Owning your data: Memri’s approach to data privacy

So, where is your data exactly?

Why would you need your data from different apps?

  • Let’s say, you attended a business event, where you took pictures, made notes, and sent follow up emails. Imagine having all this information linked to a calendar event for convenience of use, so you don’t have to desperately try and find that important contact from the cocktail party!
  • Your mom asked to you to check on your grandma. You have a super busy day, a yoga class later in the night, the message gets lost in the chat — and you simply forget to (but we know you love your grandma!). Imagine simply clicking a button inside the messaging app to set a reminder for once you’re out from your yoga class.
  • Your friend wants to buy new sneakers, and you saw that perfect pair while surfing the internet a month ago or so. We all know the “pulling up the archive” trouble while searching through your browser history. Imagine being able to search for images of sneakers in your browser history so you don’t have to spend ages of browsing to lists of url and find the sneakers much more intuitively.

How does it work at Memri?

  1. A graph database we built with SQLite. Our unique setup requires a single database per user, with built-in encryption and high performance. Native graph databases don’t support these features or consume an unnecessary high amount of memory.
  2. A Rust server to controls your data. The data is served to front ends (like the iOS app), imported from other services (like Gmail and WhatsApp) and enhanced using machine learning (for instance, to summarize the important information from a message thread). We use Rust as it is as a safe language, which increases security when handling your data. Additionally, the low memory footprint and good performance reduces the cost for the user.

What makes it secure?

  • Software
    We follow the “not your keys, not your data” principle. Remember that massive Twitter attack, when hackers got control over Barack’s Obama’s, Bill Gates’, and other public accounts? That happens when the corporation has internal tools to access you data. At Memri, your data is encrypted, and only you can access it. Authentication to the datastore is implemented using a private/public key pair that only you have access to (and your friends and relatives that you can give parts of your spare key to). That means that we don’t have keys to your data — and that wherever you run the pod the hoster is not able to read your data from disk or while it is being transferred to you.
  • Legal backup
    We have made all our development open source under the Memri Privacy Preserving License. It is based on Mozilla Public License but with an additional privacy clause requiring that everyone using this software (including us) must do everything in their power to protect the privacy of their users. Memri privacy license prevents us, as well as anyone else, from taking data from users and selling it, and we like it that way. We will never be in the business of selling people’s data. Still, we are thinking about how to create tools that users can opt into if they do want to monetize their data with specific parties for specific purposes, without compromising their privacy.
  • Hosting
    As Memri is completely open source, you can host it on your own hardware — the safest way to run the pod. We understand self-hosting is not ideal or simply too much of a hassle for many users. We’ll offer hosting ourselves and you are free to setup it up to be hosted by third parties.

Follow our journey

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Memri

Memri

Digital AI assistant to take full control of your #data in one secure place. Change the relationships with your device. Open-source (developers welcome!)