Official statistics play a crucial role in helping governments around the world make informed decisions. These statistics come from many sources, such as surveys of homes and businesses, population counts, economic and agricultural censuses, government records and even data from private companies. This information helps the government monitor social inequality and injustice and take necessary actions.
The accuracy of these statistics depends on how detailed and reliable the collected data is. However, gathering sensitive information raises concerns about protecting the privacy of individuals and businesses. Some people might think that only tax evaders or criminals would worry, but many honest citizens have their own fears. They might be anxious about their personal financial information being revealed to neighbours or the risk of facing discrimination based on their ethnicity or religion.
As statistical offices of any nation work through this challenge, data privacy-enhancing technologies (PETs) offer valuable solutions. These technologies help reduce privacy risks and build trust with the public, encouraging more people to share their information. This trust can lead to better and more complete data collection, which is beneficial for everyone.
Privacy-enhancing technologies are designed to handle and share sensitive data safely during analysis and distribution. They answer key questions like:
- How can we perform analysis and extract insight without sharing it openly?
- How can different parties work together without exposing their raw data?
- How can we guarantee how data has been used?
Data Privacy-Enhancing Technologies also known as privacy-preserving techniques or privacy technology, are tools designed to protect sensitive information. They aim to meet specific privacy goals, such as keeping personal data safe while still allowing useful analysis. PETs combine two important fields: statistics and cryptography. Statisticians work on how to analysis data while following privacy rules and cryptographers design security methods to ensure that data is protected during the process. Together these fields help safely handle and share sensitive information without exposing personal details.
In practical terms, Privacy-Enhancing Technologies help build a strong data protection approach by ensuring data protection by design where privacy is integrated into data processing from the start. PETs also support data minimization, ensuring that only necessary data is processed, leading to better privacy and security. Moreover, PETs allow for secure sharing of sensitive data without exposing personal information.
Also Read: Importance of Data Protection in Healthcare
Moving forward, we will explore several advanced privacy-enhancing techniques like Homomorphic Encryption, Secure Multiparty Computation, Differential Privacy and Synthetic Data. Each of these techniques plays a crucial role in ensuring that sensitive data can be used safely without compromising privacy.
Homomorphic Encryption
Homomorphic Encryption is a cryptographic technology that allows for direct computation (addition and multiplication) on encrypted data. This means that a third party can process or analysis the data without ever seeing the actual data itself. Only the party that provided the data has the key to decrypt the result.
A common application of homomorphic encryption is in the medical domain. In healthcare, hospitals can send encrypted medical data, such as MRI scans, to third-party services for analysis. The service provider can offer image analysis for detecting tumors without accessing sensitive patient information, ensuring privacy is maintained. A predictive model can be evaluated directly on the homomorphically encrypted data, preventing any risk of medical data leakage to the service provider.
Secure Multiparty Computation (SMPC)
Secure Multiparty Computation (SMPC) is a technology that allows multiple parties to work together on data without revealing their individual data to each other. The participants can compute a result (like statistics) from the combined data, but no one can see anyone else’s raw data – only the final output.
For example, several government agencies can use SMPC to share identifiable data and compute statistics for policy making without exposing sensitive information about individuals. This way, they collaborate securely while maintaining privacy.
Differential Privacy
Differential Privacy is a method that helps protect individuals’ personal information when data is used for analysis. It does this by adding random “noise,” to the data before sharing the results. This noise makes it difficult to identify any specific person’s information, ensuring that their privacy is maintained.
The goal of differential privacy is to minimize the risk of revealing personal information, even when someone has additional knowledge about the data. This approach is broader than other privacy methods, as it protects all types of data analysis, not just certain kinds of results. Overall, differential privacy provides strong safeguards against potential misuse of personal information in a database.
Differential privacy is a technology that has been around for just over 15 years and is becoming increasingly popular in various fields, like database analysis, statistics and machine learning. Well-known examples of differential privacy in action are in Google Chrome and Apple’s iOS. Both of these systems collect usage statistics while protecting user privacy. In these cases, each user modifies their own data before sending it to a central server for analysis. For instance, Google Chrome uses this method to find out which pages people visit most often to improve its features, like caching. Similarly, Apple uses it to learn which words and emojis people use frequently in their texting apps, helping improve typing suggestions. Microsoft has also started using differential privacy to gather data from devices running its operating systems.
Synthetic Data
Synthetic data is ‘artificial’ data generated by data synthesis algorithms, which replicate patterns and the statistical properties of real data. The underlying principle is to transform a sensitive dataset into a new dataset with similar statistical properties without revealing information on individuals from the original dataset. It is often useful when your organisation wishes to share information externally with contractors or external stakeholders while having privacy guarantees about sensitive data.
Synthetic data can be very useful in situations where sharing sensitive information is important. For example, an organization might want to share a list of all the datasets they have to explore potential partnerships with others. However, it can take a long time, sometimes months – to give outside parties’ access to the real data. By using synthetic datasets, organizations can offer a detailed view of the original data without exposing any sensitive information. This approach helps avoid risks and comply with privacy rules while still allowing others to understand the data set.
In conclusion, the ongoing global crises show how important it is for countries to work together and share crucial data quickly. However, because of privacy concerns, partners can’t have full access to sensitive information. This means we need to find smart ways to get the necessary information from the original data. Privacy-Enhancing Technologies can help us with this by allowing organizations to focus on certain characteristics of people, businesses or places that help create effective policies while keeping their identities confidential. With PETs, we can gather important information without revealing who is involved.
Moreover, Privacy-Enhancing Technologies support the idea of “data protection by design,” which means making sure data is safe from the very start. They help organizations follow data protection rules, put strong security measures in place, and reduce risks related to personal data breaches. As we move ahead, using PETs will be essential for balancing the need to share information quickly with the need to protect people’s privacy. This will help build trust among partners and improve how we respond to global challenges.
Reference
2023_UN PET Guide.pdf
chapter-5-anonymisation-pets.pdf
https://ico.org.uk/for-organisations/uk-gdpr-guidance-and-resources/data-sharing/privacy-enhancing-technologies/