A Private Interview with Faroo
This week our Guest Author is Kaila Colbin.
Privacy is a hot-potato word these days.
As Google gets bigger and bigger, there’s been lots of talk about things like the appropriateness of its search records and the correct length of time before its cookies expire. Search engines have to walk a fine line between gathering information to improve their services and being vulnerable to data leaks, breaches, or subpoenas. Now a recent court case states that data could be subpoenaed if you’ve had access to it for as little as six hours—not much comfort to users when Google retains search history for 18 months.
Given the importance of the issue, we’re taking this opportunity to explore how one Alternative Search Engine, Faroo, is handling your top-secret data.
Faroo is taking a pretty interesting approach to searching.
They’re using a peer-to-peer model—think Yahoo crossed with Napster.
Obviously, accessing a search index off of your peers’ home machines and allowing others to access yours provides a unique set of privacy issues. Napster may have paved the way, and certainly millions of people are already quite comfortable with the peer-to-peer concept, but Napster’s ongoing legal troubles have left some people with a level of skepticism regarding file-sharing networks.
P2P networks actually have an edge on the competition when it comes to this issue, because information isn’t centrally stored, but that doesn’t mean they don’t have to worry about it.
I asked Matgorzata Garbe, Faroo’s CEO, a few questions about how their business is impacted by privacy.
“We’ve spent a lot of time thinking about a solution that pays attention to both functionality and privacy. We believe that our solution makes better use of personal information than current search engines can, and at the same time it protects privacy better than almost all other search engines. There are no log files, there is no central entity, and no personal information leaves the desktop. FAROO is working as a kind of distributed anonymizer, and no search terms can be logged or blocked by any intermediate party or even the FAROO company itself.
Thus the balance of privacy and functionality is not solved as a compromise, but in a way that makes both aspects superior to current solutions. This is only possible through distributed search.
The distributed architecture of the search engine and the client approach of personalization provides the core solution to privacy issues you have with centralized search engines.
On the other hand, with a distributed search engine we don’t have the same level of direct control as with a centralized server. So we had to implement a lot of additional measures to ensure the reliability of our system, the integrity of the data, and the security and privacy of our users. This is done by using strong cryptography and signatures, as well as the “wisdom of crowds”, to prevent single attackers from polluting the system.”
What’s different about a P2P network?
Essentially, with a P2P network, the security burden shifts away from maintaining the privacy of your records and towards ensuring that peers are only accessing the bit of your machine you want them to, rather than all the other stuff you’re trying to keep secret. So while Faroo doesn’t have to worry about subpoenas of their search records (because they don’t have any), they do have to worry about the confidence of their user base.
“Improving the level of privacy compared to current search solutions is one of our main selling points. One the other hand some people have some skepticism about client software in general, and peer-to-peer software in particular (perhaps resulting from the file sharing scene).
Therefore it’s important for us to have clear and open communication with our users, what exactly we’re doing, and what we’re not doing, and how the user is benefiting from our technology.”
The eternal debate: Privacy vs. Relevancy
We also talked about the tension between improving the relevance of search results and maintaining user privacy. The P2P approach is well suited for that, and Faroo takes anonymity seriously:
“I believe that personal information belongs to the user, and shouldn’t be collected without his prior consent. In real life hopefully nobody is recording each of your steps along the street, and nobody should observe us within the Internet. But because it can be done technically, people do it. On the other hand, we use technology as a cure for too much curiosity.
In conclusion:
The search history contains valuable information, which could be very useful for ranking and personalization. Using this information for improving search and providing results with better relevancy is vitally important to cope with the steadily growing information overload.
But because this information can tell also a lot about a person, it should be used solely for the user or in a fully anonymized matter to utilize the “wisdom of crowds”. With our solution no personal information leaves the user’s computer at any time.”
I write a lot about privacy on the VortexDNA blog, and I’m always interested in knowing how these issues are impacting webcos and users. Matgorzata was generous in providing a good look at Faroo’s perspective, but let’s open this up to the wider ASE community: what’s your approach towards privacy?
Kaila Colbin blogs for VortexDNA, whose technology can improve relevance for search engines, ecommerce sites, or any other recommendation service.
July 19th, 2007 at 8:56 pm
[…] A Private Interview with Faroo—check out the fascinating world of P2P search. […]