The need for data value is driving public sector interest in increasingly visible privacy enhancing technologies
Data is the backbone of the digital economy, and in the government space, it is critical to advancing public sector programs and initiatives. But collecting or gaining access to data isn’t enough; data’s true importance lies in the value we can extract from it. While business users must be concerned about the privacy and security of the data for the sake of regulatory compliance and consumer expectations, government users often have another challenge to consider: how to effectively extract data value without compromising their interests in the data. This need is driving public sector interest in an increasingly visible, transformative category known as Privacy Enhancing Technologies or PETs.
If the category sounds familiar, it’s because these technologies have recently been attracting a lot of attention across both the public and private sectors. Market trends and the ever-evolving regulatory landscape have brought the demand for privacy to the forefront, and there is a growing recognition that these problems will not be solved by regulatory barriers alone. The UK and US recently announced a prize challenge to advance these technologies in order to “harness the power of data in a manner that protects privacy and intellectual property, enabling cross-border and cross-sector collaboration to solve shared challenges”.
What are PETs and why are they positioned to change the way government entities leverage data?
At its core, PETs are a family of technologies that enhance, preserve, and enable the secure and private usage of data. The category includes technologies such as homomorphic encryption, secure multiparty computation, and trusted execution environments. They protect data while it’s being used or processed, complementing existing mechanisms implemented to protect data in transit and at rest. By closing off this final segment of the data triad, PETs expand how data can be used for public sector purposes.
To help showcase the power of PETs, here are three ways this category of technologies is transforming government data usage today.
Cross-silo collaboration
While governments may hold large amounts of data, it does not necessarily mean that the data can be used at will. In some ways, having too much data spread across a number of silos is as big of a challenge as not having enough — it’s the needle in the haystack problem: how can users leverage the right data, at the right time, in a manner that respects both the privacy and security needs of the underlying data and the requesting party?
While it may sound convenient, there are many pitfalls associated with keeping all an organisation’s data pooled in one location so a data usage strategy that requires moving or replicating the data to a central database is generally a non-starter. PETs protect a user’s interaction with the data (think performing a search or analytic), allowing data to be securely used in ways that were not previously possible. Imagine an analyst needs to find information on a specific, sensitive person of interest from border crossing data held by another government agency. Using a PETs-enabled encrypted search, the analyst can extract information from that dataset without revealing who they are looking for or having to move the data from its original location.
Leveraging third-party data
The best sources of data increasingly come from outside an organisation’s walls. However, the sensitivities of many use cases can make it challenging to use data from third-party sources. In order to extract insights, users may first be required to move all or a portion of the data to their trusted networks, a feat that is rarely feasible because data owners are unwilling to forfeit control. This means that users may find themselves stuck between using sub-par data sources or potentially compromising their interest in the data. PETs allow organisations to take advantage of third-party data holdings without exposing sensitive areas of interest. By protecting a user’s interests or intent, PETs allow this type of ‘untrusted’ data to be used for public sector purposes while it remains in the third-party environment, creating a bridge by protecting the interests of both parties.
Public-private data sharing
There are numerous situations where the ability to share data between public and private entities would improve outcomes. Yet such efforts are frequently hampered by an inability to securely collaborate in a way that respects the needs of both parties. For example, when combating global anti-money laundering efforts, the ability to share sensitive information about known criminal activity could help more quickly identify perpetrators and stop future efforts. Using PETs, a government entity could encrypt a watchlist and allow banks to securely search onboarding customers to see if any activity has been flagged. Because PETs allow that search to be processed while encrypted, customer privacy is maintained and regulations are respected, giving the bank a broader customer without introducing additional risk.
The true potential of privacy enhancing technologies
Privacy enhancing technologies are already changing the way data can be leveraged for business and government use cases today, but we’re only beginning to see the true potential of this transformative category. By providing protections for data while it’s being used, PETs provide new avenues to enable secure data usage while still preserving the privacy and security of sensitive data assets. They overcome existing barriers to unlock data value and enhance government use cases in ways that were not previously possible.
This work was written and provided by Ellison Anne Williams, CEO and Founder at Enveil.