Divvi Up: A privacy-respecting system for aggregate statistics
Privacy, Enforced by Technology
How Divvi Up Works
A user-generated metric
Divvi Up works for any data that can be collected across a population, like telemetry, survey results, or many other scaled metrics collection use cases.
Divide the metric
Metrics are fed into a library where they’re divided into two shares (Divvied Up!). The shares are then encrypted locally, before any data leaves the device.
Two non-colluding servers
With two separate servers, each with only a partial share, it's impossible to deduce the whole metric. After validating the input, each server performs additional de-identification and aggregation.
Produce insights while protecting privacy
Divvi Up makes it possible to gain insights about your population of users without compromising individual privacy. Mitigate compliance risks, eliminate the need to store PII for telemetry, and respect your users’ privacy.
An update on Divvi Up and the Distributed Aggregation Protocol
A new aggregation algorithm and preparing for production.Read more
A Year-End Letter from our Executive Director
It's been an exciting year for ISRG and its projects: from Let's Encrypt issuing its three billionth certificate to Prossimo supporting the efforts to get Rust into the Linux kernel.Read more
ISRG raises more than $1M for advancing Divvi Up
With more than $1M in funding from Open Tech Fund, Ford Foundation, Robert Wood Johnson Foundation, and Google, Divvi Up is building a privacy-respecting metrics service.Read more