotcha.
Speaker 2 (37:09):
OK, so last thing here.
Obviously we talked a littlebit about PSR.
I know that you're going to beon that last panel of the last
day, which I think is Tuesday,so anyone listening that's going
to be at PSR, I'll be there aswell.
Aaron's going to be there.
Is there anything else that youwant to talk about for PSR?
Speaker 3 (37:32):
when it comes to HP, yeah, I clearly can't count
because I'm on three panels.
I thought it was two, but I'mon a panel on Monday around kind
of what are the metrics thatactually matter?
So what's the stuff thatactually is going to be good for
decision making as opposed tojust for producing pretty
reports?
And then I'm on a panel anotherpanel on Tuesday before the one
(37:53):
with the robot that's morearound kind of the stuff we were
just talking about with how dowe get back to where the
developers are actually writingthe code and identify issues
there?
So, yeah, lots going on.
I'm looking forward to catchingup with a lot of people that I
haven't seen for a while.
But yeah, next time I'm goingto make sure I don't overcommit
myself.
This was when I realized I wascounting them up and I was like
(38:16):
whoops, that's all right, it'llgo by quick.
Speaker 2 (38:22):
I'm sure it always seems like those things do.
You'll be blessed.
Yeah, I wish you could be there, gabe, I know.
Speaker 1 (38:30):
Unfortunately I won't be able to join you, gentlemen,
but have a good jolly time onme.
I don't mean financially on me,of course.
I was going to say just sowe're clear.
I am not to be added and I'malso not to have the bill sent
to me.
Speaker 2 (38:49):
Appreciate you taking the time to join us today and
hopefully I'll see you next weekat PSR in LA.
Sounds great.
Speaker 3 (38:58):
Yeah, I'll try and find you amongst the crowds, sir
, sounds great.
Speaker 1 (39:01):
Yeah, I'll try and find you amongst the crowds.
Yes, sir.
Speaker 3 (39:02):
Pleasure Be well Likewise.
Thanks guys, Take care Bye.
Gabe, it's all right.
Oh, does everyone know?
Does everyone?
Because I moisturize, and needI remind you it does not crack.
We are live, though, so thathappened, we are.
Speaker 2 (00:14):
Well, ladies and gentlemen, welcome back to
Privacy, please.
Cameron Ivey, here hanging outwith Gabe Gumbs and a special
guest today, aaron Weller.
He's the leader in privacy,innovation and assurance COE at
HP.
Aaron, thanks so much for beingwith us today.
Speaker 3 (00:31):
Oh, no problem, Thanks for inviting me back.
Speaker 2 (00:34):
Yeah, second time we had you back a couple of years
ago now, when you were kind ofrunning your own company and
doing stuff there there's beensome changes since own company
and do.
There there's been some changessince um.
Would love to hear about what,what you've been up to and maybe
for the listeners as well,what's going on in your life
right now sure?
Speaker 3 (00:52):
so, yeah, I'm coming up on two years at hp, so it
must have been a couple of yearsago, uh, we last chatted, but
uh, yeah, so I joined back inthe end of 22 to uh to head up
kind of a new privacyengineering function, uh, which
is something that I stood up.
I was the first person in thatteam and stood that up, hired a
few people and then, fairlyrecently, my role has expanded a
(01:16):
bit.
So we're now going to bestanding up a privacy assurance
team as well that I'm going tolead, as well as expanding kind
of rebranding more thanexpanding kind of the
engineering function to cover alot of the innovation that's
going on at HP.
Right, we've got a long historyof innovation and I thought
engineering doesn't really kindof cover all of the stuff that
we're doing, particularly whenyou get into the AI space.
So still the old stuff, but abunch of new stuff as well.
(01:40):
It's incredible.
Speaker 1 (01:41):
What are you most jazzed about?
Because this is definitely asignificant undertaking that
sounds like it is filled with alot of fun, but also a lot of
challenges.
What are you jazzed most about?
Speaker 3 (01:58):
Yeah, I mean I think I tell people I get to work on
the fun stuff.
My team is looking kind of intothe future and how do we cope,
you know, cope with stuff anddigest things before they become
problems.
So a lot of the I would say thewins that we've had are when we
can actually find a solution toa problem.
That wasn't necessarily obviousand it needed a bit of digging
to get there.
So even some of the work, Imean it sounds simple but one of
(02:21):
my team really recentlypublished a paper around
aggregation techniques wherethere's remarkably little in the
literature about aggregationfor privacy.
There's a lot around kind ofstatistical analysis and that
kind of thing, but reallyapplying that privacy lens to
something that you think is it'sa basic technique but it's so
commonly used that you knowhaving a standard for how do we
(02:43):
do that commonly used that youknow having a standard for how
do we do that.
You know how do we judge therisks versus kind of what we're
actually aggregating.
You know all the way up to then.
You know some of the stuffwe're doing around AI use cases
and really you know how do welook at what those risks are as
they're emerging and kind of asthe standards are being
developed to my team in someways is helping to develop those
standards Right.
