news

Working together on the development of privacy-friendly data analysis technologies

30 Mar 2021

The sharing and analysis of data is essential to achieving economic growth and solving societal challenges. Recent analyses* show that data availability and exchange can generate economic growth of 1.5% of GDP. However, legal and commercial barriers – as well as societal concerns about the fundamental right to privacy – stand in the way of data sharing. Innovative technologies such as Federated Learning and Multi-Party Computation offer a solution by securely learning from sensitive data from multiple sources without having to share this data.

The potential of these technologies for society is enormous, but a multidisciplinary approach is crucial to harnessing this. In its 'Finally, a privacy-friendly way to harness data' whitepaper, published today, TNO therefore calls on governmental players, businesses, commercial technology parties and knowledge institutions to join forces. The current means of extracting value from data requires a centralised approach in which one party holds all of the data.

This approach is often diametrically opposed to interests such as confidentiality and privacy. Instead of choosing between these interests, it is time for a new starting point in the sharing of sensitive data: do not share data, but harness insights from distributed data sources while guaranteeing privacy and confidentiality. Multi-Party Computation (MPC) and Federated Learning (FL) are promising techniques for designing data analysis applications in a privacy-friendly manner.

Whitepaper: 'Finally, a private-friendly way to harness data'

Find out how you can combine data in a privacy-friendly way.

Download

Multi-Party Computation (MPC) and Federated Learning (FL)

MPC is a ‘toolbox’ of cryptographic techniques that allow multiple parties to compute data together as if they have a shared database. Because the data is protected cryptographically, it can be analysed without the parties ever being able to view one another’s data. The participating parties determine who is allowed to view the results of the calculation. With FL, a much stronger guarantee of privacy and confidentiality can be given than in the current approach in which all data is collected in a central location to then carry out the appropriate analyses.

FL solves the privacy problem by bringing the analyses to the data instead of the data to the analyses. The analyses are broken down into small sub-calculations that can be performed locally by the various parties. After performing a local calculation, only the (intermediate) results are shared with one or more parties. The sensitive data is not shared with anyone and remains with the party.

Broadly applicable

There are many possible applications for privacy-enhancing techniques such as MPC and FL. The effectiveness of healthcare, for instance, can be increased by gaining insights from patient data in a privacy-friendly manner. Growing financial crime can be contained by securely linking sensitive data from different financial organisations. In addition, the government can improve its service provision by collaborating with various public bodies in a way that respects privacy.

Technological and organisational challenges 

The first solutions based on MPC and FL are now technologically mature and are already being applied in various domains. These technologies need to be further developed and scaled up in order to be practical on a large scale. The government can contribute to the practical usability of these techniques by actively stimulating their development and application.

In addition, they can promote collaboration in this field by facilitating and offering space for experiments through both financial and organisational support and appropriate regulation. This requires the setting up of multidisciplinary pilots in which small and large companies, start-ups and knowledge institutions can participate.

Following the first pilot experiences, adoption will be accelerated if commercial and governmental organisations make their data available for privacy-friendly data retrieval by third parties. In addition, policymakers will need to tighten the legal frameworks on usage, while technology suppliers are essential to the further operationalisation and upscaling of the required technologies. It is also important that knowledge institutions and universities continue to develop the methods in order to further increase the efficiency of privacy-friendly data analyses.

*Source OECD, „Enhancing Access to and Sharing of Data: Reconciling Risks and Benefits for Data Re-use across Societies,” OECD Publishing, Paris, 2019

Our work

How you can harness data in a privacy-friendly way

Envision it: better treatment methods for patients by learning from the successes and failures of doctors and pharmaceutical companies. Detecting money laundering activities by bringing together data from... Read more
Our work

Privacy by design: combining data for better government services

The government works with a great deal of data from citizens and businesses. It has a legal duty to carefully secure these data in order to protect everyone’s privacy, but the government is also always... Read more
Our work

MPC as a fraud detection and anti-money laundering (AML) tool

Fraud, money laundering and other financial and economic crimes are difficult to combat. Every year, millions of citizens and thousands of businesses in the EU fall victim to fraud. Money laundering is also how... Read more
News
Contact

Dr. Daniël Worm

  • Multi-Party Computation
  • Privacy-Enhancing Technologies
  • Cryptography. Cybersecurity

Media questions?

FOLLOW TNO ON SOCIAL MEDIA

Stay up to date with our latest news, activities and vacancies

TNO.nl collects and processes data in accordance with the applicable privacy regulations for an optimal user experience and marketing practices.
This data can easily be removed from your temporary profile page at any time.
You can also view our privacy statement or cookie statement.