Working together on the development of privacy-friendly data analysis technologies
30 Mar 2021
The potential of these technologies for society is enormous, but a multidisciplinary approach is crucial to harnessing this. In its 'Finally, a privacy-friendly way to harness data' whitepaper, published today, TNO therefore calls on governmental players, businesses, commercial technology parties and knowledge institutions to join forces. The current means of extracting value from data requires a centralised approach in which one party holds all of the data.
This approach is often diametrically opposed to interests such as confidentiality and privacy. Instead of choosing between these interests, it is time for a new starting point in the sharing of sensitive data: do not share data, but harness insights from distributed data sources while guaranteeing privacy and confidentiality. Multi-Party Computation (MPC) and Federated Learning (FL) are promising techniques for designing data analysis applications in a privacy-friendly manner.
Whitepaper: 'Finally, a private-friendly way to harness data'
Find out how you can combine data in a privacy-friendly way.
Multi-Party Computation (MPC) and Federated Learning (FL)
MPC is a ‘toolbox’ of cryptographic techniques that allow multiple parties to compute data together as if they have a shared database. Because the data is protected cryptographically, it can be analysed without the parties ever being able to view one another’s data. The participating parties determine who is allowed to view the results of the calculation. With FL, a much stronger guarantee of privacy and confidentiality can be given than in the current approach in which all data is collected in a central location to then carry out the appropriate analyses.
FL solves the privacy problem by bringing the analyses to the data instead of the data to the analyses. The analyses are broken down into small sub-calculations that can be performed locally by the various parties. After performing a local calculation, only the (intermediate) results are shared with one or more parties. The sensitive data is not shared with anyone and remains with the party.
Broadly applicable
There are many possible applications for privacy-enhancing techniques such as MPC and FL. The effectiveness of healthcare, for instance, can be increased by gaining insights from patient data in a privacy-friendly manner. Growing financial crime can be contained by securely linking sensitive data from different financial organisations. In addition, the government can improve its service provision by collaborating with various public bodies in a way that respects privacy.
Technological and organisational challenges
The first solutions based on MPC and FL are now technologically mature and are already being applied in various domains. These technologies need to be further developed and scaled up in order to be practical on a large scale. The government can contribute to the practical usability of these techniques by actively stimulating their development and application.
In addition, they can promote collaboration in this field by facilitating and offering space for experiments through both financial and organisational support and appropriate regulation. This requires the setting up of multidisciplinary pilots in which small and large companies, start-ups and knowledge institutions can participate.
Following the first pilot experiences, adoption will be accelerated if commercial and governmental organisations make their data available for privacy-friendly data retrieval by third parties. In addition, policymakers will need to tighten the legal frameworks on usage, while technology suppliers are essential to the further operationalisation and upscaling of the required technologies. It is also important that knowledge institutions and universities continue to develop the methods in order to further increase the efficiency of privacy-friendly data analyses.
*Source OECD, „Enhancing Access to and Sharing of Data: Reconciling Risks and Benefits for Data Re-use across Societies,” OECD Publishing, Paris, 2019
How you can harness data in a privacy-friendly way
Envision it: better treatment methods for patients by learning from the successes and failures of doctors and pharmaceutical companies. Detecting money laundering activities by bringing together data from... Read morePrivacy by design: combining data for better government services
The government works with a great deal of data from citizens and businesses. It has a legal duty to carefully secure these data in order to protect everyone’s privacy, but the government is also always... Read moreMPC as a fraud detection and anti-money laundering (AML) tool
Fraud, money laundering and other financial and economic crimes are difficult to combat. Every year, millions of citizens and thousands of businesses in the EU fall victim to fraud. Money laundering is also how... Read more- Mission and strategy
- Organisation
- Lead Scientists
- International
- TNO and its social role
- News
- Events
- Research on hot topics
- More about our work
- Contact
- Webinar overview
Dr. Daniël Worm
- Multi-Party Computation
- Privacy-Enhancing Technologies
- Cryptography
- Cybersecurity
Send a question to Dr. Daniël Worm
Your question has been sent.
Sorry! Something unexpected happened. Please try again later.