So I think a lot of it comesback to just the chance to go
(03:06):
and solve problems, which issomething I've really enjoyed
throughout my career.
Speaker 1 (03:12):
I am intrigued by the aggregation problem.
We don't have to dig into itnow, but I feel unfamiliar
enough with it that I'm almostcompelled to clarify it for the
listeners as well.
Speaker 3 (03:25):
Yeah, so it comes up in a number of different areas.
So you could be aggregating,like a common use case would be
with surveys, right, we do asurvey.
What is the?
If we want the respondents toremain anonymous, what's that
minimum aggregation limit?
But if you're looking at kindof tabular data some different
kind of there's more richness tothat data.
(03:46):
So potentially you've got moreavenues of attack.
So we're really looking at someof these things for a privacy
attack perspective.
How would you identify anindividual?
How would you single out thatperson within that data set?
You can imagine that withemployee surveys.
Right, we know something aboutthe employees as well.
So if you don't have a minimumsize, it's fairly easy to say,
(04:07):
oh, that must be Joe, becauseyou know, I know how Joe writes
and that's how kind of theyanswer the question.
So it's everything from kind ofthat kind of survey-based stuff
to then when we're looking atkind of getting more, you know
what's the performance of thiswebsite or this app and we're
getting more of those aggregatedstatistics.
So, yeah, lots of.
When you get into the actualdata itself, that's where you
(04:29):
start getting some of thesedifferent nuances, and that was
really where the research wasfocused is what's out there in
the literature.
A lot of the stuff that's outthere publicly is around health
data right, because a lot ofthat data is then published as
research studies, but you don'twant to identify the people who
are part of that.
So try to take that health databecause of course, we're not a
health care company and how doyou then apply and generalize
(04:52):
some of that stuff to the kindsof data that we work with?
Speaker 1 (04:55):
So now you're talking my language.
You see, this is the problem assomeone who just thinks purely
as an attacker More days thannot You're.
You're thinking about it verymuch from a defender's
standpoint, which I get now thatyou say it that way.
So what you guys are lookinginto are novel ways to prevent
re-identification attacks,exactly.
Speaker 3 (05:14):
Yeah, so re-identification is a big part
of.
I actually have someone who'spretty dedicated to
re-identification attacks.
And then how do you calculatesome of the probability of that
re-identification beingsuccessful?
So we're doing a study at themoment, for example, around
different synthetic datagenerators and can you compare
their re-identifiabilitydepending on kind of how they
(05:37):
generate that synthetic datafrom real data?
So, yeah, a lot of it's reallygetting back to how do we go
away from this very fuzzyconcept of risk that a lot of
people use and really being ableto quantify some of those
things using kind of engineeringand stats, to imagine that the
person that does this full timeon your staff.
Speaker 1 (05:56):
There's all of these other aspects of re-identifying
data by itself, aspects ofre-identifying data by itself.
It's obviously, by definition,not really possible, because if
it's been de-identified andthat's all you have, sure.
But then you start addingdifferent source data to it and
that's where you start gettingthe crossover in those tuples,
(06:18):
but that seems almost like itmight be.
Well, it's a hard problem.
Let's start there, which is whyI presume your team's on it,
because it's sure it's fun.
Well, it's a hard problem.
Let's start there, which is whyI presume your team's on it,
because sure, it's fun, but thisis a hard problem.
You don't know what you don'tknow, and you also don't know
what data sets might be released, by whom and under what
circumstances, including thosein the dark web, for example,
(06:38):
that could be used tore-identify data.
Speaker 3 (06:43):
Yeah, all of those things go into the threat model
that we've developed.
So we're looking at, you know,is it just going to be used
internally?
We're going to be publishingthis stuff externally.
Is there the possibility of adata set that you could, as you
say, kind of recombine?
Because if you remember back inthe day, right, the Netflix
example, aol search results,right, there were these data
sets where you had the samepeople in the data set.
(07:03):
The good news for us is a lot ofour data sets are really about
the devices that we sell, sothere isn't really a direct
compare.
It's not really thattraditional, you know what you'd
think of as personal data forthe most part.
So that does mean it's a harderproblem for someone to attack
because they don't really have a.
There's no good starting pointfor them to perform an attack
(07:23):
against the data set, unlessthey've got something else.
But, yeah, all of that stuffgoes into our threat model and
then we can kind of makedeterminations based on those
different factors.
And, as you say, you don't knowall of this stuff, but you can
make a pretty, you know a prettysolid set of guesses that give
you at least some outlines ofwhere you want to be.
Speaker 1 (07:40):
This is fascinating.
I do not know how much of thiswork will make its way well, the
substrate of the work but I'dlove to get a better
understanding of what are-identification threat model
looks like through the eyes ofsomeone who's researching it
daily.
That would be of high interestto me, just from a personal kind
(08:05):
of.
Speaker 3 (08:05):
Yeah, it's.
