The era of big data has long since arrived, and with it come the challenges regarding privacy. From the Facebook data privacy scandal in 2018 to the recent fine of up to $250 million faced by Twitter over alleged privacy violations, massive data breaches have been popping up all over the world.
As the issue of data leakage is increasingly exposed to the public, how to protect the privacy of users emerges as a pressing concern.
While AI and privacy protection are frequently placed at opposite ends of the scale, they do not necessarily constitute an absolute dichotomy. It's a commonly known fact that AI must be informed by massive amounts of data, and its iterations and upgrades need to draw quality information from data even more.
In such a context, Internet companies must strive to find a balance between the two, aligning their business activities with honoring the inviolable privacy rights of citizens.
A4x, an innovative provider of client-side apps and AI-powered security services designed to maximize the personal safety of its users, is fully committed to protecting user data and privacy at all times.
So what has A4x been doing to safeguard user privacy on all fronts?
1. Full compliance with policies and regulations
From a legal point of view, a user's data, as an inherent asset of the user, belongs entirely to the user, and the user is entitled to all rights to their data.
A4x complies with national and regional privacy laws and regulations around the globe, such as GDPR and CCPA, in all of our business processes. We collect user information for the sole purpose of providing our services and only with the consent of the user.
In an era where data-driven algorithms are prevalent, A4x remains committed to tackling the many and varied challenges surrounding user experience by exploiting innovative technologies, rather than relying disproportionately on user data to simplify the troubleshooting process. By tapping into machine learning technologies such as few-shot learning and transfer learning, we can provide users with high-quality and reliable intelligent services without resorting to user data.
In tandem with the growth of our business, we will also build user communities where users can share their data to help us improve and enhance our services—another effort that will show that we firmly stand up for the boundaries of personal privacy and against any illegal and excessive collection of personal information.
Internally, A4x implements strict staff management and encryption key management policies, in addition to an automated encryption certificate management system to ensure that our R&D personnel do not have any direct access to user data and that user data is only processed automatically through servers with security certificates.
2. Multidimensional data security technology
A4x employs encryption technology for both data transmission and storage to enhance data security.
Media stream transmission: WebRTC's mandatory encryption feature is used.
In fact, there are a wide variety of vulnerabilities that could expose real-time communication software to security hazards in the event of a slight inadvertence. One risk that requires particular attention is the malicious interception of unencrypted media or data during transmission. This can occur during camera-to-server or app-to-server communication, where a malicious third party might be able to steal all data sent. By encrypting the data, however, we can effectively prevent eavesdroppers from accessing the contents of communication streams. Only session participants who have the encryption key will be able to decode the communication streams.
Encryption is mandated in WebRTC, which means that all components, including signaling mechanisms, must work with encryption. As a result, all media streams sent over WebRTC are protected under standardized and well-known encryption protocols. The encryption protocol used depends on the channel type: data streams are encrypted using the Datagram Transport Layer Security (DTLS) protocol; media streams are encrypted using the Secure Real-Time Transport Protocol (SRTP).
A4x's camera devices also support RTMPS (the same as Facebook Live), an encrypted version of RTMP, and SRTP, an encrypted version of RTSP. These technologies will be applied to encrypt data when users are watching live streams, when motion-triggered videos are being uploaded to the cloud, etc., to secure the data transmission process.
Data storage: the AWS object storage service is used to store and protect data.
* We leverage the scale and maturity of Amazon AWS infrastructure to deliver cloud security to our global users, drawing on the expertise of a world-class security team to provide reliable security services.
* All video and audio data linked to users are stored on the AWS platform, in full compliance with applicable privacy rules and regulations.
3. Software-side security
All of A4x's software products have been evaluated and penetration tested by NSFOCUS, a leading security organization, to ensure that the products are free of security loopholes, minimizing the possibility of privacy leakage caused by malicious attacks and maximizing data security and service continuity.
At A4x, we believe that user privacy must be treated with utmost respect and care. Going forward, we will continue to apply state-of-the-art cybersecurity technology to our hardware and software products to provide users with the highest level of security.