1 00:00:01,066 --> 00:00:06,174 Twenty-five years ago, scientists at CERN created the World Wide Web. 2 00:00:06,174 --> 00:00:10,083 Since then, the Internet has transformed the way we communicate, 3 00:00:10,083 --> 00:00:13,545 the way we do business, and even the way we live. 4 00:00:13,545 --> 00:00:15,717 In many ways, 5 00:00:15,717 --> 00:00:20,542 the ideas that gave birth to Google, Facebook, Twitter, and so many others, 6 00:00:20,542 --> 00:00:23,146 have now really transformed our lives, 7 00:00:23,146 --> 00:00:27,433 and this has brought us many real benefits such as a more connected society. 8 00:00:27,433 --> 00:00:30,234 However, there are also some downsides to this. 9 00:00:31,134 --> 00:00:33,967 Today, the average person has an astounding amount 10 00:00:33,967 --> 00:00:36,080 of personal information online, 11 00:00:36,080 --> 00:00:39,737 and we add to this online information every single time we post on Facebook, 12 00:00:39,737 --> 00:00:41,939 each time we search on Google, 13 00:00:41,939 --> 00:00:43,721 and each time we send an email. 14 00:00:44,341 --> 00:00:46,343 Now, many of us probably think, 15 00:00:46,343 --> 00:00:49,453 well, one email, there's nothing in there, right? 16 00:00:49,453 --> 00:00:52,659 But if you consider a year's worth of emails, 17 00:00:52,659 --> 00:00:55,561 or maybe even a lifetime of email, 18 00:00:55,561 --> 00:00:57,907 collectively, this tells a lot. 19 00:00:57,907 --> 00:01:01,470 It tells where we have been, who we have met, 20 00:01:01,470 --> 00:01:04,709 and in many ways, even what we're thinking about. 21 00:01:04,709 --> 00:01:09,086 And the more scary part about this is our data now lasts forever, 22 00:01:09,086 --> 00:01:12,093 so your data can and will outlive you. 23 00:01:12,093 --> 00:01:15,622 What has happened is that we've largely lost control over our data 24 00:01:15,622 --> 00:01:17,944 and also our privacy. 25 00:01:17,944 --> 00:01:21,474 So this year, as the web turns 25, 26 00:01:21,474 --> 00:01:23,772 it's very important for us to take a moment 27 00:01:23,772 --> 00:01:26,304 and think about the implications of this. 28 00:01:26,304 --> 00:01:28,006 We have to really think. 29 00:01:28,006 --> 00:01:29,796 We've lost privacy, yes, 30 00:01:29,796 --> 00:01:33,125 but actually what we've also lost is the idea of privacy itself. 31 00:01:33,995 --> 00:01:35,749 If you think about it, 32 00:01:35,749 --> 00:01:39,763 most of us here today probably remember what life was like before the Internet, 33 00:01:39,763 --> 00:01:42,305 but today, there's a new generation 34 00:01:42,305 --> 00:01:45,725 that is being taught from a very young age to share everything online, 35 00:01:45,725 --> 00:01:50,204 and this is a generation that is not going to remember when data was private. 36 00:01:50,204 --> 00:01:53,592 So we keep going down this road, 20 years from now, 37 00:01:53,592 --> 00:01:56,688 the word 'privacy' is going to have a completely different meaning 38 00:01:56,688 --> 00:01:58,973 from what it means to you and I. 39 00:01:58,973 --> 00:02:01,413 So, it's time for us to take a moment and think, 40 00:02:01,413 --> 00:02:04,220 is there anything we can do about this? 41 00:02:04,220 --> 00:02:06,705 And I believe there is. 42 00:02:06,705 --> 00:02:10,266 Let's take a look at one of the most widely used forms of communication 43 00:02:10,266 --> 00:02:12,533 in the world today: email. 44 00:02:12,533 --> 00:02:16,294 Before the invention of email, we largely communicated using letters, 45 00:02:16,294 --> 00:02:18,616 and the process was quite simple. 46 00:02:18,616 --> 00:02:21,728 You would first start by writing your message on a piece of paper, 47 00:02:21,728 --> 00:02:24,132 then you would place it into a sealed envelope, 48 00:02:24,132 --> 00:02:26,387 and from there, you would go ahead and send it 49 00:02:26,387 --> 00:02:28,345 after you put a stamp and address on it. 50 00:02:28,345 --> 00:02:29,825 Unfortunately, today, 51 00:02:29,825 --> 00:02:32,642 when we actually send an email, we're not sending a letter. 