Secure multi-party computation
It’s becoming increasingly important to analyse data from different sources. At the same time, relevant data is often too sensitive to be casually shared with others. How can you share information securely without revealing the underlying data of a sensitive nature? We’re helping resolve this problem by developing innovative and safe techniques based on Secure Multi-Party Computation.
Analysing data without violating privacy
Combining various data sets creates added value. It leads to new insights, better decision-making, more robust research (including market research), and stronger products and services. At the same time, the question is whether data sets can be freely combined. European privacy legislation (GDPR) places restrictions on what data can be shared, for what purpose, and in what manner. Furthermore, companies will want to prevent commercially sensitive information from falling into the wrong hands.
What is Multi-Party Computation?
One innovative solution for generating the functionality of a shared database without having to reveal the data is Secure Multi-Party Computation (MPC). MPC is a ‘toolbox’ of cryptographic techniques. This enables multiple parties to compute data jointly, as if they had a shared database. Because the data have cryptographic protection, the parties can never view each other’s data. The participating parties decide who is allowed to view the outcome of the computation.
Benefits of Multi-Party Computation:
- performing joint computations, while keeping your own data secure
- keeping control over who receives the results of the computation
- having the guarantee that your computations have been performed correctly.
Applying Multi-Party Computation in a range of sectors
Academic research into the Multi-Party Computation technique has long been mainly theoretical in nature. Practical implementation lagged behind. But progress in this field has gained momentum in recent years and the protocols have become ever faster. As a result, they are increasingly being used in practice. We see it as our task to encourage the move towards practical applications and to set up collaborative ventures in various fields.
We work with partners, including the Dutch national research institute for mathematics and computer science (CWI; Centrum Wiskunde & Informatica), on specific Multi-Party Computation applications for the financial and medical sectors, and public authorities. MPC is suitable for all kinds of sectors – wherever data is available and the parties involved can add value by sharing their data.
Healthcare costs in the Netherlands amount to 100 billion euros annually (10% of GDP) and are expected to rise to over 170 billion euros by 2040. It’s essential to continue improving care while keeping the healthcare system affordable. This requires insight into the data, including patient data, of various care organisations. Combining data from large groups of patients leads to new insights and better treatment methods. But how do you secure sensitive patient data in such a way that patients remain anonymous, privacy is guaranteed, and the information does not fall into the wrong hands?
This is how we improve cancer treatment
We’re collaborating with the Netherlands Comprehensive Cancer Organisation (IKNL) and pharmaceutical company Janssen to acquire knowledge from the ever-increasing amounts of data available from cancer patients. This helps reduce the impact of cancer: increasing the chances of recovery as well as preventing cancer. Together with stakeholders including physicians, epidemiologists, data scientists, and clinical computer scientists, we use Multi-Party Computation to gain more value from the available data of, among others, The Netherlands Cancer Registry (NKR). The NKR contains data on illness, care, and outcomes.
TNO, IKNL, and Janssen are working on privacy-safe open-source software. This software will be suitable for use in many more applications in healthcare. In this way, patients will gain maximum benefit from these new innovations.
Fraud, money laundering, and other financial and economic crimes are difficult to combat. Every year, millions of individuals and thousands of companies in the EU are victims of fraud. Money laundering is also how criminal organisations finance themselves.
It’s essential that organisations share information and data with each other in order to detect financial crime more effectively. At the same time, the privacy of ordinary individuals or companies must not be violated. So how can you, as an organisation, combat fraud and money laundering without violating privacy?
This is how we fight money laundering
We’re working with several Dutch banks to implement Multi-Party Computation for collective money laundering detection. Every year, hundreds of billions of euros are laundered worldwide, of which an estimated 16 billion euros in the Netherlands. Although banks and other financial institutions work hard to detect money laundering activities, a lot of such activity remains under the radar. It’s estimated that less than 1% of criminal cash flows are seized.
A major challenge is that criminals often conduct successive transactions through multiple banks. Each bank therefore only sees one piece of the puzzle and has to pass on possible money laundering activities to financial investigation services based on incomplete information. This leads to a large number of reports with high chances of false alarms. Collaboration between banks is therefore very valuable for improving the detection of money laundering. Multi-Party Computation enables banks to detect suspicious money flows jointly, without sharing personal data or other sensitive data.
The government works with a great deal of data from individuals and companies. It has a legal duty to secure these data carefully in order to protect everyone’s privacy. But the government is also working constantly to improve its services. How do you do this without violating privacy?
By combining data, the government can improve services for citizens in various ways. For example, a better approach to poverty reduction through a better understanding of the many dimensions of poverty. Or approaching people who may be entitled to benefits but are not receiving them, without gaining access to their income data.
How data helps government improve poverty policy
In order to formulate effective and well-founded poverty policies, it’s crucial to gain a better understanding of the many dimensions of poverty. Data analyses by municipalities, housing corporations, Statistics Netherlands (CBS), health insurers, energy companies, and others can help in this. Of course, the government cannot, may not, and does not want to simply share such data. It must guarantee privacy and handle personal data in an ethical manner.
As part of an ongoing collaboration with the Social Insurance Bank (SVB) and the Employee Insurance Agency (UWV), we’re using Multi-Party Computation in a pilot to reduce the failure to apply for supplementary income provision for the elderly (AIO). The AIO scheme is intended for people of pensionable age who live below the poverty line. With the insights gained from the Multi-Party Computation approach, citizens can be proactively approached by the SVB to draw their attention to the possibility of applying for AIO benefits.
Taking the next step together
Multi-Party Computation makes it possible to link together the most sensitive databases securely, paving the way for all kinds of new products and services. We have the unique expertise to help you with these and other privacy protection techniques and to advise you on customised solutions.
Would you like us to show you how Multi-Party Computation can help your organisation move forward? If so, please contact Daniël Worm. Or you can first read more about Multi-Party Computation.
- Download the white paper ‘Finally, a privacy-friendly way to harness data’ (pdf)
- Download ‘A New Approach to Privacy-Preserving Clinical Decision Support Systems for HIV Treatment’ (pdf)
- Download ‘Secure multiparty PageRank algorithm for collaborative fraud detection’ (pdf)
- Read how MPC helps tackle poverty issues more effectively
- Watch the webinar ‘Privacy-Enhancing Technologies Multi-Party Computation’
- Read about our MPC Lab
Daniël WormFunctie:Senior consultant
Looking for an expert?View all experts