One of the real interestingthings for me is that when my
team go to conferences andthey're like other people aren't
thinking of this stuff or we'refurther ahead in kind of the
thinking than some of theseother folks, which is it's
always gratifying that we'realong the same track and
oftentimes it's having thatperson who can go and dedicate
time to, to really thinkingabout these hard problems right,
(08:26):
as opposed to me beingscattered in 50 different
directions.
It's nice to be able to givepeople a smaller set of problems
and say go and work these untilyou get to a good point.
Speaker 1 (08:35):
That's awesome.
That's really cool.
I am super fascinated by thisparticular.
I mean for what it's worth,full disclosure, excuse me, I
mean for what it's worth fulldisclosure, excuse me.
Right before COVID, we'd setout to do some research in this
area ourselves, just some verylight kind of side work, and I
(08:56):
just never got the cycles tofinish up the work.
But the theoretical portion ofit, having done a bit of looking
on, excuse me, I feel like thethreat of re-identification is
growing and growing.
I mean, I don't know how youguys feel about it, but I don't
think that there's two things.
I think that there's twodynamics.
The first is, to your point, alot of people just don't seem to
be thinking about it.
(09:17):
And then the second point isthere are a lot of people
thinking about it and they'redata brokers.
They are.
They're all aboutre-identification attacking
Excuse, people thinking about it.
And they're data brokers.
They are.
They're all aboutre-identification attacking,
although, excuse me one, I don'tknow if you would call them
re-identification attackers,although that's a.
That's a better name than databroker.
Data broker makes it sound likethey're in the.
It's some kind of legitimatebusiness what do you mean?
Speaker 2 (09:37):
that's not a legitimate business I mean so is
so?
Speaker 1 (09:42):
is, you know, la costa de nostra?
Hey, you didn't hear it from me.
Speaker 2 (09:48):
I'm still sitting on the part, aaron, where you said
that HP wasn't a health company.
I'm just my goofy self justthinking that H and HP being
health obviously is not to thePack backward, but still, what
do you think the biggestchallenge in AI today is just,
(10:08):
generally speaking, maybe fromall your research that you found
interesting, or maybe somethingthat you didn't realize.
Speaker 3 (10:14):
Yeah, for me I think that the challenge is and even
just it's keeping it.
I've read a couple of articlesthis morning and I just got off
a call about some of the AIlegislation landscape.
There's so much going on thatjust trying to understand you
know, what are the things thatthat I should be concerned about
, and I was giving apresentation yesterday that
(10:36):
someone asked me the questionhow do you keep up?
A lot of it comes back to theprinciples we just published
externally our ethicalprinciples, which you can find
on our website, and really Ithink having that strong
foundation of what we're aboutwhen it comes to AI, it helps to
make sure that when we'relooking through the lens of
these new laws and things thatare coming out, we've got kind
(10:58):
of those foundational things wecan always come back to around
transparency, fairness and thosekind of things.
Speaker 2 (11:03):
Yeah, that's probably the trickiest part is with all
these new laws coming out.
I think there's a slew of themin the next few months.
I know the Montana one's comingout October 1st.
When it comes to privacy and AI, when you're researching and
going through things with yourteam, how do you balance that
innovation without sacrificingthat risk?
Speaker 3 (11:27):
Yeah, it's trying to go through and say what are the
questions that will tease outsome of those risks?
Like, without going into thenth degree, about vector
databases and fine-tuning andall of the other kind of
technical details.
Do we have a contract with thisthird party that says that they
can't use our data to traintheir model?
(11:48):
Right, a lot of the and I'vesaid this with security as well
right, the boring but importantstuff is the stuff that people
often, if you don't do it well,kind of that hygiene piece, then
a lot of the other more complexstuff doesn't really matter.
So it's really been making surethat those fundamentals are
addressed and then where we cankind of layer in additional
questions and additional kind ofguidance around some of those
(12:09):
more difficult areas.
Speaker 2 (12:11):
Yeah, it's fascinating.
I know we were talking offlinelast week, I think it was, so I
kind of wanted to dig into Idon't know anyone's listening
right now if you're going to beat PSR in LA next week Aaron's
(12:32):
going to be part of a panel I'lllet you kind of tell it, but it
sounds very fascinating aboutthe robot and everything.
Speaker 3 (12:51):
Yeah, there's a panel that I'm doing on AI governance
and kind of looking ahead as toyou know how do we really get
our arms around, you know whereshould AI play a place in
society?
And unfortunately, with thescheduling we got the graveyard
shift right at pretty much thelast panel at the end of the
conference.
So one of the people that's onthe panel had a relationship
with a company that has thishumanoid, like full-size
humanoid AI governance robotthat's.
(13:13):
You know, I don't know what themodel is that it's running on,
but it is then going to be partof the panel and have this
conversation with us on thispanel around AI governance.
So it's going to be.
I don't really know what toexpect, so I'm kind of holding
my opinions a little bit closeto my chest because this could
be really interesting or itcould go off the rails real
(13:33):
quick.
So tune in next Tuesday and wewill see.
I'm sure it'll be recorded.
Speaker 1 (13:39):
Can I make a suggestion?