52 00:02:32,642 --> 00:02:35,417 What you are sending, in many ways, is actually a postcard, 53 00:02:35,417 --> 00:02:39,064 and it's a postcard in the sense that everybody that sees it 54 00:02:39,064 --> 00:02:42,699 from the time it leaves your computer to when it gets to the recipient 55 00:02:42,699 --> 00:02:45,319 can actually read the entire contents. 56 00:02:45,319 --> 00:02:48,778 So, the solution to this has been known for some time, 57 00:02:48,778 --> 00:02:50,621 and there's many attempts to do it. 58 00:02:50,621 --> 00:02:53,770 The most basic solution is to use encryption, 59 00:02:53,770 --> 00:02:55,697 and the idea is quite simple. 60 00:02:55,697 --> 00:02:57,466 First, you encrypt the connection 61 00:02:57,466 --> 00:03:00,074 between your computer and the email server. 62 00:03:00,074 --> 00:03:03,700 Then, you also encrypt the data as it sits on the server itself. 63 00:03:03,700 --> 00:03:05,646 But there's a problem with this, 64 00:03:05,646 --> 00:03:08,595 and that is, the email servers also hold the encryption keys, 65 00:03:08,595 --> 00:03:12,980 so now you have a really big lock with a key placed right next to it. 66 00:03:12,980 --> 00:03:16,211 But not only that, any government could lawfully ask for 67 00:03:16,211 --> 00:03:18,441 and get the key to your data, 68 00:03:18,441 --> 00:03:21,064 and this is all without you being aware of it. 69 00:03:21,064 --> 00:03:26,337 So the way we fix this problem is actually relatively easy, in principle: 70 00:03:26,337 --> 00:03:28,739 You give everybody their own keys, 71 00:03:28,739 --> 00:03:32,012 and then you make sure the server doesn't actually have the keys. 72 00:03:32,012 --> 00:03:34,148 This seems like common sense, right? 73 00:03:34,148 --> 00:03:37,751 So the question that comes up is, why hasn't this been done yet? 74 00:03:38,261 --> 00:03:40,796 Well, if we really think about it, 75 00:03:40,796 --> 00:03:43,721 we see that the business model of the Internet today 76 00:03:43,721 --> 00:03:45,788 really isn't compatible with privacy. 77 00:03:45,788 --> 00:03:48,574 Just take a look at some of the biggest names on the web, 78 00:03:48,574 --> 00:03:51,501 and you see that advertising plays a huge role. 79 00:03:51,501 --> 00:03:56,329 In fact, this year alone, advertising is 137 billion dollars, 80 00:03:56,329 --> 00:03:58,500 and to optimize the ads that are shown to us, 81 00:03:58,500 --> 00:04:00,633 companies have to know everything about us. 82 00:04:00,633 --> 00:04:02,552 They need to know where we live, 83 00:04:02,552 --> 00:04:06,207 how old we are, what we like, what we don't like, 84 00:04:06,207 --> 00:04:08,369 and anything else they can get their hands on. 85 00:04:08,369 --> 00:04:10,098 And if you think about it, 86 00:04:10,098 --> 00:04:14,246 the best way to get this information is really just to invade our privacy. 87 00:04:14,246 --> 00:04:17,437 So these companies aren't going to give us our privacy. 88 00:04:17,437 --> 00:04:19,252 If we want to have privacy online, 89 00:04:19,252 --> 00:04:22,795 what we have to do is we've got to go out and get it ourselves. 90 00:04:22,795 --> 00:04:25,063 For many years, when it came to email, 91 00:04:25,063 --> 00:04:27,978 the only solution was something known as PGP, 92 00:04:27,978 --> 00:04:31,192 which was quite complicated and only accessible to the tech-savvy. 93 00:04:31,192 --> 00:04:33,610 Here's a diagram that basically shows 94 00:04:33,610 --> 00:04:36,345 the process for encrypting and decrypting messages. 95 00:04:36,345 --> 00:04:39,231 So needless to say, this is not a solution for everybody, 96 00:04:39,231 --> 00:04:42,363 and this actually is part of the problem, 97 00:04:42,363 --> 00:04:44,825 because if you think about communication, 98 00:04:44,825 --> 00:04:49,180 by definition, it involves having someone to communicate with. 99 00:04:49,180 --> 00:04:52,394 So while PGP does a great job of what it's designed to do, 100 00:04:52,394 --> 00:04:55,215 for the people out there who can't understand how to use it, 101 00:04:55,215 --> 00:04:58,117 the option to communicate privately simply does not exist. 