PrimiHub is an open source privacy computing platform created by a team of cryptography experts. It focuses on sharing technology and content in privacy computing fields such as data security, cryptography, federated learning, and homomorphic encryption.
Currently, the digital economy is facing a huge problem. On the one hand, the exponential growth of personal data processing capabilities has created a series of unprecedented possibilities, and humans can obtain very valuable information through artificial intelligence. On the other hand, these artificial intelligence technologies are bringing us new privacy threats.
In this context, most conferences on privacy developments proposed how new privacy-enhancing technologies (PETs) can protect private data in the context of artificial intelligence and machine learning. Artificial intelligence has become the theme of the 2022-2023 IAPP Privacy and Security Risk Conference, and is also the leading topic of the 2022 IAPP Data Protection Conference. At the annual meeting of data protection agencies, the Future of Privacy Forum, a sub-paper of the Global Privacy Conference, hosted three side events on privacy-enhancing technologies, with some of the industry's biggest names sharing their views.
Emerging privacy-enhancing technologies have also attracted the attention of governments and regulatory agencies in various countries. They have formulated a large number of policies around PETs, which also confirms the rapid development of the field of privacy-enhancing technologies.
In this article, we will take an overview of the current status of global privacy computing technology from six aspects: technical definition, technical purpose, privacy supervision, technical classification, policy support and future trends .
Technology Definition: What are privacy-enhancing technologies?
Privacy-enhancing technology (privacy-preserving machine learning) attempts to combine data mining and utilization with privacy and ethics, covering an increasing number of new methods, including federated learning, differential privacy, trusted execution environments, multi-party computation, homomorphic encryption, Zero-knowledge proofs and synthetic data. These technologies share the same goal: to protect the security and privacy of personal information while maintaining the availability of information when collaboratively training and using machine learning models.
Privacy-enhancing technologies are not a new concept and can be traced back to a report titled "Privacy-Enhancing Technologies (PETs): The Path to Anonymity," which was first published in 1995 by the privacy authorities of Canada and the Netherlands. "Privacy enhancement refers to a variety of technologies that protect an individual's privacy by minimizing or eliminating the collection of identifiable data," the report said. Another early definition stems from the 2002 Inventory of Privacy-Enhancing Technologies published by the Organization for Economic Co-operation and Development, which defines privacy-enhancing technologies as "a broad range of technologies that help protect individual privacy."
Current definitions of privacy-enhancing technologies by major companies emphasize their unique opportunities for data collaboration.
Technical purpose: Maintain data utility
At present, privacy enhancement technology is usually positioned as an important solution to solve the "privacy and utility balance". This shows that privacy enhancement technology provides the ability to protect private data and can analyze valuable information from the data. In general, attempts to mitigate disclosure risks can adversely affect data utility, compromising the analytical integrity and validity of the data set.
The EU Cybersecurity Agency’s 2022 report on data protection engineering includes a 2001 definition of privacy-enhancing technologies, describing privacy-enhancing technologies as “a coherent information and communications technology system that eliminates or reduces personal data or prevents unnecessary or unwanted Expect the privacy of the personal data collected to be protected."
These emerging privacy-enhancing technologies also include multi-party computation (MPC), which allows multiple parties to calculate common results based on personal data without revealing their respective data inputs to each other. The calculation process is based on an encryption protocol, so it does not affect the accuracy of the calculation results. sex.
Likewise, differential privacy enables a unique approach to data analysis or querying systems. The goal is to learn as much as possible about the data set while maintaining "reasonable deniability" of any results, meaning the answers cannot be traced back to any particular respondent with certainty. This is achieved by adding random noise to the dataset to protect individual privacy without affecting query results.
Synthetic data is generated twice by a model trained on a real data set, creating simulated data that is similar to the real data, thus replacing the original data while reproducing the statistical properties and patterns of the original data set.
These approaches are useful, for example, in the health sector, where data sharing must be stripped of specific identifiers under privacy regulations such as the U.S. Health Insurance Portability and Accountability Act. De-identification is intended to reduce the risk of identity compromise, but can also result in the loss of information, rendering the dataset no longer useful for research purposes. Additionally, de-identified health data can still be periodically re-identified. In contrast, emerging privacy-enhancing technologies can improve disclosure and re-identification risk mitigation while maintaining the validity of the information value of the data.
Privacy Regulation: Privacy Enhancement Technology in the Context of Privacy Regulation
Because privacy regulations are technology-agnostic, privacy-enhancing technology solutions are rarely explicitly mentioned in privacy regulations.
Originally established in 2010 as seven basic principles by Ann Cavoukian, the former privacy commissioner of Ontario, Canada, the Privacy by Design Framework has now slowly been integrated into privacy and data protection laws around the world.
The most prominent example is Article 25 of the EU General Data Protection Regulation (the UK GDPR also contains the same wording), which obligates data controllers to “take into account the state of the art, the costs of implementation and the nature, scope, context and context of the processing” purposes, as well as risks of varying likelihood and severity that the processing poses to the rights and freedoms of natural persons.” Furthermore, Article 25 requires the effective implementation of “appropriate technical and Organizational measures (…)”, “when determining the means of protecting the data” during the processing as well as during the processing itself. "
In the United States, the Federal Trade Commission paid great attention to the design of a privacy protection framework more than ten years ago. In a 2012 report, the Federal Trade Commission laid out basic principles: "Companies should promote consumer privacy throughout their organizations and at every stage of product and service development."
There are similar provisions in privacy laws around the world. Article 46 of Brazil’s General Data Protection Law states that “the agent shall adopt security, technical and managerial measures capable of protecting personal data.” Chapter 9.3 of India’s proposed Digital Personal Data Protection Bill, 2022 states that “the data fiduciary shall Implement appropriate technical and organizational measures.”
