Protecting Privacy in Practice
Total Page:16
File Type:pdf, Size:1020Kb
Protecting privacy in practice The current use, development and limits of Privacy Enhancing Technologies in data analysis Protecting privacy in practice: The current use, development and limits of Privacy Enhancing Technologies in data analysis Issued: March 2019 DES5759 ISBN: 978-1-78252-390-1 The text of this work is licensed under the terms of the Creative Commons Attribution License which permits unrestricted use, provided the original author and source are credited. The license is available at: creativecommons.org/licenses/by/4.0 Images are not covered by this license. This report can be viewed online at: royalsociety.org/topics-policy/projects/privacy- enhancing-technologies Cover image © from2015. CONTENTS Contents Foreword 4 Executive summary 5 Recommendations 6 Summary table 8 Introduction 10 Background – previous Royal Society reports 10 Purpose 11 Target audience 11 Scope 11 Methodology 13 Key terms and definitions 13 Chapter one – Data sensitivity and protections: what are the issues at stake? 17 1.1 Data sensitivity 18 1.2 Privacy risks and the data analysis pipeline 19 1.3 The legal context for data processing: personal data and the GDPR 22 Chapter two – PETs today: capabilities and limitations 25 2.1 PETs and privacy-preserving data analysis 26 2.2 Example PETs, capabilities and limitations 31 2.3 Privacy in practice – Privacy-preserving machine learning 48 Chapter three – The road to adoption 53 3.1 Further research and development 54 3.2 Awareness raising and quality assurance 55 3.3 Adoption within a wider business framework 56 3.4 Consider the wider markets 57 Appendix 59 Index of case studies 60 Working Group members 60 Royal Society staff 61 Reviewers 62 Workshop participants 63 PROtectinG PRIVacY in PRactice 3 FOREWORD Foreword This report comes in the midst of a period here do not achieve their promise in the of rapid developments in the collection, near term, or that the costs of adoption analysis and use of data. We are becoming prove prohibitive, or that other technologies ever more aware of the social, research not explored in depth might leapfrog and business benefits of accessing and them. However, our aim here is to help using the data generated through everyday raise awareness of the potential of these activities. We need to ensure that when such technologies so that we can inspire further data is collected and used it is done so for research into their development, spurred by Image good reasons, in a well-governed way and identifying the opportunities where they can Professor Alison Noble FREng FRS, Chair, Privacy so that sensitive personal data or valuable be put into practice. We also aim to highlight Enhancing Technologies commercial data is adequately protected. their practical and technical limitations and to Working Group. note that there is no technology that replaces Privacy Enhancing Technologies (PETs) offer the need for good governance and proper an avenue for enabling that well-governed business practice relating to the use of data. access. The evolving role of PETs is in ensuring that, when we have good reasons We hope that this report adds to the lively and the legal and ethical grounds to access debate on the topic of data use and data and use data, we can do so while protecting governance, and complements other work that data and the individuals and organisations assessing the technological readiness levels it relates to. We aim in this report to explore of PETs. Our aim is that it will be an important that role and bring it to the attention of those part of conversations between researchers, who hold, analyse and use data. government and industry on the future use cases for PETs that can both drive research The field of PETs development is likewise forward and enable everyone to access social moving quickly, and this report captures a benefits from data. moment in time where the technologies are maturing and opportunities to use these Professor Alison Noble FREng FRS technologies are beginning to emerge. It may Chair, Privacy Enhancing Technologies be that some of the technologies surveyed Working Group 4 PROtectinG PRIVacY in PRactice EXECUTIVE SUMMARY Executive summary The scale and rate at which data is collected, unanswered questions: What are concrete used and analysed is rapidly increasing, offering trade-offs in real-world applications? How significant new and developing benefits to mature are different PETs? What opportunities society and the economy. However, realising do they present and what are their the full potential of large-scale data analysis limitations? How can government and industry may be constrained by important legal, accelerate their uptake and make the most reputational, political, business and competition of their potential? concerns. These concerns arise because the use of data creates a set of social and ethical This report provides a high-level overview tensions and risks: in particular there is a of current PETs, and the roles that they can balancing act between realising the benefits play, in order to