102 00:04:58,117 --> 00:05:01,125 And this is a problem that we need to solve. 103 00:05:01,125 --> 00:05:03,123 So if we want to have privacy online, 104 00:05:03,123 --> 00:05:06,442 the only way we can succeed is if we get the whole world on board, 105 00:05:06,442 --> 00:05:09,693 and this is only possible if we bring down the barrier to entry. 106 00:05:09,693 --> 00:05:13,222 I think this is actually the key challenge that lies in the tech community. 107 00:05:13,222 --> 00:05:17,285 What we really have to do is work and make privacy more accessible. 108 00:05:17,285 --> 00:05:20,281 So last summer, when the Edward Snowden story came out, 109 00:05:20,281 --> 00:05:23,896 several colleagues and I decided to see if we could make this happen. 110 00:05:23,896 --> 00:05:28,883 At that time, we were working at the European Organization for Nuclear Research 111 00:05:28,883 --> 00:05:32,614 at the world's largest particle collider, which collides protons, by the way. 112 00:05:32,614 --> 00:05:36,059 We were all scientists, so we used our scientific creativity 113 00:05:36,059 --> 00:05:38,683 and came up with a very creative name for our project: 114 00:05:39,293 --> 00:05:41,389 ProtonMail. (Laughter) 115 00:05:41,389 --> 00:05:44,257 Many startups these days actually begin in people's garages 116 00:05:44,257 --> 00:05:45,941 or people's basements. 117 00:05:45,941 --> 00:05:47,438 We were a bit different. 118 00:05:47,438 --> 00:05:50,081 We started out at the CERN cafeteria, 119 00:05:50,081 --> 00:05:52,537 which actually is great, because look, 120 00:05:52,537 --> 00:05:55,010 you have all the food and water you could ever want. 121 00:05:55,010 --> 00:05:57,490 But even better than this is that every day 122 00:05:57,490 --> 00:06:01,461 between 12 p.m. and 2 p.m., free of charge, 123 00:06:01,461 --> 00:06:05,710 the CERN cafeteria comes with several thousand scientists and engineers, 124 00:06:05,710 --> 00:06:08,496 and these guys basically know the answers to everything. 125 00:06:08,496 --> 00:06:11,283 So it was in this environment that we began working. 126 00:06:11,283 --> 00:06:14,394 What we actually want to do is we want to take your email 127 00:06:14,394 --> 00:06:17,854 and turn it into something that looks more like this, 128 00:06:17,854 --> 00:06:20,129 but more importantly, we want to do it in a way 129 00:06:20,129 --> 00:06:22,274 that you can't even tell that it's happened. 130 00:06:22,274 --> 00:06:25,261 So to do this, we actually need a combination of technology 131 00:06:25,261 --> 00:06:26,848 and also design. 132 00:06:26,848 --> 00:06:29,138 So how do we go about doing something like this? 133 00:06:30,018 --> 00:06:34,172 Well, it's probably a good idea not to put the keys on the server. 134 00:06:34,172 --> 00:06:38,070 So what we do is we generate encryption keys on your computer, 135 00:06:38,070 --> 00:06:41,858 and we don't generate a single key, but actually a pair of keys, 136 00:06:41,858 --> 00:06:45,563 so there's an RSA private key and an RSA public key, 137 00:06:45,563 --> 00:06:48,191 and these keys are mathematically connected. 138 00:06:48,191 --> 00:06:50,396 So let's have a look and see how this works 139 00:06:50,396 --> 00:06:52,787 when multiple people communicate. 140 00:06:52,787 --> 00:06:57,232 So here we have Bob and Alice, who want to communicate privately. 141 00:06:57,232 --> 00:07:00,794 So the key challenge is to take Bob's message 142 00:07:00,794 --> 00:07:05,103 and to get it to Alice in such a way that the server cannot read that message. 143 00:07:05,103 --> 00:07:07,516 So what we have to do is we have to encrypt it 144 00:07:07,516 --> 00:07:09,640 before it even leaves Bob's computer, 145 00:07:09,640 --> 00:07:14,141 and one of the tricks is, we encrypt it using the public key from Alice. 