 Well, thank you. I know you've all probably had a very long week So I'm excited to talk about privacy and what three which I think is a super super important topic and what I'm glad We get to cover in funding the comments So to start I'm Henry Stern I used to work at protocol labs where I worked on the Falco and consensus algorithm and I Recently started a company called privy to work on data privacy and what three so if nothing else I think my takeaway from this is Hopefully to convince you that privacy is one of the big issues that we get to work on in the space and one in which Web three has a major impact to have With that in this talk, I'm going to try and get through a few things So we'll start off talking about commons and coordination. Why am I talking about web three so much? We'll then jump to privacy and trying to see how is privacy of commons on the web? What can we do about it? I'm then going to shill for a little bit and talk about what I'm working on Before talking about ways to look forward on how we can actually fund Privacy on the web. So with that, I'll kick us off with a story So I'm sure many of you have read this. It's a really really great piece in Slate start codex called meditations on Malik So what is Malik? It's from a Alan Ginsberg poem Malik the incomprehensible prison Malik whose mind is pure machinery Malik whose eyes are a thousand blind windows Underlined a few words here incomprehensible machinery blind I think because the definition of Malik traps is that they make us feel like we have absolutely no agency over our place in society and over the systems in which we live and To take a step back a Malik trap Explains Slate start codex is a situation in which for lack of coordination as humans We fall into a global minima place where no one's happy No one knows how we got there and no one knows how individually to do anything about it So the implicit question is if everyone hates the current system Who perpetuates it and Ginsberg answers Malik? It's powerful not because it's correct But because thinking of the system as an agent shows you the extent to which it isn't an agent And This is where coordination will come and save the day I'm gonna jump now to talking about Bitcoin obviously because there's a very clear transition from one to the other and I'll try and explain it if you look at Bitcoin Bitcoin at a high level is a set of transactions which along with proof of work meaning a reward to fight double-spent leads to a verified ledger in ordered set of Transactions that you can agree on without any single party maintaining a state in you know English that means you have shared state you add incentives and you get coordination and To that end I think it's a fair statement to say that what three as a socio-economic project beyond economics or the I guess Yeah, as a socio-economic project is really about marshaling economic resources It's about coordinating people who otherwise don't know each other systems that otherwise have nothing to do with one another and So, you know you might say why should I care about this? For that I'm gonna take a step back and and trying to find comments. I was clearly Excited about the prompt. I think comments can be defined as a shared resource manage privately So there are things which we all have a say in or all depend on as humans which we all Have to manage together But on whom we have individual impact that is to say that the tragedy of comments is that in these systems We can sort of exploit them for privatized gains even though the losses are socialized The obvious really good example is the environment And so you should care because you know doom and gloom is upon us But beyond that I think you should care because we fall into this state of I think the spare when we are faced with Comments or tragedy of commons, which is we feel completely powerless as individuals to do anything about it So what I'm hoping you'll come away with is that we have an opportunity Through coordinated action to actually do something to topple the system that at first glance seems to be completely Beyond repair So with that I'm gonna try and talk about privacy as part of the system and I actually think there's a good analogy here Between global warming and privacy and that if you ask people do you care about global warming? Most everyone is gonna say yes just and if you check what are they doing about it? Most people don't do that much. I took a plane very recently and blew through my carbon for the air And I think likewise in privacy it ranks super super high in stated preference But it's something that we kind of feel powerless to do anything about So before we I'm kind of answering the question up front, but I'll ask is privacy a commons and In order to get into it. I'll try and define privacy. This is Wikipedia Privacy is the ability of an individual or a group to seclude themselves or information about themselves And thereby express themselves selectively in the words of my co-founder whom I left to embarrass And I think quoting her will do just that privacy isn't about no data being shared. It's about control over data It's about putting users in control over what they share and with whom And so is privacy a commons? Let's take a simple example Alice and Bob have a secret or Alice has a secret in this case. We are operating in a state of privacy Alice decides to share the secret of Bob. They now both know the secret. The system is still private Unfortunately Bob spills the beans We have lost privacy in the system And so what we can see is that you know privacy in a sense is shared state That requires multi-party coordination in order for the information to only be given to the appropriate parties All of the parties who know the information have to abide by a common set of permissions And so you know the answer obviously is that yes, I think privacy is a very good example of a common good And you know you can see it in a few other ways first an erosion of individual privacy I think leads to collective erosion of privacy if you give up on your own privacy in a sense You're normalizing the fact that privacy doesn't matter all that much or making it easier to attack anyone else's privacy and Conversely, we've seen through history and I'll go back to that in a second that You know