Lea Kissner is back at her alma mater, the University of California
at Berkeley, armed with a crisp gray blazer, a slide deck, and a laptop
with a ‘My Other Car Is A Pynchon Novel’ sticker on it. Since graduating
in 2002, she’s earned a PhD at Carnegie Mellon in cryptography and
worked her way up at Google, where she manages user privacy and tries to
keep things from breaking. She’s here to tell a hall of computer
science students how she did it—and also how to create
privacy-protective systems at a scale that you won’t find outside a
handful of massive tech companies.
 |
| Photo: Lea Kissner |
When privacy breaks down at
a tech company, especially one the size of Google,
it inevitably leads
to countless headlines and congressional hearings. The word “Equifax” or
“Yahoo” is more synonymous today with hacking than with any service
either company offered. If its exploitation by Russian intelligence was
not enough, Facebook’s reputation has been battered over the past month
as its years-long negligence to protect user data from Cambridge
Analytica has been revealed.
It’s
a fate that Google, of course, would very much like to avoid. And
making sure that Google products protect the privacy of users around the
world—and that Google accounts for individual users’ varying
definitions of privacy—is Kissner’s job.
Kissner’s
responsibilities include making sure that Google’s infrastructure
behaves the way it’s supposed to, transmitting user data securely and
not leaving bits of data hanging around in the wrong spots. If someone
sends an email, it needs to not leak in transit. If that person deletes
the email, it has to actually go away without leaving a residual copy on
a maintenance server. Another part of the job is making sure Google’s
products behave the way users expect them to. This also involves
considering how someone with malicious intent might take advantage of a
Google product and patching up those holes before they’re exploited.
Kissner leads a team of 90 employees called NightWatch,
which reviews almost all of the products that Google launches for
potential privacy flaws. Sometimes, products just need a bit of work to
pass muster—to meet the standard of what a former colleague of
Kissner’s, Yonatan Zunger, calls “respectful computing.”
The
fundamental challenge for a team like NightWatch, Zunger says, is making
computing systems that people feel comfortable using. “They don’t feel
safe, they don’t feel trust. They look at companies and they don’t know:
Does this company have my best interests at heart at all? If you don’t
deeply and intuitively understand the company’s business model, you can
assume the worst,” Zunger explains.
Being respectful of a user can
be as simple as giving her a way to respond to a product that bothers
her, whether its an ad for a chicken recipe that’s not relevant for her
because she’s a vegetarian or an abusive message that she wants to
report. Sometimes, products have privacy failings at their core and they
don’t get NightWatch’s signoff—and so they don’t launch.
“I’ve
had a fair number of teams come out of that and they say, ‘We need to
find a new project now because we need to cancel our project,’” Kissner
tells me. “I heard a rumor that I’m scary when I go into these
conversations, which I find very surprising because I don’t think I’m a
very scary person.”
Kissner has even had to hit the kill switch on
her own projects. She recently tried to obscure some data (which exact
data she won’t say; Google is cagey about going into detail on its
sidelined ventures) using cryptography, so that none of it would be
visible to Google upon upload. She was looking forward to whiteboarding
it out for Google’s lawyers—“Trying to explain crypto to lawyers is
always exciting”—but it turned out that making the feature work would
require more spare computing power than Google has in all of its data
centers, combined.
“I’m keeping an eye on the crypto conferences
in case something comes up that we can use,” Kissner says sadly. “I hope
somebody else figures out how to solve a problem if I can’t solve it.
One of the advantages to working at Google is that you have choices that
would just be considered completely out of the question anywhere else.
Even so, I can’t always get the answer right.”
No comments:
Post a Comment