Privacy-preserving Statistics

- Keep data encrypted at all time

Having and sharing confidential data currently requires great care and is normally conducted through a trusted third party such as a consultancy house or a public organisation, which is costly both in time, money and flexibility.

Partisia’s MPC solution for privacy-preserving data use provides a trustworthy alternative that do not rely on trust in any single organisation or person. The data is encrypted – sealed – before it enters into a distributed database and used encrypted in the computations. Even the results of these computations arrive in encrypted form to the client.

This means that the original data is no longer available anywhere in the system, which greatly simplifies data collaborations.

Applications of this platform allows several new possibilities

  • Opening for the use of data to a broader audience, i.e. using data though the internet that was previously hidden behind firewalls
  • Combining different customer databases from different companies to share knowledge and learning from the combined dataset
  • Combining different datasets based on a secret database key (e.g. a personal identity) that cannot be disclosed
  • Maintaining a database over time with a continuous data flow without actually having the actual key (person identity or company identity) in the database

Problem

Data are becoming increasingly abundant but there is a growing awareness of the confidential and sensitive nature of these data. At the same time there is a movement towards opening data – both to the public, but also to companies, examples include opendata and data.gov.

Confidential data is however not disclosed or open. Their sensitive nature prohibits publication of these data in other form than aggregated statistics – typically in reports written by a single, trusted third party approved to this task.

Personal data

Personal identifiable data are considered highly sensitive – accessing and analyzing data on individuals is only allowed when undertaking extensive security measures and strongly regulated – most prominently by EU’s data protection rules.

Nonetheless many organisations are relying on data on specific individuals. Working with these data is either done in very secure environments with every access tracked in a detailed log – or preprocessed where a sufficient amount of details have been removed to ensure anonymity.

Examples:

  • Collection of patient records for assessing quality of treatments and clinics
  • Pupil surveys combining questions for satisfaction and their criminal activity
  • Doing aggregated analysis via different datasets joined together on a personal identity

Confidential data

Sharing and disclosing confidential information among competitors is traditionally considered bad business practice. However, the digital era has created companies that has collect tremendous amounts of data and heightening their ability to make informed data driven decisions.

Sharing information between competitors without actually disclosing data is a concrete solution to close the gap between classic and new players on the market.

As an example, if this can be done secretly,  banks may collaborate on sharing data without hampering competition. Such a collaborative service may result in improved risk assessment for each of the banks involved.

Solution

The cryptographic technique called Secure Multiparty Computation (MPC) solves these problem by implementing secure computation on encrypted data.

Security by design

The type of encryption is called secret sharing and has even stronger properties than traditional encryption. The system is based on several, independent servers computing the results together without sharing data. This architecture prevents leaks of confidential information by any of the servers involved including the it-service provider that provides the system. Unauthorized access to the encrypted data requires hacking multiple servers controlled by independent organisations – there is simply no confidential data on any of the servers and no single point of failure!

Data module

In the data modules, data is provided from independent data sources, each of these data providers can import data into the data structures. The data is encrypted when it leaves the data provider’s computer and remains strongly encrypted at all time. All conflicts involved in merging data from different sources are solved without decrypting the data.

Statistical applications

The collected, encrypted data can be used in concrete applications tailored and designed for the relevant end users. The applications define in advance a predefined set of reports or results for the end users.

The raw data remains strongly encrypted at all time and only the types of preapproved results are sent back to the end user and decrypted on the end user’s computer.

The applications include various encrypted computations such as averages, correlations and solving linear programming. The data provider knows the intended analyses in advance and accepts the use when entering data through the data module.

Survey application

A very concrete application of this platform is a survey module that allows for classical surveys. As in the data module, data is encrypted when they leave the respondent’s computer and stay encrypted forever. The analysis is conducted directly on the encrypted data and only the resulting report is revealed to the predefined recipient.

EXPLORE MORE

Partisia Data Solutions

Insights Network

Learn More

Partisia Data Solutions

DFG Platform

Learn More

Partisia Data Solutions

Virtual Public Registers

Learn More

Partisia Data Solutions

Surveys

Learn More