Skip to Content
77 Mass Ave

Personal data control

A new platform lets people manage how companies can use their data.
April 24, 2019
An image of cellphone app icons
An image of cellphone app icons
An image of cellphone app iconsJustin Sullivan/Getty Images

Mobile apps and web services that store user data on servers in data centers often make use of it themselves. They might aggregate the data to gain insights into consumer shopping patterns; sometimes they share it with advertisers. Traditionally, however, users haven’t had much control over how their personal data is used.

Riverbed, a new platform developed by MIT and Harvard University researchers, ensures that web services honor users’ preferences on how their data is stored and shared in the cloud. It works by having a proxy run on a user’s device to mediate communication with the cloud services. When a service uploads user data, the proxy tags it with a set of permissible data “policies”such as “Do not store my data in persistent storage” or “My data may only be shared with the external service x.com.”

In the data center, Riverbed assigns the uploaded data to an isolated cluster of software components, called “universes,” which each process only data tagged with the same policies. Riverbed monitors the server-side code to ensure it adheres to a user’s policies and, if it doesn’t, terminates the service.

“Users give a lot of data to web apps for services,” says Frank Wang, SM ’16, PhD ’18, who invented Riverbed with Harvard PhD student Ronny Ko and associate professor of computer science James Mickens. “We give users control to tell web apps, ‘This is exactly how you can use my data.’”

Keep Reading

Most Popular

AGI is just chatter for now concept
AGI is just chatter for now concept

The hype around DeepMind’s new AI model misses what’s actually cool about it

Some worry that the chatter about these tools is doing the whole field a disservice.

Hoan Ton-That, CEO of Clearview AI
Hoan Ton-That, CEO of Clearview AI

The walls are closing in on Clearview AI

The controversial face recognition company was just fined $10 million for scraping UK faces from the web. That might not be the end of it.

Europe's AI Act concept
Europe's AI Act concept

A quick guide to the most important AI law you’ve never heard of

The European Union is planning new legislation aimed at curbing the worst harms associated with artificial intelligence.

Stay connected

Illustration by Rose WongIllustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.