What Problem Are You Trying To Solve?
Lokker solves the problem the vast majority of websites face today in that they simply do not have control over their web users’ privacy as is required by privacy regulations such as GDPR, CCPA, and others.
Most websites are made up of as much as 70% 3rd-party web code. This is code that the website owners do not control and is actively accessing user information such as IP address and other PI, tracking users, and sharing this information with dozens if not hundreds of 4th parties, often across international boundaries and more – all of which are potentially serious violations of user privacy law.
This code has access to user information well before cookie consent notices display and well before users have the opportunity to opt in or out. This code also continues to track user activity despite the choices users make regarding their privacy choices in Consent Management Platforms.
Lokker developed the technology to enable companies to see and control the informational exchanges that occur between companies’ web code, 3rd-party applications in the cloud, and users’ browsers thus giving companies the ability to be technically privacy-compliant in their web operations – arguably for the very first time.
How Are We Solving That Problem?
First, we recognized that web privacy is more of a technical problem than a legal one. Unfortunately, the predominant privacy solution offerings to date for enterprises have been Consent Management Platforms – solving for legal issues, notices, and documentation.
However, no amount of user consent will remove a company’s liability if they are continuously leaking personal information to 3rd and 4th parties through their website. The evidence of this can be seen by the explosive growth of GDPR fines despite the widespread use and adoption of CMP solutions. (I explain this concept in more detail in this recent article I wrote for our blog here: Privacy Fines: It’s No Longer If But When)
So we set out to fix the technical privacy problems inherent in most websites stemming from the growing reliance on 3rd-party apps in website development.
Since the nature of privacy loss is such that third parties have continuous access to user information in real-time and have the ability to change their code at any moment without notifying website owners, our solution had to be “inline”, meaning we had to provide our clients with controls in the layer between the 3rd-party apps and web visitors’ browsers.
This remains a novel approach in the field of privacy tech solutions. Lokker developed a privacy automation platform that delivers a SaaS-based service we call Continuous Privacy Monitoring & Protection (CPMP).
It serves as a privacy control barrier that restores first-party control privileges over all 3rd-party informational exchanges in real-time. Companies can set up rules-based settings to block, allow, or anonymize information by application, geography, or jurisdiction. We essentially restore complete data sovereignty, from a web privacy perspective, back under our clients’ control.
How Has The Pandemic Impacted Our Company?
Fortunately, the pandemic has not impacted our company much at all. Lokker was born just before the pandemic and was in heavy R&D mode. Aside from all of the normal worries and global concerns, the highly unusual period gave our engineers time to focus, research, collaborate, and problem solve.
As a decentralized, global team, we were well accustomed to online collaboration and had been working together efficiently from all over the world despite being headquartered in Silicon Valley and now with engineering centralizing in Ireland.
Where Do You See Your Company Going In 5 Years?
We are most excited about making improvements in detecting personally identifiable information (PII) for data loss prevention (DLP) across languages.
We hope it won’t take us 5 years, but we are working to marry natural language and derive its context with a correlating likelihood of matches against PII through assisted machine learning.
This is most exciting to us in the privacy tech space. We also see variations of our core technology being applied to small and medium-sized businesses as well as consumer applications to better preserve and protect privacy in general.
What Is The Next Big Challenge In Information Security?
Since our focus is on privacy, I will frame our response in the privacy context. We see the next biggest information security challenges relating to privacy loss and compliance coming from FLoC technologies, browser fingerprinting technologies, and ID sharing/synchronization technologies.
Cookies are going away, but their days were numbered long ago. Far more sophisticated forms of privacy-violating technologies have been in development and are already at various stages of deployment.
Unless we get ahead of these new technologies and learn how to defeat or control them before they are widely adopted into the working fabric of the internet, we may have no hope of preserving privacy the second time around.
Lokker is aware of these technologies as serious threats to privacy and is working on ways to give companies and individuals privacy-preserving options.
How Do People Get Involved/Buy into Your Vision?
Lokker’s initial product will be available in early Q4 2021. It will be an enterprise privacy SaaS product designed for large “privacy-aware” companies that operate in regulated jurisdictions and/or industries with websites dealing with high volumes of users and transactions.
These companies have in-house privacy counsel and CPOs on staff or have retained law firms that focus on privacy compliance. We hope these professionals would want to follow our progress closely.
Prior to our product release, we would like for more people, in general, to simply be aware and understand the scope and nature of the “3rd-party app problem” as it applies to nearly all of the websites’ people visit today.
We offer a free website privacy scanner that reveals some shocking information. On average websites give access to user information to over 60 3rd and 4th parties and they don’t even realize it. Our free web page scanner simulates a synthetic user in real-time and records the extent of the privacy problem for all to see.
What Do You Love About Your Team, And Why Are You the Ones to Solve This Problem?
I love that our team is truly passionate about (and capable of) fixing a very complex problem that is rooted in the basic architecture of millions of websites. I also love that the motivation for fixing the problem came from an organic place, personal experience of the pain and suffering the problem is causing.
What Do You See as Your Biggest Hurdle to Success?
Most companies don’t realize they have a major technical privacy problem with their website because they literally can’t see the informational exchanges that are occurring in real-time between their native web code, their integrated 3rd-party code, and their users’ browsers.
This is the client-side web layer that is causing huge privacy problems, as vast amounts of user information are pouring out to dozens if not hundreds of 3rd and 4th parties – well beyond the control of the companies who are liable for protecting their users’ identities and online actions.
It is exceedingly hard to get companies to care about, let alone pay to fix a problem they can’t see. This is why we had to create our privacy scanning product first before we completed our inline monitoring and privacy controlling platform.
What’s Most Exciting About Your Traction to Date?
The “Ah-ha” or “Oh-s*@t” moment people experience when we show them how many external parties have access to their users’ information in real-time through our free website privacy scanning tool. And then to bring them great relief when we tell them we can fix the problem so that they don’t have to worry about facing costly GDPR, CCPA, or industry-specific privacy fines as soon as they are ready to make user privacy a priority.
I hope this gives you some good basic information to work with. I am happy to answer any other questions you may have or schedule a zoom call at your convenience, just let me know?