Image by rawpixel.com on Freepik

Here are some prominent points of the Report “From privacy to partnership – The role of privacy enhancing technologies in data governance and collaborative analysis” of the Royal Society on Jan 23, 2023 that the private sectors can keep for future reference. 

First, for the definition of the Privacy Enhancing Technologies (PETs) in the Report

PETs are a set of technologies and approaches enabling the derivation of useful results from data without providing full access to the data. This concept originally supports the techniques of data minimisation, encryption, anonymisation and pseudonymisation and other privacy and security principles of personal data protection. According to the Report, like the private sectors,where the UK public organisations cannot assess privacy trade-offs for a given PET, or application, cost-benefit analysis becomes impractical for them. 

Second, according to the Report, there is no one-fit-all solution for the privacy.

It is essential to develop open standards in PETs, allowing for the global and interoperable use of data to ensure that they work for everyone. They should be feasible technical standards and metrics, complemented by the scenario-based guidance, assessment protocols and codes of conduct. 

Third, the Report also provides some interesting use cases: 

• Privacy in biometric data for health research and diagnostics: As it is difficult to obtain complete anonymisation, especially for biometric, non-textual data, for example, Federated Machine Learning using Magnetic Resonance Imaging (MRI) imaging and metadata – sensitive information of the patients. They proposed several approaches: (1) each local site analyses, builds a model, sharing to a remote, centralised location (a node) and combined into one global shared back to the local researcher as a new, improved model; or (2) remote and local nodes take turns sending back and forth the information. 
• Internet of  Things – enabling digital twins for net zero: Digital twin is a relevant, virtual counterpart of a physical object (wind turbine, electric motor, etc.) or process (pattern of economic transaction). It functions as decision-support tools for models, physical-virtual systems through sensors. Due to the data communication between digital twins and real-world assets, it risks exposing the personal data related to energy consumption, called smart meter data. Therefore, regarding the solutions, the Report proposes (1) non-cryptographic methods, adding noise to datasets, (2) spatial aggregation, where smart meters are geographically clustered in a block of houses, could load balancing without collecting household-level information.  

Finally, the Report attracts a lot of attention on its analysis of synthetic data.

In details, it is data modelled to represent the statistical properties of original data. The Report also mentioned high-value datasets, such as datasets of Census-Health-Mortality, telecom mobility and administration. However, it also emphasises the existence of the trade-off between utility of the original dataset and privacy. For this moment, there are no standards of the Privacy-Preserving Synthetic Data generation. 

In addition, for more information about the privacy on AstraIA Gear, check out this post.

For the full text of the Report: https://royalsociety.org/-/media/policy/projects/privacy-enhancing-technologies/From-Privacy-to-Partnership.pdf?la=en-GB&hash=4769FEB5C984089FAB52FE7E22F379D6