This article is the next in a series of posts we’ll be doing to provide more information on how Anonym’s technology works. We started with a high level overview, which you can read here.
Mozilla acquired Anonym over the summer of 2024, as a key pillar to raise the standards of privacy in the advertising industry. These privacy concerns are well documented, as described in the US Federal Trade Commission’s recent report. Separate from Mozilla surfaces like Firefox, which work to protect users from invasive data collection, Anonym is ad tech infrastructure that focuses on improving privacy measures for data commonly shared between advertisers and ad networks. A key part of this process is where that data is sent and stored. Instead of advertisers and ad networks sharing personal user data with each other, they encrypt it and send it to Anonym’s Trusted Execution Environment. The goal of this approach is to unlock insights and value from data without enabling the development of cross-site behavioral profiles based on user-level data.
A trusted execution environment (TEE) is a technology for securely processing sensitive information in a way that protects code and data from unauthorized access and modification. A TEE can be thought of as a locked down environment for processing confidential information. The term enclave refers to the secure memory portion of the trusted execution environment.
Why TEEs?
TEEs improve on standard compute infrastructure due to:
- Confidentiality – Data within the TEE is encrypted and inaccessible outside the TEE, even if the underlying system is compromised. This ensures that sensitive information remains protected.
- Attestation – TEEs can provide cryptographic proof of their identity and the code they intend to execute. This allows other parts of the system to verify that the TEE is trustworthy before interacting with it and ensures only authorized code will process sensitive information.
Because humans can’t access TEEs to manipulate the code, Anonym’s system requires that all the operations that must be performed on the data be programmed in advance. We do not support arbitrary queries or real-time data manipulation. While that may sound like a drawback, it offers two material benefits. First, it ensures that there are no surprises. Our partners know with certainty how their data will be processed. Anonym and its partners cannot inadvertently access or share user data. Second, this hardened approach also lends itself to highly repeatable use cases. In our case, for example, this means ad platforms can run a measurement methodology repeatedly with many advertisers without needing to approve the code each time knowing that by design, the method and the underlying data are safe.
TEEs in Practice
Today, Anonym uses hardware-based Trusted Execution Environments (TEEs) based on Intel SGX offered by Microsoft Azure. We believe Intel SGX is the most researched and widely deployed approach to TEEs available today.
When working with our ad platform partners, Anonym develops the algorithm for the specific advertising application. For example, if an advertiser is seeking to understand whether and which ads are driving the highest business value, we will customize our attribution algorithm to align with the ad platform’s standard approach to attribution. This includes creating differentially private output to protect data subjects from reidentification.
Prior to running any algorithm on partner data, we provide our partners with documentation and source code access through our Transparency Portal, a process we refer to as binary review. Once our partners have reviewed a binary, they can approve it using the Transparency Portal. If, at any time, our partners want to disable Anonym’s ability to process data, they can revoke approval.
Each ‘job’ processed by Anonym starts with an ephemeral TEE being spun up. Encrypted data from our partners is pulled into the TEE’s encrypted memory. Before the data can be decrypted, the TEE must verify its identity and integrity. This process is referred to as attestation. Attestation starts with the TEE creating cryptographic evidence of its identity and the code it intends to run (similar to a hash). The system will compare that evidence to what has been approved for each partner contributing data. Only if this attestation process is successful will the TEE be able to decrypt the data. If the cryptographic signature of the binary does not match the approved binary, the TEE will not get access to the keys to decrypt and will not be able to process the data.
Attestation ensures our partners have control of their data, and can revoke access at any point in time. It also ensures Anonym enclaves never have access to sensitive data without customer visibility. We do this by providing customers with a log that records an entry any time a customer’s data is processed.
Once the job is complete and the anonymized data is written to storage, the TEE is spun down and the data within it is destroyed. The aggregated and differentially private output is then shared with our partners.
We hope this overview has been helpful. Our next blog post will walk through Anonym’s approach to transparency and control through our Transparency Portal.
The post Using trusted execution environments for advertising use cases appeared first on The Mozilla Blog.