inform applied data science of data analysis versus protecting sensitive research and government departments’ data and the interests of the individuals and digital strategies as well as those of business. organisations it relates to. The failure to It also considers how PETs sit within wider adequately address privacy risks may damage governance frameworks that are intended to trust and limit the realisation of the benefits that enable the beneficial use of data in an ethical can be delivered by data-enabled technologies. and well-governed way. Certain risks can potentially be mitigated and This report also aims to prompt reflection about managed with a set of emerging technologies the use of technology in governance and to and approaches often collectively referred to encourage regulators to consider new ways as ‘Privacy Enhancing Technologies’ (PETs). to approach privacy risks, including the use of Whilst cybersecurity is focussed on protecting PETs. To this end, this document provides an data so that other people cannot access evidence base – including a set of case studies it, PETs, in data analysis, are focussing on that capture concrete example uses for each enabling the derivation of useful results from of the five PETs considered in this report – data without giving other people access to and signposts to further resources. all of the data. This nascent but potentially disruptive set of technologies, combined Finally, this report includes recommendations on with changes in wider policy and business how the UK could fully realise the potential of frameworks, could enable significantly PETs and to allow their use on a greater scale. greater sharing and use of data in a privacy- preserving, trustworthy manner. It could The field of PETs development is moving create new opportunities to use datasets quickly. This report looks at five interrelated without creating unacceptable risks. It also and heterogeneous approaches within a offers great potential to reshape the data broad field and there is no intention to suggest economy, and to change, in particular, the trust that these particular technologies will develop relationships between citizens, governments earlier or get more uptake than others. and companies. However, this report is intended to raise awareness of the potential of this diverse field The field of PETs is rapidly evolving. However, of technologies and approaches and ways that currently, many of the most promising tools, they could be applied, in order to encourage whilst having a rich research heritage, are further research into their development and to relatively new to real-world applications. As inform future policy conversations about the such there remain a number of important development and use of PETs. PROtectinG PRIVacY in PRactice 5 RECOMMENDATIONS Recommendations RECOMMendatiON 1 RECOMMendatiON 2 Accelerate the research and Promote the development of an development of PETs. innovation ecosystem. Funders, government, industry and the third UK Research and Innovation (UKRI) have a sector can work together to articulate and role in encouraging data-handling companies support the development of cross-sector to engage with the start-ups and scale-ups research challenges, alongside providing developing PETs, to support research and continued support for fundamental research early trials. This will help UK investors and on PETs. businesses realise the extent of the market opportunity for PETs. RECOMMendatiON 5 RECOMMendatiON 6 Give public sector organisations Create the skilled workforce the level of expertise and needed to develop and assurance they need to implement PETs. implement new technological Funding should be made available so that the applications, enable a centralised capacity to train UK PhD and Master students approach to due diligence, and in cryptography, statistics, systems engineering and software development increases with the assure quality across the board. level of demand for well-trained, high-calibre The National Cyber Security Centre should act candidates. This could be an outcome of the as a source of advice and guidance on the use National Cyber Security Programme and the of suitably mature PETs, as part of a network cybersecurity centres of excellence scheme of expert organisations. Such a network of by the Engineering and Physical Sciences expertise would support the development and Research Council. Universities should evolution of best practices and also provide consider adding privacy engineering to the access to advice on specific cases of data use curriculum of software engineering and data or sharing. Ultimately, this could also serve as a science courses, treating the need to protect point of engagement for academics and industry data as core knowledge in data analysis. bodies working in the space and provide a portal from which private sector organisations interested in learning about PETs could access information on existing case studies. 6 PROtectinG PRIVacY in PRactice RECOMMENDATIONS RECOMMendatiON 3 RECOMMendatiON 4 Drive the development and Support organisations to become adoption of PETs.