Divvi Up: A privacy-respecting system for aggregate statistics
Privacy, Enforced by Technology
How Divvi Up Works
A user-generated metric
Divvi Up works for any data that can be collected across a population, like telemetry, survey results, or many other scaled metrics collection use cases.
Divide the metric
Metrics are fed into a library where they’re divided into two shares (Divvied Up!). The shares are then encrypted locally, before any data leaves the device.
Two non-colluding servers
With two separate servers, each with only a partial share, it's impossible to deduce the whole metric. After validating the input, each server performs additional de-identification and aggregation.
Produce insights while protecting privacy
Divvi Up makes it possible to gain insights about your population of users without compromising individual privacy. Mitigate compliance risks, eliminate the need to store PII for telemetry, and respect your users’ privacy.
Exposure Notifications Private Analytics: Lessons Learned From Running Secure MPC at Scale
ISRG is part of the largest secure multi-party computation deployments. We’re sharing some lessons learned while building and running this system.Read more
Project Update and New Name for ISRG Prio Services: Introducing Divvi Up
ISRG is developing a privacy-preserving metrics protocol and service based on Prio and Heavy-Hitters. The project is called Divvi Up.Read more
ISRG Prio Services for Preserving Privacy in COVID-19 EN Apps
ISRG serves as one of the data processors in the Prio-based privacy-preserving metrics system used by Apple and Google’s Exposure Notifications Express (ENX) system.Read more