Thinking Allowed

medical / technology / education / art / flub

Coding excursions

Anonymity with encryption


At Outcomes Engine we are working on techniques to gather data from learners, analyse the data, and share the data whilst maintaining anonymity.


I was involved in some work in my previous company (pharmaceutical) with the security of personal data - in our case it was data on European citizens being shared with US data centres. An excursion into the complexity of Schrems II.


This made me think more about how we could measure outcomes but not require personal data. The 'anonymous first' concept of privacy at outcomesengine.com has grown from that.


One way of delivering anonymity is to use encryption - in our case symmetric encryption where the keys for encryption and decryption are the same. We have experimented with several different models for encryption and now use AES-256.


Here is a simple example using a Javascript tool for encrypting a whole file with a password. A technique that is possibly quantum safe.


Delivering a report to an individual only requires that they know the key. This keeps their anonymity and doesn't require the collection of email addresses, maintaining GDPR opt-out rules, use of 'login' cookies and so on.


Blogging - flexing and fetching


After having an exchange with someone who had 'done a quick search online' about me I've thought about revisiting my 'about me' page.


We have some control over what the internet says about us. You could leave it to your social media posts on big-tech sites or you could manage it with your own blog - or a bit of both.


So I added a blog preview (using Javascript fetch and CSS flex).

anonymity encryption data maintaining javascript delivering use require