Sharing Data And Obliterating Privacy Are Not Synonymous

Sharing Data And Obliterating Privacy Are Not Synonymous

by

“Technology can completely obliterate privacy. Coming up with laws and policies to stop it from doing so is a vital task for governments,” begins this article from MIT Technology Review. TripleBlind has a different and rosier prediction for the future of privacy, read on!  Privacy-enhancing technologies (PET) make it possible to collaborate with and analyze real data that has been de-identified, without the data ever leaving the owner’s firewall. Essentially, PET makes data collaboration possible without compromising individual privacy.

The MIT article discusses how some corporations are leveraging consumer data in new ways to target people for ads. Traditionally, marketers have focused on consumer behavior by household, sometimes down to the individual level within a household and then tailoring ad and promotion strategies accordingly. Today, they are supplementing this strategy by targeting based on consumer behaviors.  Frequent store purchase (FSP) data can inform marketers who, for example, visit coffee shops regularly and target ads and promotions to them in a more accurate and personal way.

The MIT article highlights the complexity involved for governments writing privacy legislation. Legislators need to understand and address how data-driven business choices can harm society as a whole, especially with regard to consumer markets and decision making. For example, enterprises like Amazon might use consumer behavioral data to create a new line of products, such as shoes or camera bags. Initially, that undercuts other shoe and camera bag manufacturers who are now sidelined by Amazon –– which makes sense, when Amazon holds a competitive advantage by aggregating and using consumer data  However, this long-term strategy ultimately harms individual consumers by removing product choices previously available in the open and equitable marketplace.

While there are a number of data privacy laws protecting consumer data for some industries, states and marginalized groups, there is still no comprehensive federal privacy law that widely protects consumers from corporations using their data unknowingly. Antidiscrimination laws protect some consumers of particular genders, ages, ethnicities or sexual orientations from being targeted on the basis of those identities, but there is no regulation on algorithms sorting and targeting consumers based on other behaviors or identities. Our recent webinar discusses how biases happen in big data, how data biases can harm marginalized groups  and how to overcome big data biases.

Martin Tisne offers this analogy in MIT’s article: 

“People have a right to safe drinking water, but they aren’t urged to exercise that right by checking the quality of the water with a pipette every time they have a drink at the tap. Instead, regulatory agencies act on everyone’s behalf to ensure that all our water is safe. The same must be done for digital privacy: it isn’t something the average user is, or should be expected to be, personally competent to protect.”

While there is no question that the privacy of everyone’s personal data should be protected, legislation is just one of many mechanisms to protect consumer rights. Private-sector solutions ensure that privacy isn’t obliterated by offering a combination of techniques to guarantee sensitive data is never exposed, only used for authorized purposes, and never stored beyond its intended use. Enterprises can unlock the intellectual property value of data, while ensuring compliance with new and changing privacy regulations, by employing privacy-enhancing technology (PET) during collaboration. It’s a win-win for governments, corporations and consumers alike.

It’s important to note that not all PET solutions are alike. Some center around homomorphic encryption or federated learning, while others use a combination of privacy-enhancing techniques. The good news? There’s a straightforward set of requirements CDOs in most industries should expect from any PET solution:

  • The solution should include one-way algorithm encryption, so that any data or algorithm can never be decrypted by its user,
  • It should not degrade the organization’s hardware compute performance,
  • Data should always remain behind the data owner’s firewall to enforce HIPAA, GDPR and other data privacy and data residency standards,
  • Data users should only be able to perform operations specifically approved by the data owner,
  • Data should never be degraded or inaccurate,
  • The data user should only work with real data, not artificial datasets designed to de-identify the data,
  • The solution should be software only so data is not exposed to any potential hardware vulnerabilities.

 

TripleBlind’s innovations radically improve the practical use of PET even further by adding true scalability and faster processing. Gartner, Omdia, MITRE Engenuity and Constellation Research all recently evaluated how the TripleBlind solution compares to other PETs. Gartner also recently named TripleBlind as a Cool Vendor.

To learn more about how businesses can leverage sensitive data for growth while protecting privacy and ensuring compliance with data regulations, contact us today.