UN launches new guide on Privacy-Enhancing Technologies today
On February 9th, the United Nations Big Data Task Team marked the launch of their new privacy guide — The UN Guide on Privacy Enhancing-Technologies (PETs) for Official Statistics.
The latest guide explores the role of emerging PETs in opening a pathway to better access to data, and raises the ethical challenge: how can we guarantee privacy protection of personal data while still ensuring its utility?
Key aspects of the report
The first chapters of the report demonstrate how PETs, as pioneers of various methodologies and approaches, are gaining a foothold in real-world applications. Synthetic data, homomorphic encryption, secure multiparty computation, differential privacy, federated learning, zero knowledge proof and trusted execution environments namely secure enclaves are all privacy technologies that mitigate privacy risks when using sensitive data and as such are further analysed in the context of the age-old privacy-utility tradeoff.
The report’s comprehensive review of each privacy technology (see chapter 2) serves as an invaluable resource for NSO professionals.
For example, synthetic data was divided as:
- Problem definition: An output privacy technique that mimics a sensitive dataset sharing similar statistical properties, without revealing information on individuals from the underlying set.
- Example use case(s) taken from an NSO domain: The Office for National Statistics in the UK has used synthetic data for applications such as public releases, by synthesising its UK Annual Business Survey, and for the testing of Covid-19 transmissions through synthesised version of mobile phone data.
- Overview: Further explores the “model-based approach”, which is using a machine learning model to generate brand new records in synthetic data.
- History: Analyses how synthetic data has influenced modern approaches to data imputation, data masking and other statistical data disclosure control approaches.
- Security model: Discusses the limits and learning capacities of models in synthetic data.
- Costs of using the technology: Provides insight into how the choice of the learning objectives in the model that generates data is always a tradeoff — high utility for one objective typically coming at the cost of lower utility for another.
The next section of the report assesses the practical implications of PETs for privacy-preserving applications, and is especially insightful for users in making informed choices on how to leverage different combinations of these technologies.
As organisations prioritise safe collaboration without having to share data with one another, the report brings to the forefront secure enclaves as a valuable tool for preserving privacy and integrity in such exchanges.
Striving to be the reliable intermediary, secure enclaves mimic the behaviour of a trusted third party by attesting the functionality performed by hardware or a cloud provider. The report evaluates secure enclaves in a variety of different contexts — discussing its flexibility as a solution to scope creep, the ability to seamlessly deploy output privacy techniques, and now their widespread support on all major cloud providers.
The PET Guide’s Case Studies
Through fifteen detailed case studies, the report reveals how a diverse range of use cases in different sectors are being enabled by PETs and collaborative efforts between government organisations, private sector entities, and multiple National Statistical Offices. Additionally, three implementations have been deployed to production environments — demonstrating real world success through the application of privacy technologies.
Case Study 1: Boston Women’s Workforce Council: Measuring Salary Disparity Using Secure Multi-Party Computation
Case Study 2: European Statistical System: Developing Trusted Smart Surveys
Case Study 3: Eurostat: Processing of Longitudinal Mobile Network Operator Data
Case Study 4: Indonesia Ministry of Tourism: Confidentially Sharing Datasets between two Mobile Network Operators via a Trusted Execution Environment
Case Study 5: Italian National Institute of Statistics and Bank of Italy: Enriching Data Analysis Using Privacy-Preserving Record Linkage
Case Study 6: Office for National Statistics: Trialling the Use of Synthetic Data at the United Kingdom’s National Statistics Institute
Case Study 7: Samsung SDS (Korea): Privacy-Preserving Data Aggregation System
Case Study 8: Statistics Canada: Measuring The Coverage of a Data Source Using a Private Set Intersection
Case Study 9: Statistics Canada: Training a Machine Learning Model for Private Text Classification Using Leveled Homomorphic Encryption
Case Study 10: Statistics Canada: Trialling the Use of Synthetic Data
Case Study 11: Statistics Korea: Developing a Privacy-Preserving Statistical Data Hub Platform
Case Study 12: Statistics Netherlands: Developing Privacy-Preserving Cardiovascular Risk Prediction Models from Distributed Clinical and Socioeconomic data.
Case Study 13: Statistics Netherlands: Measuring Effectiveness of an EHealth Solution Using Private Set Intersection
Case Study 14: Twitter and Openmined: Advancing Third-Party Audits and Research Reproducibility Over Unreleased Digital Assets
Case Study 15: United Nations Economic Commission for Europe: Trialling Approaches to Privacy-Preserving Federated Machine Learning
Case Study 16: United Nations PET Lab: International Trade
Case Study 17: United States Census Bureau: Deploying a Differentially Private Disclosure Avoidance System for the 2020 US Census
Case Study 18: United States Department of Education: Analysing Student Financial Aid Data Using Privacy-Preserving Record Linkage
While the implementation of PETs into the current data economy is of course an exciting development, it has not been without its challenges.
The report finally acknowledges the uncertain legal environment as regulations and guidance struggle to keep up with the rapidly developing advancements in these technologies — it’s clear that a unified effort is needed if we wish to make full use of PETs.
