How a Rare Fruit Grower Aims to Build a More Private Internet
Remember when sacrificing privacy wasn’t an unavoidable tradeoff for using the Internet? Barath Raghavan does. That’s why he co-founded INVISV, a startup on a mission to restore privacy to mobile phone networks, and far beyond, by decoupling user identities from devices and Internet activity.
In some respects, Raghavan is not a person you’d expect to be devoting so much time and energy to helping to solve the privacy challenges of the digital world. His background is in networking, with specializations in areas like software-defined networking (he helped build Google’s SDN core) and network functions virtualization. He has spent his career bouncing between academia and industry; he currently teaches in the Computer Science department at the University of Southern California. And he devotes his spare time to planting and caring for rare fruit trees (the jaboticaba is one of his favorites).
But Raghavan says that he became interested in developing new types of privacy solutions in recent years because he felt that users of digital services have been forced to accept tracking as a “normal” part of life, and he sees that requirement as a danger to a society.
“Ten years ago it was normal not to be tracked,” he says. “You paid for mobile or Internet service, you got your service, and that was it.”
But that’s no longer the case. Today, Raghavan explains, “service providers try to scoop up your data” whenever you use their networks. “Everyone knows their phones are tracking devices, and everyone assumes they just have to live with that” if they want to use their phones.
That’s bad, in Raghavan’s view, because “we’ve seen from history that it’s a dangerous thing for societies to become more and more surveilled.” When people “no longer feel free to hang out with the people they want to, or to say what they want to say,” the health of a society begins to deteriorate.
Decoupling users from identities
To address this challenge, Raghavan partnered with Paul Schmitt, at the time an associate research scholar at Princeton University, to pioneer new technology for ensuring the anonymity of mobile device users.
Their solution, which began as an academic research project and was spun out to form INVISV, allows mobile users to connect to networks using tokens that INVISV generates. The tokens validate users with mobile carriers, so the carriers know that the users should have access to their networks. But because the tokens don’t embed the identities of INVISV users, there is no way for network providers – or INVISV itself – to determine who is who or doing what. The only thing visible from an infrastructure perspective when someone connects a mobile device or requests a website through INVISV is that an anonymous user has made a request.
On top of this, INVISV routes network traffic through Fastly’s CDN network. This adds a second layer of anonymity because it separates traffic that originates on INVISV’s Equinix Metal servers, which are peered with the Fastly network, from the rest of the Internet. Internet service providers see only requests coming or going from Fastly; they don’t know that INVISV is running on servers two hops down the line. Users who are just on WiFi benefit from this "Relay" because it goes beyond the privacy guaranteed even by a VPN.
This approach to mobile networking privacy is a big deal because previously there was no scalable way to decouple the identities of users from the identities of their mobile phones. Consumers could do things like encrypt Web traffic or use VPNs to obscure their identities from intermediaries who might intercept network traffic in transit. But there was no solution for hiding a user’s identity from mobile networking providers themselves. Indeed, being able to prove that you are a valid user – which typically entailed having a SIM card that served as a unique identifier – has become a prerequisite for service on most mobile networks.
With INVISV, however, users no longer need unique identifiers. They can prove that they are valid network users via anonymous tokens. They get network service without anyone being able to track where they are located or which websites or apps they are using.
Tackling privacy from all angles
INVISV’s mobile privacy solution, which launched in August 2022, is just the beginning of what Raghavan sees as a lineup of privacy solutions that will eventually extend far beyond mobile networking. “We’d like to provide infrastructure that can be used for all privacy purposes,” he says.
He adds that consumer privacy is only one focus for INVISV. Ultimately, he hopes that the company will inspire infrastructure and networking providers to build better privacy into their products, without requiring consumers to turn to third-party solutions to protect their data.
INVISV already has other privacy products in the pipeline, but Raghavan can’t share details yet. But he does say that he expects INVISV, which graduated from the Equinix Startup Program and raised a round of pre-seed funding in November 2021, to grow steadily over the coming years as it takes on privacy challenges from multiple angles and infrastructure layers.
Meanwhile, Raghavan will keep tending his fruit trees – while enjoying the knowledge that his mobile provider can’t track his movement from orchard to orchard, or his Google searches about rare plant species.