Cape Privacy applies ML to encrypted data to address security concerns

Join today’s leading executives online at the Data Summit on March 9th. Register here.

Look back to the days when HTTP/SSL was a newly introduced protocol. 

Initially, it was applied by entities shuttling the most sensitive data back and forth — typically credit card or other financial info. 

But today, it’s in universal use, applied almost everywhere. In fact, if you don’t see that tiny lock icon at the far left of your address bar, it’s a red flag to get out. 

Cape Privacy sees secure multi-party computation taking the same adoption curve so that it becomes “absolutely ubiquitous.”

“We believe in a world where intelligent products and services that are using AI will be encrypted by default,” said Gavin Uhma, Cape Privacy CTO and co-founder. “To get there, we need to lower the cost of adopting secure computation, make it easy to use, and accessible.” 

According to IDC, 68% of data collected by organizations goes unused. One of the primary reasons for this: Data security concerns. 

Making predictions based on encrypted data

This is a huge missed opportunity for businesses, said Uhma, and it’s where Cape Privacy intends to become an industry leader. Its platform enables organizations to achieve encryption-in-use and run predictive machine learning (ML) models on encrypted data without ever decrypting it. The San Francisco company just released a self-service version of that platform optimized for the Snowflake data cloud. 

“When dealing with the most sensitive information in the world, such as financial data, it’s critical that security is prioritized,” said Ché Wijesinghe, Cape Privacy CEO. “That said, the potential benefit to the customer when using that data for insights cannot be ignored. Giving organizations the ability to maintain encryption at all times, they can close that risk gap and finally put their most sensitive data to work safely.” 

Traditionally, to gather value from encrypted data, it had to be decrypted, putting the plaintext data at risk of exposure to threat actors, or human or technical errors. 

With Cape Privacy, the data is never decrypted, so there is no risk of a breach, Wijesinghe explained. The company’s technology — which he called the first of its kind in a self-service capacity — combines the well-established cryptography scheme of secret sharing with secure multi-party computation. This allows organizations to protect encryption keys and keep sensitive data encrypted even while running it through their chosen prediction model from their Snowflake environment. 

“It boils down to the ability for users to move sensitive data to the cloud,” Wijesinghe said. 

Partnering with Snowflake

Focusing on Snowflake allows “focused surgical applications,” he said, and the partnership came about because the data cloud company was looking to expand into financial services. The industry is a rapidly growing adopter of ML and is actively investing in cloud migrations. 

Up to this point, large financial firms and capital markets have been hampered from making such movements due to federal regulation. But platforms and technologies like Cape Privacy’s are allowing them to safely evolve and capitalize on the data that they collect but otherwise haven’t been able to use, Wijesinghe said. 

Cape Privacy has also partnered with Tableau and DataRobot. 

“We recognize that we’ve hit a really strong, focused use case where they need access to all this confidential data,” he said. “Cape Privacy allows them to use that data while maintaining security and privacy.” 

Wijesinghe called it the next level of encrypted data access. For too long, companies have had to resort to one of two drastically different options: Moving data to the cloud, then locking it down tight, or using “inadequate technologies” such as basic tokenization to run predictions. 

“Privacy and security are top concerns that all organizations that we work with have,” said Wijesinghe. Now they can run powerful AI predictions on encrypted data at the point of encryption, he explained. Anywhere you apply ML, you can apply secure ML. 

The Cape Privacy platform is simple when it comes to both setup and use, he said. “It’s a very intuitive user interface with plug and play aspects,” Wijesinghe explained. Users can quickly and easily access encrypted data, use it, run queries, create new setups, and add and invite other users. 

A big end goal is to enable organizations to safely and securely share encrypted data with third parties. But getting to secure multi-party computation ubiquity isn’t going to be “an overnight success, he emphasized. It will unfold over months and years as challenges such as complexity, use case application and scale are overcome. 

“Data sharing is really downstream or upstream for where we are today,” Wijesinghe said. “The huge opportunity we see on the horizon is secure data sharing and collaboration.” 

Cape Privacy’s goals are nothing short of lofty. As Wijesinghe put it, “imagine a world where all the data in the cloud is encrypted in some shape or form.”
The company aims to be ubiquitous in that area, the conduit for it, he said. “We believe that, based on the technology we’ve built, once we scale up and scale out, we become that dominant secure engine for encrypted data.”

Originally appeared on: TheSpuzz