Schrems II banner image

The Private Solution to the Schrems II Decision Turmoil

By Riddhiman Das

TripleBlind’s proprietary data privacy toolset facilitates aggregation and analysis of data, without exposing the data. It is a perfect solution for companies struggling to replicate the processes that were previously allowed under the Privacy Shield. TripleBlind’s technology allows entities to observe GDPR regulation, and achieve their business objectives regardless of where they or their analysis is located.

According to a recent spate of articles, on July 16th a court decision by the Court of Justice of the European Union invalidated the widely used EU-US data-transfer agreement known as Privacy Shield. In what has been termed the “Schrems II” decision, the EU’s top court ruled the Privacy Shield agreement was not valid. According to the Computer & Communications Industry Association, this decision will cause “uncertainty for the thousands of large and small companies on both sides of the Atlantic that rely on Privacy Shield for their daily commercial data transfers” (Alexandre Roure, senior manager of public policy at the Computer & Communications Industry Association in the Wall Street Journal1). According to CCIA estimates, as many as 5,000 company’s operations could be adversely impacted.

Fortunately for many of these 5,000 companies, TripleBlind’s proprietary data privacy toolset satisfies the requirement to both keep data private, and allow accumulated analysis of that private data. This toolset supports several features that enable companies to do the types of analysis required, while maintaining data privacy:

  • Original, raw data never moves from behind the originators firewall.
  • The original data is de-identified and encrypted as the first step in the “Blind Analysis Pipeline”. Once the encrypted object is produced, it is only consulted for analysis purposes.
  • TripleBlind’s proprietary process for encrypted data aggregation, based on research from MIT, allows multiple data sources to be privately aggregated for multi-jurisdiction/global analysis.
  • TripleBlind’s toolset supports the operation of any mathematical function on the encrypted data. The mathematical function can be encrypted to varying levels of security, based on user need.
  • TripleBlind’s toolset comes with certain sophisticated analysis capabilities “built in” – AI/Deep Learning/ML/Statistical approaches to data analysis, model training and inference are all supported “out of the box”.
  • Finally, TripleBlind’s toolset offers robust digital rights management functions combined with detailed audit capabilities. Data and algorithm owners have specific control over who gets access to their object, when, where, and under what conditions. Each access is recorded and can be recalled if necessary.

Next Generation Cryptography Toolset

Allows manipulation of private data without exposing any of the details.

Supports all statistical & deep learning training + prediction capabilities.

Algorithm encryption allows licensing without exposing intellectual property.

Private data pipeline diagram

TripleBlind Privacy Suite

Variety of privacy oriented cryptographic, deep learning and statistical primitives to deliver the Blind Analysis Pipeline.

Cloud Native, yet Cloud Agnostic!

No hardware dependency

REFERENCE:

  1. Wall Street Journal: EU’s Top Court Restricts Personal-Data Transfers to U.S., Citing Surveillance Concerns