privacy exploitation is a very good example of privatized gains for socialized losses But I don't want to get too meta here. So I'm going to jump back into privacy for what to I Think you may have caught the joke. I will fix this slide right now and Yes, let's talk about privatized Losses or rather privatized gains and socialized losses So at its core privacy and what to has two really fundamental issues, I think First the obvious one There's a monetary incentive to subvert privacy in the data model of what to which is to say I provide infrastructure for you as a service provider. You don't pay me for it, but in exchange I sell you for it The second issue is a little bit more subtle But it is basically a handoff of user data of user state took corporations in exchange for better UX Put simply I think you know no one wants to run their own servers And so we've basically agreed to have someone else run it for them to have someone else control our data in order to get a better experience online So we need alternative business models we need better permission standards now Thankfully, I hope I'm going to strike Positive node by seeing the system will likely not make it and with that I jump to the next section Which is talking about my work and data sovereignty on the web So we have the opportunity I think to completely change how user data is handled on the web to coordinate to create a system in which as Individuals we can actually exercise a bit more freedom over who gets to see our data and one I'll name the goal. I think the goal is data sovereignty. That's how most people talk about it. What does it mean? Well, it means users have ultimate control over who gets to see what about them one means Expressive revocable permissions and it means data portability My data follows me across the web where I wanted to go if app a has my data And I log in to app B. I grant that be accessed to my data at be can get it Now, obviously, this is a key unlock for users, but this is also a key unlock for devs Means you don't have to manage user data or the infrastructure related means regulatory compliance becomes easier It means you can on board people much more easily you have access to a social graph that was you know, here are two impossible for you to get and You get to build magical new experiences through interoperability How are we doing? Well, right now, I think this is the state of Web three data sovereignty as developers I think we're stuck between sill and shard this on the left You have you know the question is what do I do with my user data? I have these systems that are split between a client a browser or mobile app and the chain shared state What am I to do with user data with personal information? I can either put it on chain. It's a terrible idea because chains are very good ways of Verifying data, but they're not particularly good at privacy. They're transparent by default or I can dump it in Silo database of old the way we've always done it And it's a fair question to ask what's a developer to do I think building a great products hard enough and You know, I want to focus on building the experience. I want for my users I don't want to reinvent the data stack as a developer building another product And so this is sort of the you know urgent call to action is I think unless we make user data handling simple for developers We'll go back to what we know, which is to say siloed exploitative data systems So hopefully There you I've conveyed that there's urgency to fix these systems now I think we're we're running against the clock So here I'm going to shill for a second, but I promise there's a there's a deeper point to this so bear with me I am working on a system called privy privy build simple API's to manage user data off chain Now what that actually means is privy allows you to associate user data to wallets privately We allow you to take on user PII associated to non-chain address So you can build richer UX without putting your users at risk How does it work? Well at its core, this is a cobbling together of four systems There's a key management system. There's a permissions delegation system. There's a storage system and there's a local client the KMS Manages all of the cryptography under which user data is encrypted from the client the permissions Actually, let me pop back a step for a second Using privy you basically integrate privy into your front end and your user inputs data into their app into your app privy basically takes care of Encrypting that data client side using keys that are unique to the data in question It sends the ciphertext up to a data store where if you have right permissions over that data The data store ciphertext is overwritten with the new ciphertext and when you need the data back It checks whether you have read access to that specific user data And if you do it pulls ciphertext from the data store Pulls the appropriate data keys and decrypts the data again locally Privy itself never sees any user data and every piece of data is encrypted under its own unique set of keys So walking this back We have these four main systems the KMS which manages data keys for every piece of data the permissions delegation engine which enforces data permissions The storage system which holds the ciphertext and everything's brought together inside of local clients that run on your users Browsers on your users apps to put all this together Now I'm going to point at this little box here hosted infrastructure What does that mean well it means that today the KMS are run on hardware security modules the permissions delegation is run by Privy's own permission agent and the storage is run on managed infra so now I get the inclination of My what three sort of brothers and sisters which is to clutch our pearls and say but my god this sounds so centralized and it does and I think there's a very good reason for it and namely It is that we are running against the clock We need to build better dev ex in order for people to adopt sovereign data systems before the clock runs out So what that means is we have to build experiences that are really simple the interfaces have to be super super smooth Before we can go on to actually build the protocol to manage all of this But this architecture is the foundation for an open data system, and I'll kind