146 00:07:14,141 --> 00:07:19,333 Now this encrypted data is sent through the server to Alice, 147 00:07:19,333 --> 00:07:23,613 and because the message was encrypted using Alice's public key, 148 00:07:23,613 --> 00:07:27,901 the only key that can now decrypt it is a private key that belongs to Alice, 149 00:07:27,901 --> 00:07:32,616 and it turns out Alice is the only person that actually has this key. 150 00:07:32,616 --> 00:07:35,284 So we've now accomplished the objective, 151 00:07:35,284 --> 00:07:37,451 which is to get the message from Bob to Alice 152 00:07:37,451 --> 00:07:40,143 without the server being able to read what's going on. 153 00:07:40,143 --> 00:07:43,100 Actually, what I've shown here is a highly simplified picture. 154 00:07:43,100 --> 00:07:45,105 The reality is much more complex 155 00:07:45,105 --> 00:07:48,819 and it requires a lot of software that looks a bit like this. 156 00:07:48,819 --> 00:07:51,259 And that's actually the key design challenge: 157 00:07:51,259 --> 00:07:54,780 How do we take all this complexity, all this software, 158 00:07:54,780 --> 00:07:58,898 and implement it in a way that the user cannot see it. 159 00:07:58,898 --> 00:08:02,496 I think with ProtonMail, we have gotten pretty close to doing this. 160 00:08:02,496 --> 00:08:04,958 So let's see how it works in practice. 161 00:08:04,958 --> 00:08:07,975 Here, we've got Bob and Alice again, 162 00:08:07,975 --> 00:08:09,945 who also want to communicate securely. 163 00:08:09,945 --> 00:08:12,132 They simply create accounts on ProtonMail, 164 00:08:12,132 --> 00:08:14,542 which is quite simple and takes a few moments, 165 00:08:14,542 --> 00:08:16,964 and all the key encryption and generation 166 00:08:16,964 --> 00:08:19,354 is happening automatically in the background 167 00:08:19,354 --> 00:08:21,060 as Bob is creating his account. 168 00:08:21,060 --> 00:08:23,602 Once his account is created, he just clicks "compose," 169 00:08:23,602 --> 00:08:26,589 and now he can write his email like he does today. 170 00:08:26,589 --> 00:08:28,456 So he fills in his information, 171 00:08:28,456 --> 00:08:31,740 and then after that, all he has to do is click "send," 172 00:08:31,740 --> 00:08:35,281 and just like that, without understanding cryptography, 173 00:08:35,281 --> 00:08:38,834 and without doing anything different from how he writes email today, 174 00:08:38,834 --> 00:08:41,481 Bob has just sent an encrypted message. 175 00:08:41,481 --> 00:08:45,593 What we have here is really just the first step, 176 00:08:45,593 --> 00:08:47,890 but it shows that with improving technology, 177 00:08:47,890 --> 00:08:52,065 privacy doesn't have to be difficult, it doesn't have to be disruptive. 178 00:08:52,065 --> 00:08:56,512 If we change the goal from maximizing ad revenue to protecting data, 179 00:08:56,512 --> 00:08:59,008 we can actually make it accessible. 180 00:08:59,008 --> 00:09:01,468 Now, I know a question on everybody's minds is, 181 00:09:01,468 --> 00:09:03,858 okay, protecting privacy, this is a great goal, 182 00:09:03,858 --> 00:09:06,298 but can you actually do this 183 00:09:06,298 --> 00:09:09,090 without the tons of money that advertisements give you? 184 00:09:09,090 --> 00:09:11,476 And I think the answer is actually yes, 185 00:09:11,476 --> 00:09:13,706 because today, we've reached a point 186 00:09:13,706 --> 00:09:17,652 where people around the world really understand how important privacy is, 187 00:09:17,652 --> 00:09:20,625 and when you have that, anything is possible. 188 00:09:20,625 --> 00:09:21,789 Earlier this year, 189 00:09:21,789 --> 00:09:25,454 ProtonMail actually had so many users that we ran out of resources, 190 00:09:25,454 --> 00:09:28,283 and when this happened, our community of users got together 191 00:09:28,283 --> 00:09:30,399 and donated half a million dollars. 