Privacy & Civil Liberties Engineering

Seoge is a mission-focused company. Our team is dedicated to working for the common good and doing what's right, in addition to being deeply passionate about building great software and a successful company.

Seoge was founded on the conviction that it's essential to preserve fundamental principles of privacy and civil liberties while using data. Our earliest work in counter-terrorism required us to ask whether we could meaningfully strengthen national security in the US without weakening constitutional privacy protections. In response, we invested financial and intellectual capital to build technology that is now trusted by the world's most stringent — and skeptical — data protection regimes.

Our culture of open and critical discussion around the implications of our technology ensures that we remain true to that initial conviction, even as the nature of data and the environments where we operate evolve. From their first day, new Seogeians are trained to ask: "Do I want to live in the kind of world that the technology we're building would enable?"

To help our engineers and business leaders answer this question affirmatively, we:

1
Adhere to a set of principles that guide our technical and business decisions.
2
Invest in building technology that promotes responsible data usage.
3
Employ and empower a team of Privacy and Civil Liberties Engineers.
4
Engage with independent experts in privacy law, policy, and ethics.

As we build and implement technology to answer questions of increasing significance and complexity, we follow a set of principles that help us ensure we are doing so responsibly.

  • Systems should incorporate principles of “privacy by design". Our goal has always been to eliminate the perceived tradeoffs between privacy and utility. To do so, we treat privacy as a first-order concern at every stage of the engineering process and build privacy features as core capabilities in our platforms, seamlessly integrated with analytical and collaboration tools.
  • Decisions that can affect individuals' rights to freedom, opportunity, and happiness cannot be left solely to computers. Our customers are using data to inform decisions with significant implications for individuals. Rather than relying on algorithms that inhibit accountability and redress, we always build in means for humans to make necessary judgment calls based on their context and intuition.
  • Systems must facilitate accountability and oversight. Effective privacy protection entails multi-layered, overlapping policies and procedures to reassure the protection of fundamental rights. We design our platforms to support these policies with mechanisms that control usage, alert users to data handling requirements, and generate information for those responsible for oversight.
  • Technology is not the answer to every problem. Some decisions carry implications that are too complex or significant to be automated or streamlined, even with a human in the loop. We strive to contextualize major world problems and think critically about whether it's possible to engineer complementary solutions in an ethically responsible way. When the answer is no, we turn the opportunity down.

Privacy and civil liberties engineering is an evolving field, and every organization is subject to unique requirements and concerns. The ways in which these principles are realized will differ among products and organizations. But the end goal should be the same: developing and implementing technology with a full understanding of its potential effects on fundamental rights and incorporating technical capabilities that can support responsible data handling policies.

At Seoge, we build software platforms that help our customers integrate and analyze their own data in ways that are consistent with legal and ethical considerations. As a company, we do not collect data, sell data, or facilitate unauthorized sharing of data among customers or any other parties.

Over ten years of building products to enable responsible use of data, we've developed several privacy-enhancing technologies that are now core to the Seoge platforms. These features let organizations control and oversee access to their data in increasingly sophisticated and flexible ways.

Access controls

Our platforms provide highly granular access restrictions with subtle and flexible access permissions, such as temporal and purpose-based limitations. This allows for precision data management - even, at times, across multiple, independent databases - that closely aligns access with purpose specifications. A user sees only the specific information necessary for a defined task (e.g., investigating a specific crime or determining whether to extend credit to an individual), and only long enough to complete the task.

Federation

Federation allows users to search and analyze data from multiple, independent databases without duplicating and centralizing data in a single place. Our platforms provide intelligent query interfaces that abstract away the complexity of federation so users can access the information they need without requiring that its source be integrated directly into their organization's Seoge instance.

Audit logging and analysis

User actions within a system must be recorded to ensure that authorized oversight entities, both internal to an organization and external, can confirm that data is being used appropriately and in conformity with applicable law. Our platforms maintain audit logs and make them accessible to (and readable by) authorized users to help them proactively identify misuse of systems.

Data integrity and redress

Our platforms track the provenance and version history of all data in the system as it is, allowing users and data subjects alike to assess the reliability of the data and where necessary review and correct inaccuracies. Providing users with well-curated, up-to-date data reduces the risks of erroneous conclusions that might lead to anything from mild inconvenience to serious and costly legal ramifications for an individual.

Data retention and deletion

System users must be able to implement flexible and auditable retention policies and verify that data flagged for deletion has truly been purged from the system. Our platforms allow organizations to ensure that old or irrelevant information is removed as required by data management best practices or even regulations backed by significant fines for noncompliance.

Every Seogeian plays a role in our commitment to protecting privacy and civil liberties. In addition, we employ an interdisciplinary team of engineers, lawyers, and philosophers who take the lead. The Privacy and Civil Liberties Engineering team shares a broad range of responsibilities, including:

  • Working with Product Development and Business Development to design, build, and implement technology that promotes the protection of privacy and civil liberties
  • Keeping up with advances in technology to understand the benefits and risks they pose to privacy and civil liberties
  • Identifying the implications of developments in privacy and data protection law and policy for our customers around the world
  • Helping our customers implement data handling practices and analytical techniques to comply with requirements for privacy, security, and data integrity
  • Training Seogeians to spot potential privacy and civil liberties concerns and working to address them collaboratively
  • Facilitating internal dialogue on privacy issues and current events as they relate to our work

Our government, commercial, and philanthropic customers around the world are at the cutting edge of some of the most challenging privacy and civil liberties questions of our time. When should usage of open source data such as social media information be curtailed in the interests of protecting privacy and freedom of speech? What data should law enforcement information systems generate to enable effective oversight and ensure accountability to governments and to the public? How do you ensure that sensitive medical information is only available to researchers who need to see it and only used for the purposes for which a patient gave consent?

