Join top executives in San Francisco on July 11-12, to hear how leaders are integrating and optimizing AI investments for success. Learn More
Evervault has raised $16 million in venture capital to develop technology the Dublin-based company claims will recalibrate the traditional tradeoffs between privacy and regulation. Index Ventures led the round, which includes previous investors Sequoia Capital, Kleiner Perkins, and Frontline Ventures. In addition, the fundraising attracted money from a string of notable angel investors, such as Eventbrite cofounder Kevin Hartz and former Facebook chief security officer Alex Stamos.
The funding is notable because Evervault has not yet developed a product that’s ready for customers. Instead, investors are betting on a concept that promises to effectively eliminate the need for privacy regulations, a shift that would save businesses money on compliance while delivering greater data protection for consumers.
“Data privacy is very complicated for people who don’t want to read thousands of pages of regulations,” said Evervault founder and CEO Shane Curran. “I started Evervault with the belief that data privacy is a technology problem rather than a regulatory problem.”
In Europe, the advent of Europe’s General Data Protection Regulation (GDPR) in May 2018 has sparked a wave of startups promising to help businesses comply with the rules. Curran said he first began working on the problem in high school and officially started the company in 2018.
Join us in San Francisco on July 11-12, where top executives will share how they have integrated and optimized AI investments for success and avoided common pitfalls.
He began by establishing a privacy manifesto that lays out eight rules any such system should follow. Primary among these is the idea that “data should always be caged.” That means any sensitive data leaving your device should be encrypted so that it can only be treated and processed in a “privacy cage.”
Curran described these cages as containers that allow for fully encrypted data to be processed so that only the owner of the original data can access the resulting information. The company processing the data would be excluded from accessing it directly and would really only have momentary possession of a user’s data to perform a promised service. Once that service is completed, the data would essentially vanish from the company’s system.
“Containers let you run computing over really sensitive data,” Curran said. “Companies can manage without them having to sacrifice privacy or security.”
Evervault plans to offer this service as an API, with the aim of allowing developers to seamlessly build it into the software stack of whatever they are creating. Curran likes to say that developers will be able to do more with one line of code than the entire set of GDPR regulations.
This would theoretically speed product development while lifting the burden on companies that might otherwise be forced to spend vast sums ensuring privacy regulation compliance. Likewise, it would help regulators whose enforcement resources are stretched thin, Curran said.
Still, investors are taking a leap of faith here. But Evervault’s eight employees are hard at work developing the technology and are currently working alongside partners in sectors with sensitive data issues, like finance.
Curran said he doesn’t have a firm timeline for an initial public release yet. “The roadmap is what I think they really bought into,” Curran said. “That, and the team.”
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.