About Divvi Up
Divvi Up is a privacy-respecting telemetry service for web, mobile, and machine learning applications.
Applications such as web browsers, mobile applications, or websites generate data. Normally they would just send all of the data back to the application developer, but applications using Divvi Up will split the data into two anonymized and encrypted shares and upload each share to different data share processors that do not share data with each other. This way only minimal information about the original data is revealed to either processor. Each processor then aggregates its data shares into a partial sum. The partial sums can then be combined into a final aggregation, permitting useful statistics or averages over the whole body of data while revealing minimal information about individual participants. This system is based on the Prio protocol developed at Stanford by Henry Corrigan-Gibbs and Dan Boneh.
How it works
A simple scheme. Complex math.
Divvi Up takes a user-generated metric, from a mobile device, web browser, or other application, and divides the metric into two encrypted shares as it leaves the origin. One half of that metric is sent to a Divvi Up server, the other to a third-party server. When an application owner queries an aggregate statistic of its users, Divvi Up combines the divided metrics from all users and recombines them into a privacy-preserving aggregate.
ISRG can operate data share processors for your organization through our Divvi Up project. The software we use is open source and we have extensive experience running public benefit infrastructure. Our organization also operates the Let's Encrypt certificate authority.
Because the privacy-respecting architecture of this system depends on splitting user metrics up into two shares, you will need a second data share processor server. The second data share processor can be operated by your organization or another provider.
Open Source Repositories
Most of the code we use to operate Divvi Up is open source.
Divvi Up is based on open standards and most of the code we use to operate it is open source.