How to preserve privacy when sharing data sets
Our society is increasingly 'data driven'. Data from different sources are combined to provide new insights, or to measure the effects of policy. The ability to combine and analyse data from different sources is of great value to science, business and government alike. However, legislation and regulations impose requirements on the processing and sharing of such often sensitive personal data.
CBS, the University of Groningen and Maastricht University are therefore conducting joint research into a responsible way of analysing distributed research data using Privacy Preserving Techniques.
The aim of this collaboration is to develop innovative approaches (technical, organizational, legal and otherwise) to unlock, link and collect data from different sources into information that could not have been obtained in any other way. The basic principle here is that the source data remains with the party providing the data, and that the use of the data answers the research question as well as takes place within the framework of privacy legislation (including the AVG and the CBS Act).
What are Privacy Preserving Techniques?
Privacy Preserving Techniques are techniques by which analyses are performed on privacy-sensitive data, without parties having insight into that privacy-sensitive data itself and without the privacy-sensitive data leaving their own organization.
The white paper "Privacy Preserving Techniques" (Dutch only) describes the following five techniques:
- The help of a Trusted Third Party (TTP),
- Secure multiparty computation (SMC),
- Trusted execution environments (TEE),
- Computing with encrypted data (homomorphic encryption),
- Pseudonymised data sharing.