Planning for privacy and confidentiality
Conference
64th ISI World Statistics Congress
Format: IPS Paper
Keywords: cloud, confidentiality, privacy
Session: IPS 351 - New technologies for privacy and transparency in production of official statistics
Wednesday 19 July 2 p.m. - 3:40 p.m. (Canada/Eastern)
Abstract
Modern data sources, e.g. mobile location, retail, financial transactions data, created by the population living their daily lives, provide opportunities for fast and accurate official statistics. Such secondary use of data could provide population, tourism, economic statistics on country or regional level while reducing response burden of primary sources of statistical information.
But would it be feasible financially and security wise, to fit all that data into a national statistics organization?
Cloud services offer a way to create economic data processing pipelines, be they private clouds offered by a governmental organization or public clouds by private sector.
But how could the data owners and citizens be sure, that all the data is secure and the principles of data protection legislation: data minimization, confidentiality, privacy, transparency and avoidance of misuse are kept, when they give away the control of their data?
Based on the project done by Eurostat and Cybernetica we will discuss how privacy enhancing technologies like secure multiparty computation, trusted execution environments and homomorphic encryption provide statistical offices the ability to plan efficient production processes capable of analysing the volumes of new data sources while providing technical guarantees and cryptographic proofs to data owners, data subjects and data protection agencies.
We will discuss how the stakeholders can work together to notice the threats to data and how to mitigate the risks with technical controls, even when data is being processed outside the organization.