FlipSide: A few minutes with Jeff Jonas

Jeff Jonas is a distinguished engineer and chief scientist at IBM's Entity Analytics Group, a unit that IBM created after it acquired Jonas' company, Systems Research and Development, in 2005. Jonas invented software that makes data anonymous by converting it into a format that only a computer can read.

Jonas got into the software business early. At age 20, he had to declare bankruptcy, an experience that haunted him for 20 years, he said, until he could pay back his creditors.

What makes your software different from other data privacy software?

Jonas: The technique we are using allows us to anonymize identity information, like names and addresses, and after the data is anonymized to compare and determine when two people are the same person despite all the variability in identity data.

Usually one encrypts data to send to somebody else who has to decrypt it to use it. Ours is a technique that allows you to encrypt the data and do the analysis while it is encrypted. That's what is unique about it. Many people in the privacy community feel that this is better than some other ways of sharing sensitive data.

How could the government use your software to identify suspected terrorists without destroying the data privacy of law-abiding citizens?

Jonas: The government has a long list of people who shouldn't be in the United States who might be terrorists. It's a secret watch list. Let's say it has 100,000 names. The government is not going to issue 100,000 subpoenas.

The remedy for that problem was Section 215 of the Patriot Act, which enabled the government to ask not for a single record but for all the records in a file. That created a lot of tension for the privacy folks.

So our technique allows government to anonymize its list of bad guys and then a cruise line, say, to anonymize its customer list. Our technique allows you to compare the two lists and recognize that Billy the Kid and Willy the Old Guy are the same guy. Now the government can go and get two subpoenas for those two people. I don't want anybody thinking that with this you can get past the law. That's not what we're doing.

We're using standard cryptographic hashing algorithms that are widely known, like [Secure Hash Algorithm-1 and Message Digest 5], but we're using them in a novel way.

Does your software work with existing defense, intelligence, national security and FBI crime databases?

Jonas: We have a lot of government customers that use it with their existing systems.

What did you learn from going bankrupt at an early age?

Jonas: I went bankrupt when I was 20 years old, so I started my next company from my car. If you mention that, you should mention that about three years ago I tracked down everybody I could locate, and I paid them back at 3 percent compounded interest.

Having a business that went bad at a young age makes you want to keep your commitments. That became something I worked hard toward. I kept a folder of everybody I went bankrupt on, and I had it in every single desk right next to me for 20 years until I was able to pay everybody back.

— Florence Olsen


  • FCW Perspectives
    zero trust network

    Why zero trust is having a moment

    Improved technologies and growing threats have agencies actively pursuing dynamic and context-driven security.

  • Workforce
    online collaboration (elenabsl/Shutterstock.com)

    Federal employee job satisfaction climbed during pandemic

    The survey documents the rapid change to teleworking postures in government under the COVID-19 pandemic.

Stay Connected