Uses and application of Privacy Enhancing Technologies

privacy enhancing technology europena commission

Privacy Enhancing Technologies, also known as PETs, encompass a diverse range of tools aimed at maximizing the protection of individuals’ privacy. According to the European Union Agency for Cybersecurity (ENISA), PETs are defined as[1] “software and hardware solutions, i.e. systems encompassing technical processes, methods or knowledge to achieve specific privacy or data protection functionality or to protect against risks of privacy of an individual or a group of natural persons.”

Privacy Enhancing Technologies represent the opportunity for extracting valuable insights from sensitive datasets

While the ENISA definition is quite broad, modern PETs offer concrete and advanced features, such as the ability to perform computations while preserving privacy. By carefully selecting PETs, it becomes possible to extract valuable insights from sensitive datasets that would otherwise be too confidential to share. In the context of the TRUMPET project and federated learning, PETs play a crucial role in obtaining useful insights from separate federated medical datasets without compromising the privacy of individuals within the data.

However, effectively incorporating and combining PETs in a federated environment is not as straightforward as it may initially seem, as important tradeoffs emerge when applying these technologies in practice. PETs often introduce additional overhead compared to their unprotected counterparts, resulting in slower and more resource-intensive dataset analysis, as well as a potential reduction in data utility.

Some prominent PET tools include Secure Multiparty Computation (SMPC) and Homomorphic Encryption (HE), both of which offer robust privacy guarantees and enable computation on protected data but come with significant communication and computation overhead. On the other hand, Differential Privacy (DP) tools protect data by adding an appropriate level of noise, but this can lead to less accurate results.

The TRUMPET project aims to explore and leverage these and other PET tools[2] to develop a Federated AI platform that provides strong privacy guarantees for medical researchers.

 

 

 

[1] See https://ico.org.uk/media/about-the-ico/consultations/4021464/chapter-5-anonymisation-pets.pdf.

[2] “Introducing the TRUMPET project: TRUstworthy Multi-site Privacy Enhancing Technologies.” IEEE CSR Cyber Security and Resilience, 2P-DPA, 2023. See https://trumpetproject.eu/wp-content/uploads/2023/05/TRUMPET-paper.pdf.