The implementation of privacy-preserving design is not defined in detail by law or regulation, so the guiding principles for appropriate measures are those described as “state-of-the-art” in current practice. The meaning of this sentence is not set in stone. Instead, it relies on technological advancement and a degree of subjectivity.
ENISA and Germany's TeleTrust recently defined state-of-the-art technology as "the best performance of IT security measures on the market that achieve legitimate IT security objectives." This will typically occur when "existing scientific knowledge and research" reaches market maturity or is launched on the market, citing international standards wherever possible.
Appropriate technical and organizational measures can mean different things at different times and in different contexts. What was good enough a few years ago may not be in the best interests of today's end users and data processors. A prime example is the evolution of online security. The previous industry standard of using unencrypted HTTP connections to access websites is no longer applicable. Current "state-of-the-art" security requires HTTPS with a TLS certificate, which means an encrypted connection to the web server when accessing a website.
Therefore, data controllers must consider current advances in available technology and stay abreast of the latest technological advances to select the least intrusive system design for their specific functionality, while maintaining compliance with appropriate privacy regulations. This is one of the main reasons why privacy professionals investigate emerging privacy-enhancing technologies.
Technology classification: Classification of privacy-enhancing technologies
Several organizations and initiatives have taken up the challenge of classifying emerging privacy-enhancing technologies based on their underlying technology, application, or functionality. Examples include:
- New Royal Society report on the role of privacy-enhancing technologies in data governance and collaborative analytics
- San Francisco Federal Reserve Report on Privacy-Enhancing Technologies
- UK Center for Data Ethics and Innovation use case-based PET adoption guide
- Guidelines for the use of privacy-enhancing technologies released by the United Nations in April
- As for how to classify, the draft proposed by the British Information Commissioner’s Office last year pointed out for privacy-enhancing technologies:
- Can reduce individual identifiableness and help implement data minimization principles such as differential privacy and synthetic data generation.
- Focus on hiding and masking data for better security, such as homomorphic encryption, zero-knowledge proofs, and trusted execution environments.
- Access to personal data can be segmented or controlled, meeting data minimization and stronger security principles such as federated learning and MPC.
Policy Support: Global Trends and Policy Support for Privacy-Enhancing Technologies
The rapid development in the field of privacy-enhancing technologies over the past few years has generated a lot of discussion in the privacy engineering and data science communities. Privacy-enhancing technologies are also receiving increasing attention from legislators and public authorities due to their enhanced capabilities in protecting or anonymizing data and minimizing data while maintaining data utility.
In Europe, ENISA highlights several emerging privacy-enhancing technologies as new technologies for data protection engineering, with special emphasis on MPC and zero-knowledge proofs as advanced pseudonymization technologies. The European Data Protection Board also recognizes MPC as a complementary technical measure for international transfers of personal data. The European Commission's Joint Research Center has published an analysis of the usefulness of synthetic data in research.
At the beginning of 2021, the U.S. Senate introduced the "Promoting Digital Privacy Technology Act", which plans to support the research, deployment and standardization of privacy technology. The U.S. Department of Homeland Security has also expressed interest in defining privacy in technical terms and hosted a workshop highlighting examples of emerging privacy-enhancing technologies. In Canada, the Office of the Privacy Commissioner has also recently published considerations regarding various aspects of synthetic data.
In July 2022, Singapore's Infocomm Media Development Authority launched a six-month sandbox program to support businesses interested in adopting emerging privacy-enhancing technologies. In May 2022, the Korean Personal Information Protection Commission took the lead in developing 11 core privacy-enhancing technologies and will continue to develop them over the next four years.
Development is not just domestic. In 2022, the United Nations launched the Privacy-Enhancing Technology Lab initiative, a global hackathon to address challenges in the secure and responsible use of privacy-enhancing technologies. In 2021, the United States and the United Kingdom sponsored a bilateral prize challenge to promote the adoption of privacy-enhancing technologies. Singapore's IMDA and Montreal's International Center for the Advancement of Artificial Intelligence signed a memorandum of understanding on cross-border cooperation on privacy-enhancing technologies in June 2022. South Korean and French data protection authorities soon signed an agreement to jointly research privacy-enhancing technologies.
The future of technology: challenges and prospects
As more privacy-enhancing technologies are developed and implemented, the challenges will become increasingly apparent. Privacy-enhancing technology is in its infancy and more technical expertise is needed, especially as governments use more stringent data management methods in the future. Likewise, there are few use case examples or off-the-shelf solutions, making it difficult for privacy engineers to determine the applicability of privacy-enhancing technologies in day-to-day operations.
Moreover, privacy-enhancing technologies are not a “silver bullet” solution for protecting personal information. Of course, privacy protection framework design cannot be reduced to the implementation of specific technologies. As ENISA puts it, privacy protection framework design “is a process involving various technical and organizational components to implement privacy principles through the deployment of technical and organizational measures including privacy-enhancing technologies.”
The lack of regulatory guidance for emerging privacy-enhancing technologies could leave data processed by privacy-enhancing technologies in a state of instability; could the results be considered anonymized, de-identified, or pseudonymized? This question can become even more difficult to answer when data processing spans multiple jurisdictions. Ideally, regulators and data authorities will continue to foster discussion and standardization around these technologies to make them easier to adopt and use globally.
Original address: Cheering emerging PETs: Global privacy tech support on the rise
Original author: Brandon Lalonde Katharina Koerner
Translated & organized: Open Privacy Computing & PrimiHub