Protecting User Data in the Age of Brain-Computer Interfaces: How Insai is Setting the Precedent for the Neurotech Industry
Co-written by Deckard Barnes. Edited by Kushaal Rao and Sherin Lajevardi.
Over the past 9 months, our lives have become more and more virtual. In the midst of a global pandemic, where physical interaction is greatly restricted, much of our daily activities have transitioned online. From our daily Zoom calls to receiving the latest news updates, we are constantly sending and receiving data. For this reason, it is more important now more than ever to ensure that anything we interact with is capable of protecting our personal information and preventing unwanted breaches of our cyber networks. Especially in the field of Neurotechnology, where new devices are being designed to directly interface with the brain, the most intimate part of our identity, it is imperative that the privacy of our personal data is secured.
One company looking to set the precedent for handling neural data is Insai. Insai’s flagship device is an innovative brain-computer headband interface capable of monitoring mental states and increasing cognitive performance through TMS. The goal is for the headband to be able to non-invasively observe and expand a user’s mental capacity by improving skills like memory, attention, and focus. Since Insai’s headband records high volumes of brain activity, they are taking the necessary steps to protect user privacy by using federated machine learning and differential privacy, setting the precedent for other Neurotech companies making brain-computer interfaces.
Federated Machine Learning
Similar to your smartphone, brain-computer interfaces undergo routine updates to assess and optimize performance. Typically, these devices use deep learning and machine learning programs to create and improve upon prediction algorithms. In each update, user data across multiple devices is uploaded to ML programs as training data, before being consolidated into a prediction model. Insai is working on machine learning algorithms that learn and adapt to the individual user’s cognitive state, personalizing the features of the headband and expanding the applications into both commercial and medical domains. With this goal, Insai acknowledges how much private user data is needed and understands the importance of protecting users by making sure data is secured properly and safe from breaches.
Generally, an AI training model is hosted on a centralized server. Each device uploads their own local data into the centralized server’s database where they are consolidated and analyzed by the ML model. From there, the model produces an update to be exported back to each device. This process is often inefficient, taking a long period of time to individually integrate data from each device hindering the ability to update the model in real time. Additionally, this method of machine learning can lead to data breaches within the centralized server, exposing private user data.
Instead of traditional machine learning methods, Insai looks to integrate a more efficient and safer approach in federated machine learning. Federated machine learning sends out the first iteration of the prediction model to each device. Each device then applies the prediction model to its own local data to modify and send the improved prediction model back to the central server. Once the central server aggregates all the new models, the results are combined into a final model that is sent back to each device for implementation. Federated machine learning removes the vulnerable handling of sensitive information by preventing the central server from receiving all the devices’ data in a single location. This eliminates the potential for a mass data breach by keeping data in several places while greatly improving efficiency by removing the time for raw data to be transmitted.
For more information on federated machine learning check out the following:
Differential Privacy
Federated Machine learning isn’t the only way to help keep sensitive data private. Another powerful solution that works in conjunction with federated machine learning is differential privacy. So why do we need differential privacy to begin with? To illustrate, let’s first pose a hypothetical problem where we need to anonymize a dataset of people’s individual identities. The first solution to come to mind may be to anonymize the dataset by scraping away individuals’ names, addresses, birthdates, etc. However, this is the rudimentary way of ensuring privacy. Data scientists have proven time after time that de-identified data isn’t really anonymous. You may ask, how so? Well even though someone’s identification may be scraped from a dataset, all a nefarious agent needs is some clever use of the internet to identify them. For example, scientists from UT Austin combined an anonymized Netflix dataset with an IMDb dataset to successfully identify Netflix users. Similarly, computer scientist Latanya Sweeney also identified the governor of Massachusetts by combining public health records together with voter registration records. Basically, de-identified does not secure privacy so we need a better way to anonymize our datasets. That’s where differential privacy comes in to prevent these types of reverse de-identification techniques.
Differential privacy is a robust mathematical definition of privacy which describes a group without sharing individual information. Differential privacy works by injecting random noise into the dataset so each individual is protected by plausible deniability. For instance, scientists can build an algorithm that goes through each row and randomly swap them. Of course, this is an oversimplified example, and real-world algorithms are much more rigorous. Variants of privacy algorithms change based upon the goals of the data scientists involved. They have to weigh in the tradeoff between privacy loss and accuracy whenever selecting a differential privacy technique. Commonly use the Greek letter epsilon “ε” to denote privacy loss. In other words, the smaller value of ε the lower the risk of privacy being compromised. Recall that this requires more noise to be introduced to the dataset which affects the data’s general accuracy. The end goal is that differential privacy preserves the general information a dataset gives us while significantly reducing the probability of any individual being identified. Although there is a tradeoff in this exchange. More random noise means less accurate data in the actual process of analysis. There is definitely a balance to be made between privatizing the data and preserving the data’s integrity.
By applying both federated machine learning and differential privacy, Insai sets the standard for the treatment of user data in Neurotech devices. While the process of federated machine learning reduces the amount of user data directly uploaded through applying update models locally, differential privacy keeps user data anonymous by preventing identification of data from outside sources. Combined, both techniques ensure the most safe and reliable security for our own data, while still allowing Insai to upkeep their headband to best fit our needs. When it comes to our thoughts and cognition, Insai is doing their part to preserve and protect our mental data.