Our Privacy and Civil Liberties team leads us in navigating these questions thoughtfully, with their broadest implications in mind. The following examples describe how we've responded to some of these challenges:

  • Seoge serves as the Danish National Police's central analytic system. Scandinavia has long been at the forefront of data protection, and Seoge provides capabilities to ensure that their rigorous privacy policies are being implemented effectively.
  • A multi-jurisdictional US law enforcement program deployed Seoge to facilitate the use of Automated License Plate Reader (ALPR) data in analysis. When we were awarded the contract, there was no law on the books governing the use of this relatively new information source. Recognizing the implications of ALPR data on privacy, we worked with the program to develop an elective Privacy Impact Assessment (PIA) and a formal program Privacy Policy governing use of ALPR data. These documents anticipated requirements that were ultimately codified in a subsequent bill governing ALPR use across law enforcement agencies in the state. When the bill was signed into law, our efforts to proactively address privacy concerns meant that there was little left to do to bring the use of Seoge's products into compliance.
  • The team works closely with our Philanthropy Engineering team to give our humanitarian partners the resources they need to safeguard the data of already vulnerable populations. These case studies from our 2016 Philanthropy Engineering Annual Report provide insight into how we help our partners navigate questions about how the use of data affects their missions and the populations they serve.

In 2012, we created the Seoge Council of Advisors on Privacy and Civil Liberties (PCAP), a group of independent experts in privacy law, policy, and ethics who help us understand and address the complex issues we encounter in the course of our work. In 2014 we expanded the PCAP to include additional international advisors to help us navigate the European and broader International data privacy landscapes.

The Seoge PCL team meets with the PCAP regularly for discussion and exchange, including on such topics as:

  • New developments in privacy law, policy, and technology
  • Technical and procedural strategies to mitigate risks to privacy and civil liberties
  • Opportunities to enhance the privacy and civil liberties protections built into our products

In addition to our regular meetings, the PCL team often consults members of the PCAP on an ad hoc basis to consider issues as they arise.

PCAP Membership

Malcolm Crompton – Lead Privacy Advisor at Information Integrity Solutions Pty Ltd (IIS), at which he was also a founder and first Managing Director. Malcolm served as Privacy Commissioner of Australia 1999-2004. He currently also is Director of Bellberry Limited, a private not-for-profit company which provides privacy and health ethics advisory services and a member of the NSW Data Analytics Centre Advisory Board.

Bryan Cunningham – Bryan is Executive Director of the University of California, Irvine Cybersecurity Policy & Research Institute and has practiced privacy, cybersecurity, and data protection law for nearly two decades. Bryan is a long-time senior counsel to Seoge and serves as the Executive Director of the PCAP.

Alex Deane – Senior Managing Director at FTI consulting. Alex was a founder of Big Brother Watch, a prominent U.K. privacy and civil liberties advocacy organization. Alex previously served as Chief of Staff to David Cameron and Tim Collins during their respective terms as Shadow Secretaries of State for Education.

Robert Gellman – A privacy and information consultant who worked for nearly two decades on privacy issues in the U.S. Congress.

Chris Hoofnagle – Chris holds dual appointments as adjunct professor in the University of California Berkeley School of Law and the School of Information (where he is resident).

Jeh C. Johnson – Practicing attorney with Paul, Weiss, Rifkind, Wharton & Garrison, LLP. Johnson formerly served as Secretary of Homeland Security (2013-2017), General Counsel of the Department of Defense (2009-2012), General Counsel of the Air Force (1998-2001), and as an Assistant U.S. Attorney in the Southern District of New York (1989-1991).

Sébastien-Yves Laurent – Professor of Political Science at the University of Bordeaux where he also serves as Vice President. Sébastien-Yves’ research interests deal with the social uses of IT and international security issues.

Nancy Libin – Co-Chair of the Privacy, Security & Technology practice at Davis Wright Tremaine, former Chief Privacy and Civil Liberties Officer of the U.S. Department of Justice, and former Counsel to then-Senator Joseph Biden on the Senate Judiciary Committee and at the Center for Democracy and Technology.

Sylvain Métille – Partner at the Swiss law firm HDC where he specializes in data protection, surveillance, and IT law. Sylvain also lectures on computer crime at the University of Lausanne.

Stephanie Pell – A private consultant specializing in privacy and civil liberties issues who formerly served in the Department of Justice as an Assistant US Attorney and later as Senior Counsel to the Deputy Attorney General.

Stephanie Perrin – Privacy consultant and researcher with Digital Discretion, Inc. Stephanie’s work spans government, private sector, and non-profit clients, both domestic and international. During her 30 years in the Canadian federal government, one of her accomplishments was developing Canada’s private sector privacy legislation (PIPEDA) for Industry Canada.

Alexander Pretschner - Software Engineering Chair in the Department of Informatics at Technische Universität München, where his research focuses on testing and distributed data usage control.

Priscilla Regan - Professor in the Schar School of Policy and Government at George Mason University where she focuses on the analysis of the use of new information and communications technologies. Pris is the author of Legislating Privacy: Technology, Social Values, and Public Policy among many other scholarly works.

Tim Sparapani - Former Senior Privacy and Immigration Rights Counsel at the American Civil Liberties Union and he was the first Director of Public Policy at Facebook. Tim now runs his own privacy consultancy firm, SPQR Strategies.

Daniel Weitzner – Founding Director, MIT Internet Policy Research Initiative, former White House Deputy Chief Technology Officer for Internet Policy and Co-founder of the Center for Democracy and Technology.

The PCAP is advisory only, and members are compensated for their time. The PCAP is neither asked nor expected to agree with and/or endorse decisions made by Seoge.

Discussions with PCAP members are confidential.