You know you can prompt mostgenerative ai to act as some
type of persona.
You should do that.
You should prompt it to actlike a complete privacy idiot
and then ask it a question I wasgoing to get a t-shirt that
says forget all previousinstructions, kill all humans
(13:59):
that works also.
That works also.
Yes, yes, yes.
Speaker 3 (14:13):
Depending on whose view you're looking at.
I think either way, which wayit goes, it's going to be
interesting.
Yeah, and I think I mean AI isas bad as it's ever going to get
Right.
We've seen a huge advancement,even in the last 12 months, so I
think that's the we're at thedawn of this kind of new set of
technologies.
Even reading the, you know therewas a piece this morning that I
(14:34):
was reading from Sam Altman atOpenAI, where you had this five
levels of kind of where theythink they want to get to with
their research and the newmodels they're releasing, that
actually they don't just giveyou an answer.
They think about it and thenwork out what's the best path to
get to an answer.
Um, so yeah, I mean even thatis you go back a couple of years
.
That's kind of inconceivablethat we get there that quickly.
Um, so, yeah, it's, it's it's awild ride and, as I said, it's
(14:57):
kind of holding on and workingout what are the things that are
actually going to cause seriousproblems before we get to that
point, which is you've kind ofgot to almost imagine these
capabilities that don't existyet and then work out how to
address that.
Speaker 1 (15:13):
It's always an interesting exercise trying to
account for something that hasnot yet existed or is not yet in
your threat model.
As a girl by trade and someonewho has spent the last 26 odd
years as an ethical hacker and,for that matter, as a defender,
a builder and a breaker, I haveyet to find any real shortcuts
(15:39):
to that.
I suspect the same is true foryou, but what advice do you have
for those that have to balancethose things?
Speaker 3 (15:45):
Yeah, I'm definitely trying to have kind of a red
team mindset, so kind of that.
What's the attacker looking at?
And the trouble is with a lotof the privacy issues is the
attacker is us?
The attacker is us doingsomething that we don't intend
to, or that we don't realizewhat the rules are.
Speaker 1 (15:59):
That's a great point.
Speaker 3 (16:00):
Yeah, it's one of those things that trying to
explain, particularly tosecurity folks, right, when
you're doing threat modeling,you're like, well, this is a
nation state actor, this is this.
But with privacy, often it'slike someone just didn't
configure the system right or wedidn't.
You know we collected the datafor one reason and we want to
use it for another reason.
So that's where a lot of theeducation comes in that you know
(16:22):
we have.
The good news is we have thepower to stop a lot of those
problems.
But the bad news is that youknow you can't just blame
somebody else when somethinghappens, because often it comes
back to being something that we,you know, potentially could
have stopped.
That's a great point.
Speaker 1 (16:36):
The call is coming from inside the house, isn't it
Exactly?
Speaker 2 (16:40):
Not surprising though ?
I guess no, when it comes to anoperational standpoint or just
for other businesses or just asan individual.
Aaron, is there a place thatyour team actually shares these
research findings and thingsthat others can actually look up
or read into or stay up to datewith?
Speaker 3 (17:02):
We are, we are trying to work out.
So the answer is no.
Today.
We are involved with a lot ofgroups, and one of the things
that my team is is directlyinvolved in is with the ISO SC42
committee, which is the newcommittee around AI standards
development.
So we are kind of working insome of those groups that will
then lead to things that arepublished.
But, yeah, in terms of, we'relooking at several kind of more
(17:24):
research groups and try to workout.
One of the phrases that hasreally stuck with me was the way
you speed up innovation.
Is you make the borders of yourorganization porous, right?
You let ideas come in, you letideas go out and you kind of you
find stuff that you wouldn'thave considered, and we've
really found that with, uh, witha lot of this more advanced
research oriented stuff, is thatit doesn't matter how smart
(17:47):
your folks are, uh, just thatmore brains being applied to a
problem uh, gives you things youhadn't really thought of, right
?
Um, so we're, we are looking athow do we get some more?
You know things that could bepublished, particularly where
it's going to advance, uh,things moving forwards, uh, but
we're not quite at the statewhere some of the, uh, the
(18:07):
companies that do have similarteams to mine.
Uh are maybe a little bitfurther along with actually
having a, you know, publicfacing blog where they publish
some of these things.
Uh, I'd love to get there, butit's kind of there's other work
I want to be prioritizing first.
Speaker 2 (18:20):
Yeah, that's fair.
Oh, man, so many ways that wecan go with this conversation.
I you know, throughout yourjourney you've done a lot of
things.
What would you say, I mean, atthis point in your career, is
there one thing that kind ofhelped you land in a position
that you are now that you couldgive advice to others?
(18:41):
Um, that you maybe didn'trealize?
I think uh probably the biggest.
Speaker 3 (18:47):
The biggest reason I am where I am now is I was
willing to take risks.
Uh, right, I started my careerin the big four.
Right, not, not not known forfor accountants and not known
for being risk takers.