192 00:09:30,399 --> 00:09:32,830 So this is just an example of what can happen 193 00:09:32,830 --> 00:09:35,643 when you bring the community together towards a common goal. 194 00:09:35,643 --> 00:09:37,379 We can also leverage the world. 195 00:09:37,449 --> 00:09:38,597 Right now, 196 00:09:38,597 --> 00:09:42,023 we have a quarter of a million people that have signed up for ProtonMail, 197 00:09:42,023 --> 00:09:43,832 and these people come from everywhere, 198 00:09:43,832 --> 00:09:45,464 and this really shows that privacy 199 00:09:45,464 --> 00:09:47,716 is not just an American or a European issue, 200 00:09:47,716 --> 00:09:50,061 it's a global issue that impacts all of us. 201 00:09:50,061 --> 00:09:53,521 It's something that we really have to pay attention to going forward. 202 00:09:53,521 --> 00:09:56,517 So what do we have to do to solve this problem? 203 00:09:56,517 --> 00:09:58,514 Well, first of all, 204 00:09:58,514 --> 00:10:01,508 we need to support a different business model for the Internet, 205 00:10:01,508 --> 00:10:03,841 one that does not rely entirely on advertisements 206 00:10:03,841 --> 00:10:06,175 for revenue and for growth. 207 00:10:06,175 --> 00:10:08,684 We actually need to build a new Internet 208 00:10:08,684 --> 00:10:14,377 where our privacy and our ability to control our data is first and foremost. 209 00:10:14,377 --> 00:10:16,122 But even more importantly, 210 00:10:16,122 --> 00:10:20,990 we have to build an Internet where privacy is no longer just an option 211 00:10:20,990 --> 00:10:22,893 but is also the default. 212 00:10:23,923 --> 00:10:26,493 We have done the first step with ProtonMail, 213 00:10:26,493 --> 00:10:30,074 but this is really just the first step in a very, very long journey. 214 00:10:30,074 --> 00:10:32,997 The good news I can share with you guys today, 215 00:10:32,997 --> 00:10:35,525 the exciting news, is that we're not traveling alone. 216 00:10:35,525 --> 00:10:38,375 The movement to protect people's privacy and freedom online 217 00:10:38,375 --> 00:10:39,861 is really gaining momentum, 218 00:10:39,861 --> 00:10:43,455 and today, there are dozens of projects from all around the world 219 00:10:43,455 --> 00:10:46,966 who are working together to improve our privacy. 220 00:10:46,966 --> 00:10:50,612 These projects protect things from our chat to voice communications, 221 00:10:50,612 --> 00:10:53,416 also our file storage, our online search, 222 00:10:53,416 --> 00:10:56,457 our online browsing, and many other things. 223 00:10:56,457 --> 00:10:59,986 And these projects are not backed by billions of dollars in advertising, 224 00:10:59,986 --> 00:11:02,309 but they've found support really from the people, 225 00:11:02,309 --> 00:11:05,356 from private individuals like you and I from all over the world. 226 00:11:05,356 --> 00:11:08,473 This really matters, because ultimately, 227 00:11:08,473 --> 00:11:11,944 privacy depends on each and every one of us, 228 00:11:11,944 --> 00:11:14,777 and we have to protect it now because our online data 229 00:11:14,777 --> 00:11:17,541 is more than just a collection of ones and zeros. 230 00:11:17,541 --> 00:11:19,397 It's actually a lot more than that. 231 00:11:19,397 --> 00:11:21,743 It's our lives, our personal stories, 232 00:11:21,743 --> 00:11:24,041 our friends, our families, 233 00:11:24,041 --> 00:11:27,547 and in many ways, also our hopes and our aspirations. 234 00:11:27,547 --> 00:11:30,651 We need to spend time now to really protect our right 235 00:11:30,651 --> 00:11:33,601 to share this only with people that we want to share this with, 236 00:11:33,601 --> 00:11:36,341 because without this, we simply can't have a free society. 237 00:11:36,341 --> 00:11:39,194 So now's the time for us to collectively stand up and say, 238 00:11:39,194 --> 00:11:42,687 yes, we do want to live in a world with online privacy, 239 00:11:42,687 --> 00:11:47,215 and yes, we can work together to turn this vision into a reality. 240 00:11:47,215 --> 00:11:49,350 Thank you. 241 00:11:49,350 --> 00:11:56,107 (Applause)