Did you know the toughest nut to crack is the macadamia nut? It takes 300 PSI to break its outer shell. When they first began to harvest them for production, the farmers would drive trucks over them to open them. Once the outer shell was gone, they were left with the delicious, buttery flavoured kernel. Sometimes it takes extraordinary measures to get the nugget of information you want. With regulations on data, whether governmentally imposed or proprietarily restricted, it can be hard to access the data. Sharemind can help remove that outer layer, so that data owners and researchers can access more data, all while keeping secrets secret.
If we want to use data to expand research or improve decision making, it can be beneficial to use data beyond open data. Often, there are barriers to using personal or sensitive personal data, which can inhibit analysis capabilities. To gain value from this confidential or sensitive data, one must be able to securely access the data for analysis.
Personal Data According to GDPR
A specific kind of data with its special challenges is personal data, anything that can identify a person such as a person’s name, residence, or place of work. Sensitive personal data is purposefully defined by the current regulations. According to the incoming EU General Data Protection Regulation (GDPR) that will take effect May 2018, this includes information about someone’s personal life like, ethnicity, religious beliefs, health or disability information, trade affiliations, biometric and genomic data.
What if we could also unlock personal data and analyse it safely to help make better decisions? One example is a recent social study by The Estonian Center for Applied Research (CentAR). The study concerned the outcomes of a legislative change regarding students with special educational needs. Sharemind was utilised to process the educational and tax records of students who graduated after the legislation took effect to compare the employment rate of SEN students graduating from general schools versus special needs schools. By using Sharemind, CentAR ensured the data was encrypted and was never decrypted during analysis; thus, protecting the privacy of the data subjects.
When using data for decision making, it is best to use an application that includes built-in mechanisms to protect personal data. “Using privacy-preserving technologies such as Sharemind processes the data while it remains encrypted – nobody sees more than mere white noise,” explains Cybernetica’s security engineer Dr. Riivo Talviste.
Sharemind's secure multiparty computation technology enabled CentAR to make recommendations to the various stakeholders based on the information that was only released due to data being kept encrypted during the data analysis. This was the second study in the education sector, which is crucial for every economy covering the whole population data from administrative data sources.
Innovative Data Analysis
“It was exciting to innovate and further improve the privacy preserving data analysis process together with data owners Tax and Customs Board, Ministry of Education and Science and the Estonian Data Protection Inspectorate. We proposed a novel way for linking sample data in Sharemind, that further minimizes personal data processing,” said Baldur Kubo, project manager. Whether processing the educational information of students or rooting out tax fraud, Sharemind assures privacy by design, by keeping the data anonymous during all phases of data analysis.
“We are very thankful to the data owners, Tax and Customs Board, Ministry of Education and Science for their participation in the study as Sharemind hosts, to the Estonian Data Protection Inspectorate for the consultations and to the public cloud service provider Zone for hosting a Sharemind server and sponsoring the study,” stated Kubo.
Create Value, Protect Privacy
To open data correctly and not lose the value while protecting privacy takes a special tool. Just as over time, better machines have been built to open the macadamia nuts and create a thriving industry, we have built a secure multiparty computation solution to help securely analyse your sensitive data, while preserving the fruit of that data. “Privacy-preserving technologies thus enable us to gain valuable data-based insight while remaining lawful and respectful towards personal data,” said Dr. Talviste.