But then I moved intoinformation security, knowing
very little about it, in thelate 90s, and managed to kind of
(19:09):
say this is a new area that Iwant to be more involved in and
similar with privacy.
People will say, well, you knowwhy would you want to go into
privacy, like money's, themoney's in security?
Right, right, it's much morewell-established privacy.
We don't even know this waspre-gdpr.
We don't even know if it's evergoing to become a big thing.
Um, so I think, yeah, always beable to take those, or willing
(19:30):
to take those risks and thenpick myself up when things
didn't work out right.
I've been a co-founder.
I've been a co-founder of twocompanies.
I haven't made my big exit andretired, but I've picked myself
up when things haven't gone theway that I've wanted it to and
said, okay, what could I do next?
So I think that's the big thing, it's being prepared to follow
(19:52):
the stuff that you find isinteresting, and that's the fact
.
You know the fact that I kindof get to work on innovation.
Uh, it's really because I putmyself in a position where I'm
like I'll do the new stuff right, the stuff that's not so safe
and not so well established.
Any advice you'd give to?
Speaker 1 (20:07):
your past self in that vein uh, it's a really good
question.
Speaker 3 (20:12):
Uh one maybe I haven't thought about as much as
I should have done, but uh, butI think maybe it's kind of it
it's easy to have the survivor'sbias right given, kind of I'm
looking back but to say, maybe,maybe, have faith in yourself
that you can just go out and dothese things and you can cope
with the ups and the downs.
And you know, not every day isan easy day, but as long as you
(20:33):
keep kind of with a goal in mind, you'll, you'll still get to a
good place.
Keep kind of with a goal inmind, you'll you'll still get to
a good place.
But yeah, it's, it's easy tosay that, looking back and at
the time, right, you never knowhow things are going to go.
Speaker 2 (20:43):
So that that's that's a challenging question to to
answer.
It is what?
Let's talk about the future alittle bit.
What?
What kind of predictions doesI'm guessing, since we didn't
know how busy you are and it maybe a few more years until we
have you back on the show, butwhat do you kind of see
(21:04):
happening going into 2025, 2026?
Speaker 3 (21:17):
It's crazy to say, but what do you kind of see
happening and what do you hopethat kind of happens when it
comes to AI and technology andprivacy?
Yeah, so one of the big thingsthat I'm looking at is around
kind of almost this nexus ofdata laws, particularly coming
out of Europe, where thisdistinction between personal
data and non-personal data and Ithink, gabe to what you were
saying earlier about the youknow that there's so much data
out there now that almost anydata can be personal or
(21:37):
connected back to an individual,particularly with things like
the EU Data Strategy, the DataAct, e-privacy already doesn't
care about whether something'spersonal data or not.
So I think, while we almostwe're going to have this
situation where this kind ofgovernance of data overall cyber
privacy, ai you know overallkind of governance of data
overall cyber privacy, ai youknow overall kind of governance
(21:58):
and hygiene they're going to becoming much more together
because I think some of theflexibility that organizations
have had to manage data, the waythat works for them, is going
to get eroded further andfurther as these new laws come
in right.
The Data Act, for example, saysyou says, any data that comes
(22:19):
off of a device potentially canbe subject to a data subject
request, not just personal data.
So that kind of almostartificial distinction we've had
in the past is going to go away, which means kind of strategic
rethinking around what even isdata we want and how much we're
using it.
I go back to a study from a fewyears ago from IBM that that
says, like I think it was, likethree quarters of all the data
(22:41):
organizations collect is neverused, um, so you're effectively
paying four times the price, uh,for kind of storing and
protecting that data.
You should be, uh.
The trouble is, of course, it'svery hard to work out what the
25 is that really is valuable,uh, so that's kind of I think
that's an interesting place toreally be, you know, at the
center of as we start to almostrethink our relationship with
(23:02):
data.
Right, since the cost ofstorage plummeted to almost zero
, people are like more data isbetter, right we can make, and
especially you've seen thearticles about the LLMs will
have sucked in the entireinternet.
There'll be no new data by 2026, 27 for them to continue to
train on.
So you know, do we need tochange our relationship with
(23:24):
data fundamentally?
That's kind of an interestingthing I'm keeping an eye on.
Speaker 2 (23:28):
Yeah, that is Gabe, and I have had conversations
about this.
This kind of rings a bell.
Gabe, if you're still there, Iknow you're probably dealing
with something technical.
Speaker 1 (23:35):
I am on minor technology, technology issues,
but ignore it okay, no, I wasgonna.
Speaker 2 (23:41):
I figured you might want to chime in here because it
sounded similar to theconversation we had about data
backups and how a lot ofcompanies are still not really
doing that yeah, and some aredoing the exact opposite, which
is even worse to aaron's point,which is they're getting rid of
nothing, nothing at all.
Speaker 1 (24:00):
In the analytics space, we see exactly both they
get rid of nothing, and nothingis sacred enough that it is
preserved, such that you havecopies of it for when you need
it.
It's this weird dichotomy wherethere seems to be no middle
ground, and so I'm inclined toagree.
