KRAKEN: Overcoming the challenge of privacy in data marketplaces with MPC
Head of Partnerships at TX
Data marketplaces have the potential to foster new data-driven applications and help grow data-driven businesses. However deploying such markets in compliance with data protection regulations such as the European Union’s General Data Protection Regulation (GDPR) poses significant challenges for marketplaces that aim to provide access to personal or privacy-sensitive data.
Health data is one such example of highly sensitive personal data. It is a vital component in the provision of national health care services, and wider access at a European or even global level is crucial in the fight against cross-border health threats such as the current COVID-19 pandemic. Governments want healthier populations and less strain on health care infrastructure whilst citizens want to ensure their health and that of their loved ones. But citizens also want to maintain their privacy and be sure their data is not subject to data breaches or leakages, and that organizations accessing their data cannot use it to target or discriminate against them.
MPC enables privacy-preserving computation on encrypted and secured datasets
In the EU Horizon 2020 funded KRAKEN project, in collaboration with our consortium partners we are tackling these challenges head on. We’re developing a GDPR compliant personal data marketplace that integrates with a secure Multi Party Computation (MPC) network to allow interested parties within the biomedical sector to perform distributed and privacy-preserving analytics on data. This means that interested parties that meet a data provider’s eligibility criteria for access will be able to perform analytics or computation on datasets without any sensitive personal data about the data subjects being revealed to them.
Imagine a scenario of several European hospitals each hosting MPC nodes on their local servers. They would be able to set their preferences with regards to the types of organisations having access to perform analytics on their data sets and make them discoverable to interested and eligible organisations via the marketplace User Interface. An eligible organisation such as a pharmaceutical company could pay to perform privacy preserving analytics on multiple hospital data sets either via a license which enables them to run unlimited queries on the data for a specified period of time or via a pay-per-query model.
Such an approach would open up access to widely dispersed and siloed health data for analysis, whilst ensuring that data providers don’t need to worry that their sensitive data is being exposed to any third party.
For a more in-depth look at the concept, check out the paper written by TX – Tomorrow Explored’s Donato Pellegrino and our consortium partners at Graz University of Technology and AIT Austrian Institute of Technology.
You can download the research paper entitled “Privacy-preserving Analytics for Data Markets using MPC” from the arXiv.org service for free with the following link. The paper was written by Karl Koch, Stephan Krenn, Donato Pellegrino and Sebastian Ramacher.
Drop us a message to discuss your project
We’ll get back to you as soon as possible.