Skip to main content

NGI Zero - Privacy Enhancing Technologies

Periodic Reporting for period 3 - NGI0-PET (NGI Zero - Privacy Enhancing Technologies)

Reporting period: 2020-11-01 to 2021-10-31

NGI0 PET is an ambitious RIA within the Next Generation Internet (NGI) initiative to fund R&D of privacy and trust enhancing technologies for a more resilient, trustworthy and sustainable internet. It is aimed to support independent researchers that contribute technological building blocks for the NGI. Any technology as vital to society as the internet should be trustworthy, secure and transparent by design. Unfortunately ongoing privacy breaches and uncovered surveillance schemes prove that this is not the case. Especially the Snowden revelations show that foreign governments spy on what we do and who we talk to online, abusing fundamental flaws in internet architecture and commandeering the personal data that popular services extract from us.

We heavily rely on the internet to communicate, exchange goods and services and stay informed about the world while more and more sensors and devices around us go online. Because internet technology is essentially untrustworthy, we can be constantly tracked, profiled and pushed by invisible eyes, hands and algorithms. This is harmful to our democracy, our freedom as citizens, our fundamental human rights and our economic and national security.

Improving a worldwide infrastructure while it is used by millions is certainly not trivial. Nevertheless, NGI can generate technological building blocks that contributed to a more trustworthy internet. NGI0 PET funds projects to create these building blocks as open source software, hardware and open standards. This way public money directly supports public technology everyone can benefit from to protect their privacy. Free knowledge sharing is what helped the internet leap over national and legal boundaries to spread across the world. We need to do the same to make NGI a reality.

An initiative as ambitious as NGI revolves around a combination of groundbreaking projects and hard work to make everything work together. The first objective of NGI0 PET is to provide projects with an effective, agile and low-threshold funding mechanism. The second objective is to create a best-of-breed 'greenhouse' where projects are provided with knowledge and skills to advance their work. The third objective is to promote collaboration between projects. The fourth objective is to offer high-quality shared infrastructure - all with the aim to make the most out of the independent researchers at work within NGI Zero.
The work packages that make up NGI0 PET detail the grant management and the support services offered to projects, as described in the Periodic Technical Report Part B. Here important highlights of these work packages are mentioned.

NGI0 PET organized the final 12th open call of NGI0 PET during the reporting period. Project plans, milestones and grant amounts were discussed and agreed upon whereafter requests for payment on delivered milestones were verified and granted. Coordinator NLnet produced detailed reports about each finalized call and all projects have dedicated web pages detailing the work being performed. NGI0 PET has so far had 709 incoming project proposals, originating from 38 countries. From that influx of proposals 150 originating from 28 countries. The total amount accepted was € 5 636 348. The average amount requested per project was € 37 576, but because this budget is divided by 283 this means the average grant size amounts to € 19 916.

NGI0 PET members offered projects mentoring and diversity improvement as well as advice and support services with regards to secure software development, software packaging, internationalization and localisation, accessibility, software licensing, standardization and responsible disclosure.
NGI0 PET details its expected impacts in relation to the work done so far in the Periodic Technical Report Part B. Below is a summary of these impacts, the socio-economic impacts and implications and what progress beyond the SoA was made during this reporting period. The first expected impact of NGIO PET is to significantly advance privacy and trust enhancing technologies, for example through:

- Replicant, postmarketOS, mobile-nixos and Maemo Leste - private-by-design mobile phone operating systems.
- Libre-SOC - the world’s first Power ISA implementation outside of IBM to go to silicon, open source to the bedrock.
- BigBlueButton, Jitsi, Movim, Conversations and Dino - instant messaging and audio/video conferencing tools now end-to-end encryption.

These and other granted projects are developing usable, extendable privacy and trust enhancing technology that are ready to protect our communication at internet scale. Projects are well divided among the different categories of technology building blocks:

- Trustworthy hardware and manufacturing 37
- Network infrastructure incl. routing, P2P and VPN 22
- Software engineering, protocols, interoperability, cryptography, algorithms, proofs 45
- Operating Systems, firmware and virtualisation 28
- Measurement, monitoring, analysis and abuse handling 10
- Middleware + identity, including DNS, authorisation, authentication, distribution/deployment, operations, reputation systems 24
- Decentralised solutions, including blockchain/distributed ledger 14
- Data and AI 7
- Services + Applications (e.g. email, instant messaging, video chat, collaboration) 33
- Vertical use cases, Search, Community 1

The second expected impact is to increase the level of cooperation in the domain of privacy and trust enhancing technologies. NGI0 PET is supporting multiple projects to make encrypted email easier, like implementing Autocrypt (nearly non-interactive email encryption) into Thunderbird and Kmail, encrypting emails before they are stored with GPG Lacre and easily sending secure email from CRM with CiviCRM. Also NGI0 PET contributes to the Solid-platform of world wide web-inventor Sir Tim Berners-Lee by supporting Solid Control (attribute-based access control) and Solid Data Workers (help users switch from proprietary platforms).

The third expected impact is for project outcomes to be accessible, secure, ready for internationalization, legally sound and conveniently available for users. NGI0 PET ensures this unique quality assurance for projects through support services detailed above and in the report. These services actively prepare outcomes of granted projects to be used on internet scale and as such, help deliver privacy and trust enhancing technology for users everywhere.

The fourth expected impact is to influence development of the internet ecosystem. Our goal is to create a fast lane for adoption of NGI0 PET output. The NGI initiative is only successful when it prove that we can actually change the internet of today and realistically transition to more resilient, trustworthy and sustainable networks while we are using them. A major milestone was the inclusion of WireGuard into the kernel tree of the most used operating system on the planet, Linux. Various other technologies have moved into upstream distributions like NixOS, Guix and others.

The fifth expected major impact is to establish standards. Several technologies have been submitted to or are part of a ongoing process of standardisation within standards setting organisations like IETF, W3C, OASIS and the XMPP Foundation. Taking part in internet and technology standardization to better protect user privacy is an important aspect of bringing the future internet one step closer.
NGI Zero logo with tag