Our entire relationship withdata needs to change.
Our entire relationship withdata needs to change
(24:21):
fundamentally because, as we'vetalked about in the show,
privacy is a byproduct ofsecurity, not the other way
around.
It just cannot be right.
You cannot have privacy withoutsecurity.
You can certainly have securitywithout privacy, but you cannot
have it the other way around,and that part of the way we
think about data feels likewe're pushing a rock up a hill.
(24:42):
Still some days and by somedays I mean days that end in y,
but you know only some of thedays that end in y- why do you
think that is, though?
Speaker 2 (24:53):
why?
Why do you both feel like?
Why?
Why is that such a?
Is it because we don't like?
Nobody has the direction tochange or want to change?
Speaker 3 (25:06):
I think part of the problem is it's easier to ask
for new data sometimes than itis to curate what you have or to
find where it is alreadyexisting and what if it's
existing.
But it's only two thirds of thedata.
You the data you want, goingand asking for that whole new
data set.
So yeah, I've seen across awhole bunch of companies, I've
worked with that kind of thebias towards well, let's just go
(25:27):
and get what we want, ratherthan kind of extracting the 80%
we may have already it's likewhen you make too many different
email accounts because youdon't want to deal with the spam
, so I'm just going to create anew one.
Speaker 2 (25:44):
Am I the only?
Speaker 1 (25:44):
one.
No, you're not the only onethat has happened.
Speaker 3 (25:49):
Well, there's that, or I mean, even if I think back
right, I've lived in differentcountries around the world.
The number of bank accounts outthere that I probably have like
five bucks in that I don't evenknow how they would ever know
how to get hold of me at thispoint.
Speaker 1 (26:01):
So they're compelled to keep your five bucks.
Speaker 3 (26:08):
Well, yeah, and at some point, yeah, I don't know,
but yeah, with the emailaddresses I mean, and especially
I was trying to get into anaccount the other day and they
wanted to send a password resetto an email I no longer have
access to and there's no kind ofside channel to be able to say
I don't have access to it.
Authenticate me some other way.
I think we have this kind ofdigital legacy that at some
(26:32):
point you don't have access toall of that data that maybe you
once did.
Speaker 2 (26:37):
I just blanked out.
I had a question and it dropped.
This happens often.
My brain goes everywhere.
Speaker 1 (26:43):
Well, I have a question.
I asked you what advice you'dgive to past self, but what do
you see five years from now?
Where is not Aaron himself?
But where is this program at?
What does the world look likeand what has changed?
Because, yeah, that's a goodquestion.
Speaker 3 (27:01):
I think I do have more of a sense of that, right,
I think maybe an easier questionto answer.
For me, the fundamentals of alot of what I do is down to
let's take kind of the itdepends out of some of these
answers.
Right, I know that it's kind ofthe classic answer, but to an
(27:21):
engineer, it depends is not arequirement, right, you can't
build something on the basis ofit depends.
Maybe you need to build adecision tree that says, well,
if it goes this way, we do this,or this way it goes that.
But you can't just have thisgray area in the middle.
So a lot of what my team isfocused on in five years we will
have done, hopefully, is toreally get those foundational
(27:43):
pieces of that very solidfoundation of a program that
whenever anyone has a questionabout the program we have a
black and white answer, up tothe point where we don't right,
because there's always going tobe emerging stuff.
But we know that for therepetitive questions and the
things we should have answers tohow many countries do we
operate in?
There's one answer to that, butif I ask three different people
(28:04):
, they're probably going to goto three different data sources
and come back with maybeslightly different answers,
right?
So that's the kind of stuffthat I want to provide, that
framework and foundation foreverybody else, where the good
thing is, then, that we canactually focus on the problems
we haven't solved rather thankeep re-answering the problems
we already have.
Speaker 1 (28:22):
Yeah, that's good.
Gabe's back, we're good.
Yeah, apologies, all of thetechnical issues today.
Speaker 2 (28:29):
You're good, so I was going to go to what you and
Aaron were talking about.
When there needs to be this.
What was it?
The change with the way that wehandle data, or was it?
Speaker 3 (28:40):
the kind of our relationship with data right.
More is not always better.
I'd rather have more highquality data, the more data, and
I think we've.
We're at the point where, uh,what is it?
Uh, quantity has its ownquality or there's some variety
of that right in order forsomething to change there.
Speaker 2 (28:59):
Do you think that there is going to be some kind
of major event or something thathappens to, where it's
basically a force of changerather than someone actually
being innovative and making achange for all?
Speaker 3 (29:12):
I guess uh, the trouble is, the only kind of
events that I can see are badones.
Right, you know, an election isverifiably influenced and you
go back and say, well, thereason we could do this is
because we knew, down to thehousehold level, x, y, z about
these things, and maybe all ofthat stuff shouldn't be as
(29:35):
available as it is.
So, yeah, it's.
I unfortunately I can't thinkof a good.
I think the Europeans are kindof more pushing in this
direction with some of theiroverall data strategy, but I do
think something's going to haveto break at a pretty significant
level before that changes,because otherwise there's no
real incentive for companies torethink that.