of walk you through how So the thing I've talked about right now is basically fixing the developer issue Privy allows you to associate user data wallets privately so you can build better products And what I'm describing here is the user issue Privy allows you as a user to control your data throughout the web How do we get from a to b? And I think that's through user choice ultimately for me decentralization is valuable And so far as it gives users the ability to control Where they want their data hosted how they want their permissions informed less so because of the fact that say the data Split amongst however many nodes But this means that the KMS instead of being run on managed HSS This can be run through your wallet this means the permissions delegate can live on chain And you can actually delegate to any party you choose this means that storage can happen wherever you want on IPFS Filecoin in the cloud on your local storage or home The question then and this is why I've been talking about privy this entire time other than sort of you know playing my book is Who pays for sovereignty? Because in the first case we've got a very simple business model. It's sass, you know, you use infrastructure You pay for it. We've been doing this for the last 15 years But who pays for the shared data system and this is the last part of my talk Which is how do we actually fund a sovereign data system? How do we build? Sort of self sustained common good in this way I think first that path dependency has made a truth clear Which is we've had 30 years of web 2 and there's no going back users will never pay for privacy at scale The joke maybe is that we've been paying for it this entire time, but we certainly won't agree to be charged for it So what then how do we actually get? Sort of incentives to work properly in the system so it can be Run in perpetuity under user control So I squint at this picture here, and I see data I see data flowing here I see data flowing here. I see data flowing here, and I think to myself man granting access to this data if a user signs it through my app uniswap and I grant access to a sovereign global data network I should be compensated for it because I'm basically contributing to that users freedom online I'm contributing to the public good so granting access with informed consent should be incentivized should be rewarded and Conversely getting access to that data has value. Maybe you should pay for it So I look back, and I think about the now zombie, but once beautiful bit torrent and The really simple tit for tat economics of it in bit torrent. You have peers exchanging data appear Can download data so long as it actually seeds data you get data proportional to your contributions So the straw man here might be okay, so are we saying that apps should contribute user data get to get user data back? I think that's not a very good solution You have availability issues as an app provider When do I decide when to turn on my data faucet or not the pricing super unclear? Certain piece of data is not worth the same for app a and app b Netflix doesn't value your SSN Half as much as say JP Morgan does And there's a synchronicity issue if I contribute data in October. Is it okay for me to get paid in December? Thankfully there's a token for that and mainly I think crypto economics can come to the rescue I think we can use a utility token to intermediate this tit for tat and help price user data in a self-solving system I'm running up on time, but I'm almost done. I promise This is a three-party system You have users who are contributing data to the system in exchange for getting better basically better experiences throughout the web you have apps who are the sort of means to which data is ingested and Displayed to the users and then you have data delegates. These are the infrastructure providers. This is the permissions provider This is the storage layer. This is the KMS You can use a token to basically intermediate all the economic interactions around this The way it would work is users pick their infrastructure provider I decide that I trust Alice Bob and Eve with you know, my KMS permission system and storage system respectively Data that I put in through an app is then tagged With a set of refreshers. I call this the app which is responsible for actually ingesting the data into the system So, you know, I log into Uniswap. I provide them with my email say Uniswap is then associated to my email as being the latest refresher the party that has last sort of been responsible for me Adding to the sovereign data network. I just said that and then queries and Downloads from data stores are actually priced by the requester the app requesting data gets to set a price and The fee is split between the refresher meaning the app that contributed my data to the sovereign data store and the Infrastructure providers that are running the data store Now the token here is exceptionally useful in that it actually allows us to mediate a number of fairly complex economic curves You probably have a cost floor for infrastructure providers I think it should be clear that infrastructure providers should have to provide data if they're asked But obviously they should be able to sustain this at least at cost So you have a floor there you probably want to unlock additional services like privacy preserving compute as another set of infrastructure providers here you Want to price in the relative data value for a given requester data values changes over time my Phone number is far less valuable now than it was probably 40 years ago when the internet didn't exist and finally The refresher set probably values apps differently data that I provided through AOL 15 years ago Is less valuable the data I provided through Uniswap yesterday if only because one of them stale So in conclusion I Hope I've conveyed that privacy issues on the web require coordinated solutions. I think this is a commons that we can actually fund And my slides are messed up web 3 gives us the opportunity to get out of the privacy commons trap Time is of the essence and the game is playing out now as the sort of stack that we're building on comes into shape And we have to make doing right by users super super easy for developers And then I think there's a thank you slide here it is Thank you