Working together on the development of privacy-friendly data analysis technologies

Multi party computation
30 March 2021

The sharing and analysis of data is essential to achieving economic growth and solving societal challenges. Recent analyses (Source OECD: 'Enhancing Access to and Sharing of Data: Reconciling Risks and Benefits for Data Re-use across Societies'; OECD Publishing, Paris, 2019) show that data availability and exchange can generate economic growth of 1.5% of GDP. However, legal and commercial barriers – as well as societal concerns about the fundamental right to privacy – stand in the way of data sharing. Innovative technologies such as Federated Learning and Multi-Party Computation offer a solution by securely learning from sensitive data from multiple sources without having to share this data.

The potential of these technologies for society is enormous, but a multidisciplinary approach is crucial to harnessing this. In its 'Finally, a privacy-friendly way to harness data' whitepaper, published today, TNO therefore calls on governmental players, businesses, commercial technology parties and knowledge institutions to join forces. The current means of extracting value from data requires a centralised approach in which one party holds all of the data.

This approach is often diametrically opposed to interests such as confidentiality and privacy. Instead of choosing between these interests, it is time for a new starting point in the sharing of sensitive data: do not share data, but harness insights from distributed data sources while guaranteeing privacy and confidentiality. Multi-Party Computation (MPC) and Federated Learning (FL) are promising techniques for designing data analysis applications in a privacy-friendly manner.

Whitepaper: 'Finally, a private-friendly way to harness data'

Find out how you can combine data in a privacy-friendly way.

Multi-Party Computation (MPC) and Federated Learning (FL)

MPC is a ‘toolbox’ of cryptographic techniques that allow multiple parties to compute data together as if they have a shared database. Because the data is protected cryptographically, it can be analysed without the parties ever being able to view one another’s data. The participating parties determine who is allowed to view the results of the calculation. With FL, a much stronger guarantee of privacy and confidentiality can be given than in the current approach in which all data is collected in a central location to then carry out the appropriate analyses.

FL solves the privacy problem by bringing the analyses to the data instead of the data to the analyses. The analyses are broken down into small sub-calculations that can be performed locally by the various parties. After performing a local calculation, only the (intermediate) results are shared with one or more parties. The sensitive data is not shared with anyone and remains with the party.

Broadly applicable

There are many possible applications for privacy-enhancing techniques such as MPC and FL. The effectiveness of healthcare, for instance, can be increased by gaining insights from patient data in a privacy-friendly manner. Growing financial crime can be contained by securely linking sensitive data from different financial organisations. In addition, the government can improve its service provision by collaborating with various public bodies in a way that respects privacy.

Technological and organisational challenges

The first solutions based on MPC and FL are now technologically mature and are already being applied in various domains. These technologies need to be further developed and scaled up in order to be practical on a large scale. The government can contribute to the practical usability of these techniques by actively stimulating their development and application.

In addition, they can promote collaboration in this field by facilitating and offering space for experiments through both financial and organisational support and appropriate regulation. This requires the setting up of multidisciplinary pilots in which small and large companies, start-ups and knowledge institutions can participate.

Following the first pilot experiences, adoption will be accelerated if commercial and governmental organisations make their data available for privacy-friendly data retrieval by third parties. In addition, policymakers will need to tighten the legal frameworks on usage, while technology suppliers are essential to the further operationalisation and upscaling of the required technologies. It is also important that knowledge institutions and universities continue to develop the methods in order to further increase the efficiency of privacy-friendly data analyses.

Get inspired

6 resultaten, getoond 1 t/m 5

Poverty reduction can be made more effective with data analysis

18 October 2022

With historically high inflation and rising energy bills, poverty reduction is more relevant than ever. Multi-Party Computation can help implementing authorities to get in touch with members of the general public who are entitled to additional support.

Quantum Application Lab now open to explore the advantages and business opportunities for quantum computing

24 March 2022

Organisations that want to investigate how quantum computing can benefit their business are invited to connect to the knowledge and technical infrastructure offered by the Quantum Application Lab (QAL) now. QAL is a newly formed public-private R&D partnership that offers a unique team of scientists, researchers, engineers, application developers, software and hardware specialists in a leading platform to explore and bring to market the benefits of quantum computing. QAL will support companies to navigate this complex and changeable environment, in order to make the best possible choices for their development roadmap and their envisioned applications.

LANCELOT: new collaboration between IKNL and TNO

22 November 2021
IKNL and TNO have entered a new partnership for the Lancelot project. This project will help to reduce the impact of cancer while preserving patients’ privacy.

Can a DDoS attack be predicted?

23 February 2021

In the forecasting of tsunamis, buoys with sensors lie in the ocean, waiting for anomalous behaviour of the waves. The satellite to which the sensors are connected sends the signal to the weather station, after which a warning is issued. Everyone can prepare in time for what is to come. Can a similar prediction be made for DDoS attacks? The project group of the Partnership for Cyber Security Innovation (PCSI) went to investigate.

Towards a quantum-secure future using three steps

12 November 2020
Using three clear steps, TNO is helping organisations with cyber security solutions to prepare for a quantum-secure future.