I think what's working isworking well enough, but then,
(29:58):
pre you know, pre GDPR and postGDPR, the world didn't end right
where suddenly some of thesethings came in.
So, yeah, companies will adapt.
Speaker 2 (30:07):
You mean like when 2000 hit and all the computers
didn't explode?
Oh yes, Yep.
Speaker 3 (30:12):
No, I was doing a whole bunch of 2000, year 2000
consulting back in the day, so Iwas going to say that there was
a lot of money to be made onnot solving the problem yeah,
well, you guys were in theindustry around that time, right
yeah um, not sorry to age youum, but where do you guys
remember that day?
Speaker 2 (30:32):
do you remember where you were?
Do you remember all that fuss?
Speaker 3 (30:37):
I was at the uh, the millennium dome inome in London
for the end of the MillenniumParty.
So yeah, I know exactly where Iwas, but I don't think I was
thinking about computers.
Speaker 1 (30:49):
I knew where I was because I was on call.
I was a network engineer backthen.
I was put up in the HelmsleyHotel in New York City waiting
for something to burn down.
I remember exactly where I was.
Did you believe that it forsomething to burn down?
I remember exactly where I was.
Did you believe that it wasgoing to burn down, fairly
certain it wasn't going to be asbad as the news said it was.
But I was pretty certain noteverything was going to go well
(31:10):
because you know technology.
Speaker 3 (31:14):
Well, yeah, and I just spent the last two years
fixing stuff that would havebroken to some level of broken.
Um, I think what we didn'treally realize was what we
didn't people over exaggeratedmaybe was broken often doesn't
mean that nothing, nothing works.
It's like some level ofdegraded functionality that you
(31:35):
can still, you know, get by onuntil you fix it exactly that
makes me think well, when?
Speaker 2 (31:41):
when do you think?
Well, I mean, now that we havewhat?
Quantum computing?
Um, apparently isn't that goingto be around 2030, is the
estimation, something like that,yeah I mean do you think that
that's the next like type of2000 computer I don't know phase
(32:01):
where people are going to overexaggerate, or do you think
that's going to actually besomething pretty?
Speaker 3 (32:07):
I think for certain things, particularly around
cryptography.
Right, it's going to break abunch of stuff, but we've
already released devices thatare post-quantum ready, so in
the last year or so.
Yeah, 2030 is kind of about, Ithink, when those things are
going to change.
But there's already, you know,quantum resistant algorithms and
(32:29):
things like that that you canstart putting in place and then
at some point will deprecate theolder versions.
But as long as you're releasingthe products and it's all in
there now, you can deprecate itlater on.
So I think certainly bigcompanies are already thinking
about that, and I'm sure thatthe RSAs of the world are well
on top of that with.
How are we going to migrateaway from these existing
(32:50):
technologies?
Speaker 1 (32:50):
That's definitely the biggest challenge is there's a
lot of data that is sittingencrypted that once we have
stable quantum computing, itwill not take long to decrypt
that data.
Speaker 3 (33:05):
Yeah, and I think that the use case that I've been
thinking of is like if wecollect foreign adversaries
traffic and we can't get into it, we're still going to have a
really good picture of what theywere thinking, even if it's
historical that may inform thefuture.
So I'm sure that's one of thebig things that's going to
happen as soon as we get thatcompute power at scale.
Is all of this stuff that'sbeen sitting there waiting for
(33:25):
the ability to get into it willthen be, you know, analyzed,
probably by AI, I would suspect.
Speaker 2 (33:31):
Probably A couple more things, aaron, anything
that we haven't talked aboutthat you might want to bring up,
that that you've been digginginto recently, that, uh, has
been interesting to you or thatmight be interesting to the
listeners trying to think whatwe haven't covered.
Speaker 3 (33:46):
Um, yeah, I mean, we we're also.
One of the other things wehaven't talked about is kind of
trying to get back into the codeand work out and I think, gabe,
you'd appreciate this is youknow, where are their privacy
problems originating in the codeitself, rather than doing more
of a manual review or going andtalking to the developers, what
is the code that they've writtenactually say?
(34:08):
So that's something we're inthe middle of working on right
now as well is, how do we go andwork out?
Where do we find these problemsas soon as they're put into the
repositories, so that we canfix them before they go into
production?
So, yeah, trying to get that.
You know, I do feel the shiftleft is probably a bit of an
overused term, but kind of we'retrying to get back into the
development cycle to be able toaddress those problems, kind of
(34:31):
as they you know, as they areactually written, rather than
picking them up, you know,months later.
Speaker 1 (34:36):
No, I have a strong appreciation for shifting left
in that analogy.
We began doing that with codefrom a security perspective
quite some time ago.
Speaker 3 (34:44):
Oh yeah.
Speaker 1 (34:44):
Yeah, and it's a classic sync to source problem,
right, you were highlighting thehuman version of sync to source
, which is we collected thatdata in this sync and we said
that it should only be used forthis purpose over here, but the
code seems to have multiple waysthat it allows it to be
(35:05):
accessed by multiple differentstreams or you know that kind of
thing.
