We're Celebrating Data Privacy Day With Zero PII

Privacy matters

In support of Data Privacy Day, I’d like to share Valimail’s position on personally identifiable information (PII).

Our products, unlike many others, are designed to not be dependent on PII. We do not need (or want) access to the contents of your email messages. We made early design decisions so that we didn’t have to rely on machine learning (ML) models to determine what constitutes a trustworthy email vs. an untrustworthy email. Given its need for PII and propensity for high false positives, we do not leverage predictive AI to map relationships and behavioral patterns between individuals, brands, businesses, or services. We do not analyze the contents of our customers’ emails and, what’s more, we don’t want to.

We believe that protecting people from fraudulent email does not require a sacrifice of privacy. It’s simple: Valimail does not extract, process, or store PII — ever.

That’s because Valimail takes a different approach. Instead of using an inference-based, probabilistic, AI/ML model, we use a deterministic, policy-based model that uses automation to enforce our customers’ lists of authorized senders. Instead of focusing on the content of message, we focus on domain identity using open standards. Instead of analyzing sender IPs and trying to rank them by trustworthiness, we built a definitive database of trusted senders and domains that is robust and constantly up to date (so our customers don’t need to worry about maintenance).

It’s a Question of Trust

AI/ML-based systems require massive amounts of data to function effectively. For email applications, that generally means the contents of every message, including any attachments and links.

While this is a reasonable tradeoff in many cases, we believe it’s unnecessary in order to establish the trustworthiness of a given sender. Whether we’re authenticating email-sending cloud services that you’ve enabled to send messages on your behalf (with Valimail Enforce) or authorizing trustworthy email-sending domains that are able to send messages into your inboxes (with Valimail Defend), we do it without recourse to any of these types of personal data.

In turn, that ensures the privacy of your customers, partners, executives, and employees.

As part of a layered approach, authentication is a smart first step. Once you’ve authenticated the sender, then you can use a secure email gateway (SEG) to catch any malware that might be in the message (due to an infected computer or an account takeover), and deploy anti-phishing training among your employees to catch any remaining phish that slip through — but authenticating senders should be the first line of defense.

The Benefits of Zero PII Exposure

Valimail has always taken the approach that less PII is better, and no PII is best of all. This is part of the reason we were able to secure FedRAMP authorization in record time. It also helped us achieve SOC 2 Type 2 compliance rapidly.

It’s also why we publish blogs about avoiding PII in product design, and our zero-PII approach to engineering.

A core tenet of Valimail’s technology, from inception, is that PII should only be used where it’s absolutely needed. We believe that PII is like paint: Once you mix in a different color — even just a little bit — it taints the entire bucket. We’ve therefore been adamant: We don’t want, need, or use PII.

And it’s why we’re proud to support Data Privacy Day.


Top image: Chris Blakely/Flickr

The CTO and co-founder of Valimail, Peter is an MIT- and Stanford-trained technologist who has worked in a variety of software verticals including security, enterprise, email, and video. He has built products and teams at a number of large technology companies such as RSA Security and Perot Systems, as well as at small startups like Tout, Securant, and Swapt.