Privado keeps developers honest as data privacy regulations tighten
Tech start-up Privado is the product of the frustration of Vaibhav Antil and its co-founders, Jasdeep Cheema and Prashant Mahajan. They launched the company, which is announcing a $14 million Series A funding round today, after finding it nearly impossible to get to grips with the General Data Protection Regulation (GDPR) introduced by the European Union in 2018.
"Back then, we were working as engineers and developing software products that suddenly we had to wonder if they complied with data privacy laws," says Antil. "It was extremely upsetting and there didn't seem to be an easy way to fix it."
This concern was amplified when Antil and his colleagues spent several months working with the product and engineering teams of a large e-commerce company. Despite a series of interviews with the teams, it proved nearly impossible to determine exactly how they collected, stored, used and shared personal customer data – and therefore whether the company was GDPR compliant. And as the company continually updated its software, this challenge became increasingly complex.
Privado's solution to this problem is a code scanner that works automatically through software to identify what data it collects and what happens to that data next. It provides the user with a tool that quickly maps their data practices so that these can be compared to what any data privacy regulations require. "We're like a spell checker for data privacy," says Antil.
Launched in 2020, Privado works with an open source code analysis solution. The idea is for developers and engineers to use the tool on an ongoing basis, scanning the software they've developed to identify potential data privacy issues, then rescanning each time an update comes up. updated.
Privado's tool not only identifies data usage and flows, but can also be tailored to identify potential breaches of specific legislation - EU GDPR, for example, but also regulation similar developed by authorities in the United States and Asia. "Engineers and privacy teams get instant visibility into the use of personal data by their products and applications, can monitor personal data flows, and find privacy risks that exist in code, from leaks to logs," explains Antil. The tool can also be configured to block all software updates that include code that violates the company's own data privacy policies.
The problem the company is solving is very real and potentially very costly. Enforcement Tracker data reveals that companies around the world have so far been fined €1.7 billion for GDPR violations. In the United States, meanwhile, the Federal Trade Commission is currently in the midst of a crackdown on data privacy concerns - social media giant Twitter was fined $150 million earlier this year for violation of FTC rules.
However, despite being aware of the problem, organizations that constantly develop and update new software are likely to violate regulations in exactly the same way. The scale and complexity of their code makes manual checks too difficult to be practical, especially since new releases are iterated on quickly.
Hence the need for an automated scanner, says Privado. "Think of us as a grammar for your code - we give you a data privacy score for existing products and highlight data privacy and security issues when you write new code," adds Antil. “I expect that in the future there will be default scanning for data privacy issues, much like such products exist in the cybersecurity world; we want to be that default.”
The company is making good progress in this regard, operating through a combination of a premium product, made available as a software-as-a-service tool, and a free version aimed at Android developers . Customer numbers are not available, but the company says it already manages over 600,000 code validations for its customers.
The challenge now is to scale the business, with Series A providing funding for product development, staffing, and to support the growth of Privado's open source community.
Today's $14 million fundraising is the company's second funding announcement of the year; it secured $3.5 million in seed funding in January; it is led by software investor Insight Partners and venture capital firm Sequoia Capital India, with participation from existing investors Together Fund and emerging companies.
“Pri...
Tech start-up Privado is the product of the frustration of Vaibhav Antil and its co-founders, Jasdeep Cheema and Prashant Mahajan. They launched the company, which is announcing a $14 million Series A funding round today, after finding it nearly impossible to get to grips with the General Data Protection Regulation (GDPR) introduced by the European Union in 2018.
"Back then, we were working as engineers and developing software products that suddenly we had to wonder if they complied with data privacy laws," says Antil. "It was extremely upsetting and there didn't seem to be an easy way to fix it."
This concern was amplified when Antil and his colleagues spent several months working with the product and engineering teams of a large e-commerce company. Despite a series of interviews with the teams, it proved nearly impossible to determine exactly how they collected, stored, used and shared personal customer data – and therefore whether the company was GDPR compliant. And as the company continually updated its software, this challenge became increasingly complex.
Privado's solution to this problem is a code scanner that works automatically through software to identify what data it collects and what happens to that data next. It provides the user with a tool that quickly maps their data practices so that these can be compared to what any data privacy regulations require. "We're like a spell checker for data privacy," says Antil.
Launched in 2020, Privado works with an open source code analysis solution. The idea is for developers and engineers to use the tool on an ongoing basis, scanning the software they've developed to identify potential data privacy issues, then rescanning each time an update comes up. updated.
Privado's tool not only identifies data usage and flows, but can also be tailored to identify potential breaches of specific legislation - EU GDPR, for example, but also regulation similar developed by authorities in the United States and Asia. "Engineers and privacy teams get instant visibility into the use of personal data by their products and applications, can monitor personal data flows, and find privacy risks that exist in code, from leaks to logs," explains Antil. The tool can also be configured to block all software updates that include code that violates the company's own data privacy policies.
The problem the company is solving is very real and potentially very costly. Enforcement Tracker data reveals that companies around the world have so far been fined €1.7 billion for GDPR violations. In the United States, meanwhile, the Federal Trade Commission is currently in the midst of a crackdown on data privacy concerns - social media giant Twitter was fined $150 million earlier this year for violation of FTC rules.
However, despite being aware of the problem, organizations that constantly develop and update new software are likely to violate regulations in exactly the same way. The scale and complexity of their code makes manual checks too difficult to be practical, especially since new releases are iterated on quickly.
Hence the need for an automated scanner, says Privado. "Think of us as a grammar for your code - we give you a data privacy score for existing products and highlight data privacy and security issues when you write new code," adds Antil. “I expect that in the future there will be default scanning for data privacy issues, much like such products exist in the cybersecurity world; we want to be that default.”
The company is making good progress in this regard, operating through a combination of a premium product, made available as a software-as-a-service tool, and a free version aimed at Android developers . Customer numbers are not available, but the company says it already manages over 600,000 code validations for its customers.
The challenge now is to scale the business, with Series A providing funding for product development, staffing, and to support the growth of Privado's open source community.
Today's $14 million fundraising is the company's second funding announcement of the year; it secured $3.5 million in seed funding in January; it is led by software investor Insight Partners and venture capital firm Sequoia Capital India, with participation from existing investors Together Fund and emerging companies.
“Pri...
What's Your Reaction?
![Three of ID's top PR executives quit ad firm Powerhouse [EXCLUSIVE]](https://variety.com/wp-content/uploads/2023/02/ID-PR-Logo.jpg?#){kind=logo}