I can very easily picture noshortage of ways, especially
with the type of applicationsthat pick data up, hold on to it
and then make some decisionsabout where it goes.
Right, like you know, thinkthose kinds of technologies and,
yeah, there's definitely a lotof privacy code issues just
(35:29):
waiting, hopefully, to be solvedfor, and not just Is this
something that AI could actuallybe helpful with?
Speaker 3 (35:38):
Yeah, there's pieces I mean, the technologies we're
looking at do have some AIcomponents, but a lot of that
would be for well.
It's both for looking at theoutput but also helping to.
For example, one of the coolthings we're looking at is how
do you effectively understandthe contract with a third party
and then compare what's in thecode with what's in the contract
(35:58):
?
Right, because usuallydevelopers don't see the
contract and lawyers don't seethe code, so you've kind of got
this assumption that both ofthose two things are equal.
But yeah, that's really.
You can do that at scale muchbetter with AI than having some
poor person go through eachcontract individually and type
it in.
I can't even imagine.
Speaker 2 (36:16):
Coders are unique.
Speaker 1 (36:19):
Whichever developer committed the lines of code that
had the privacy violations willmake that person into the
contracts.
Speaker 3 (36:27):
Make the punishment fit the crime.
Speaker 1 (36:30):
They'll start writing better code.
I promise you, it'll happenevery time.
Yeah.
Speaker 2 (36:35):
Oh, did you have something else, Aaron?
Speaker 3 (36:36):
Oh, did you have something else, aaron.
No, I was going to say we'reactually.
My team is developing sometraining right now with.
The idea is that we're aimingfor this golden code that meets
the business objectives and theprivacy objectives at the same
time.
So we've got some pretty coolthoughts we have around how we
do that and how we kind ofengage with people.
But yeah, the idea is thatquality code is code that meets
(36:58):
privacy requirements.
So really kind of tying thatinto it's not like it's this
whole separate thing, it's justone aspect of quality.
You know, meet people wherethey are Gotcha.
Speaker 2 (37:09):
OK, so last thing here.
Obviously we talked a littlebit about PSR.
I know that you're going to beon that last panel of the last
day, which I think is Tuesday,so anyone listening that's going
to be at PSR, I'll be there aswell.
Aaron's going to be there.
Is there anything else that youwant to talk about for PSR?
Speaker 3 (37:32):
when it comes to HP, yeah, I clearly can't count
because I'm on three panels.
I thought it was two, but I'mon a panel on Monday around kind
of what are the metrics thatactually matter?
So what's the stuff thatactually is going to be good for
decision making as opposed tojust for producing pretty
reports?
And then I'm on a panel anotherpanel on Tuesday before the one
(37:53):
with the robot that's morearound kind of the stuff we were
just talking about with how dowe get back to where the
developers are actually writingthe code and identify issues
there?
So, yeah, lots going on.
I'm looking forward to catchingup with a lot of people that I
haven't seen for a while.
But yeah, next time I'm goingto make sure I don't overcommit
myself.
This was when I realized I wascounting them up and I was like
(38:16):
whoops, that's all right, it'llgo by quick.
Speaker 2 (38:22):
I'm sure it always seems like those things do.
You'll be blessed.
Yeah, I wish you could be there, gabe, I know.
Speaker 1 (38:30):
Unfortunately I won't be able to join you, gentlemen,
but have a good jolly time onme.
I don't mean financially on me,of course.
I was going to say just sowe're clear.
I am not to be added and I'malso not to have the bill sent
to me.
Speaker 2 (38:49):
Appreciate you taking the time to join us today and
hopefully I'll see you next weekat PSR in LA.
Sounds great.
Speaker 3 (38:58):
Yeah, I'll try and find you amongst the crowds, sir
, sounds great.
Speaker 1 (39:01):
Yeah, I'll try and find you amongst the crowds.
Yes, sir.
Speaker 3 (39:02):
Pleasure Be well Likewise.
Thanks guys, Take care Bye.
Popular Podcasts
On Purpose with Jay Shetty
I’m Jay Shetty host of On Purpose the worlds #1 Mental Health podcast and I’m so grateful you found us. I started this podcast 5 years ago to invite you into conversations and workshops that are designed to help make you happier, healthier and more healed. I believe that when you (yes you) feel seen, heard and understood you’re able to deal with relationship struggles, work challenges and life’s ups and downs with more ease and grace. I interview experts, celebrities, thought leaders and athletes so that we can grow our mindset, build better habits and uncover a side of them we’ve never seen before. New episodes every Monday and Friday. Your support means the world to me and I don’t take it for granted — click the follow button and leave a review to help us spread the love with On Purpose. I can’t wait for you to listen to your first or 500th episode!
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Dateline NBC
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations. Follow now to get the latest episodes of Dateline NBC completely free, or subscribe to Dateline Premium for ad-free listening and exclusive bonus content: DatelinePremium.com