MIT Media Lab Develops openPDS For Controlling Access To Your Data, Even The NSA

Given the revelations of the NSA’s data-gathering program coupled with the fact that if you use essentially any Internet services your data is out there and capable of being mined, more users than ever are looking for ways to thwart the prying eyes of power that be. One solution, called openPDS, has been developed by the MIT Media Lab’s Human Dynamics group and ID3, and it’s designed to allow users to “collect, store, and give fine-grained access to their data all while protecting their privacy”.

The concept is to give users a Personal Data Store (PDS) where all of their data resides, which ostensibly gives the user greater control over what data is shared and where or to whom that data is shared.

Practically speaking, take for example the issue of geospatial data. Just by using data from a handful of mobile apps, one could pinpoint your location easily. What openPDS does is process sensitize data within the PDS and then instead of allowing an application to grab raw data, it gives out code, or summarized data.

openPDS structure

For example, openPDS allows you to simply “answer a question”--eg, “Are you in New York”, “Yes” or “No”-- about your location instead of giving an app access to raw accelerometer or GPS data. Thus, you could “tell” the application that you’re in New York without coughing up specific information. This makes it harder to generate data that is easy to harvest.

Thus, openPDS sits between the entity looking for data--be it an application or a domestic spying program--and your information, including location data, browsing history, email information, and so on.

There’s also a notion that the paradigm of openPDS, which you could use on your home systems and on your phone, would thwart entities such as the NSA because the data is technically at your residence or on your device instead of in the possession of Google or Yahoo! or Microsoft. Thus, a warrant handed to an Internet company wouldn’t dig up your data; the NSA would have to serve you directly.