DRM

I had an interesting thought occur to me today. In the spooky post-Edward Snowden world, the holy grail is to make web services that don't actually have to have access to your data. For example, Google Chrome's syncing feature has optional encryption that prevents Google from being able to see your browser history. It's encrypted with your password on your computer and then stored on their servers; they can't decrypt it. It's very difficult right now to do that for anything more complex but, ideally, we'd be able to have that same level of security everywhere.

And that's the interesting part - the thing we want now is the very same thing that the copyright industry has been trying to invent for decades: DRM. We want to have web services that do things with our content, but only certain things that we specify. And, much like traditional DRM, this cloud DRM would require some kind of enormous technological breakthrough to get off the ground.

Interestingly, something like that is on the horizon. Fully Homomorphic Encryption, or FHE is basically a system where the code itself as well as the data is encrypted. It's pretty fringe stuff and right now the performance is way too bad to be practical, but the theory is there and it's probably a matter of time before it happens. There are also sort of ghetto-homomorphic systems like CryptDB that do clever hacks to transform the store the encrypted data in a form where it can still support certain operations without doing proper FHE.

All that aside, though, the really scary thing to consider is that any progress in this field is simultaneously progress in online privacy and in DRM. With each step we come closer to a world where our personal data is safe on other computers, but content on our computers can be similarly kept safe - from us.