For your eyes only: Priv.ly acts like invisible ink for the Web


Right now, most of the sites and services you use and enjoy are violating your privacy. Google reads your email. Twitter logs your tweets. The U.S. government watches everything. And all types of shady data brokers are gathering your online comments to package and sell to the highest bidder. The game, as they say, is rigged. And we, the Internet users, are on the losing team.

Enter Priv.ly, a new service that wants to put the power of privacy back in your hands, and give control of your data back to its rightful owner — you.

Launched by Sean McGregor, a computer scientist at Oregon State University and Priv.ly’s lead developer, Priv.ly is an open-source project that allows users to encrypt any message they like, and easily share that message online, via Facebook, Google+, Twitter, email, or any other place that one might share information or comments.

The first part of the Priv.ly project is a browser extension, which is currently available by invite-only for Firefox and Chrome. Users must create a Priv.ly account, which they sign into before using the extension. Once signed in, users can type out their message, then right-click to encrypt the message, which is then posted to Priv.ly’s secure servers. (Priv.ly will eventually use peer-to-peer sharing, cutting out the middle man entirely.) This process automatically creates a link to the message, which can only be viewed by invited parties. So, if you want to post something private to Twitter, you can encrypt your tweet using the Priv.ly extension, and the only information that Twitter “sees” is the Priv.ly link — no personal information is shared. It works in basically any field where you can type, from Facebook to Reddit to email.


By using Priv.ly, you remove the ability for social networks and other websites to peer into your conversations — personal communications become personal again.

“When I first joined Facebook, the deal they made with their users was very clear,” says McGregor in an interview with Digital Trends. “You knew exactly when and where your information would be viewable. The problem is that they, and just about every other web company, archived all their user contributed data for all time. Either through incremental changes, or big redesigns, that data gradually became available to an audience that it was not intended for. By separating permissions and presentation, we can effectively reduce websites to their core offerings, whether that is a social graph in the case of Facebook, or a social voting system in the case of Reddit. Neither system needs to be able to read your content.”

Priv.ly recently launched a $10,000 Kickstarter project, which, with 13 days left to go at the time of this writing, is well over 50 percent of the way to its goal. [Update: A day later, and Priv.ly is now well past its goal, with over $11,000 pledged so far.] While the money will be used to help further build Priv.ly, and get it ready for a public launch, McGregor says that “the purpose of the Kickstarter for us is more for recruitment than money.” The more people Priv.ly has testing out the system, the better it will work, and the more security the service will give its users. That, says McGregor, is the entire purpose of making Priv.ly open source.

“I can’t emphasize enough that you should not trust a security application that is not vetted by a broad audience,” he says. “Second to that, something as fundamental as building privacy into the internet should be a community process. No one should own the ability to protect your content.”

While McGregor says that most people who find out about Priv.ly like it because it is a “cool concept,” it is also a revolutionary one — a complete 180-degree shift from the way most social networks do business. Not a day goes by that companies like Google and Facebook are gathering data on their users (you and us) to help pad out their advertising business, among other things. This isn’t necessarily all bad, however, as much of the Web is based on advertising that makes use of complex and detailed user profiles, and wouldn’t exist without these revenue streams. According to McGregor, however, these companies can do just fine without reading your private conversations.

“I come from the world of big data, and I can say that Facebook ‘likes,’ and what you search for are far more valuable to advertisers than your personal communications,” says McGregor. “The difference between your written text and things like ‘likes’ are you have a choice on whether you ‘like’ something, but you are unlikely to be able to steer your family to a new social network.”

Obviously, an easy-to-use text encryption service like Priv.ly will also be widely helpful in countries like China and Iran, where Internet censorship is far more real, and far more dangerous, than it is in the United State. As the Priv.ly website shows, had people in Egypt had access to Priv.ly a year ago, it might have been much easier to organize protests and other demonstrations without having to worry about the government intercepting the plans.

Currently, Priv.ly remains in private beta. If you’re interested in trying out Priv.ly, you can snag an invite by donating $5 or more to the Kickstarter project. (Ten dollars will get you five invitations.) McGregor says the team working on Priv.ly has not yet set a date to allow in more users.

“It will be open to the general public when we can make reasonable assurances of security, usability, and reliability,” he says. “In short, the general public will be able to use Priv.ly when it is ready. We are going to do this right.”