Tools for Organizations in a Rapidly Evolving Data Privacy Landscape
Privacy-enhancing and secure computation technologies are ready today to transform your workflows and services.
By building and deploying web services or data analysis workflows that employ emerging privacy-enhancing and secure computation technologies such as secure multi-party computation (MPC), organizations can provide new services, identify and leverage new business opportunities, reduce risks and costs for both themselves and their customers, and comply with evolving regulations. MPC is already being incorporated into some industry, government, and nonprofit software solutions and workflows. But leveraging its advantages to address an organization’s data privacy challenges requires an understanding of how its features can satisfy technical, business, and legal constraints. Keep reading for an introduction to MPC and its security and privacy advantages, some context around MPC and related cryptographic techniques, and an overview of scenarios and challenges for which MPC is ready today.
Understanding MPC and its Security and Privacy Advantages
MPC is a family of cryptographic techniques that allows organizations and individuals to enjoy the benefits of web-based services and data analysis workflows while mitigating or removing the risks normally associated with providing or sharing the data that those services and workflows require. Thus, MPC can reduce costs associated with existing workflows and can enable new opportunities in scenarios in which data sharing is encumbered or restricted due to the security and privacy concerns of individuals, policies maintained by companies and other organizations, and legal constraints and regulations.
In traditional services and workflows that require computation over sensitive or private data that may be encrypted at rest, it is usually necessary to decrypt that data at some location and for some period of time. This is done so that existing computational tools can be applied to it (e.g., within a data clean room that is set up temporarily so that two organizations can run analyses on their joint datasets inside it). The result of the computation might then be encrypted again before it leaves the location where the computation took place. MPC removes the requirement that sensitive or private data must be decrypted in such scenarios. This means that the risks, liabilities, and costs associated with protecting the data while it is in a decrypted form can be reduced or eliminated.
How is computation over encrypted data possible? That depends on the choice of MPC technique. However, there are some common characteristics:
First, at least two distinct parties must be involved (this is usually already the case in almost all interesting applications).
Second, these parties must have the ability to generate random numbers privately (i.e., the process they use to generate the random numbers cannot be observed or influenced by other parties), which allows them to encrypt any form of data by separating it into constituent parts that appear random on their own (for the curious, this is equivalent to the one-time pad, which is an encryption technique that provides information-theoretic security).
Third, these parties should be incentivized not to simply share or publish the random values they create or exchange as part of a secure computation process (e.g., because of legal or economic incentives, contractual obligations, regulations, and so on).
These conditions are sufficient to allow any service or workflow to operate on encrypted data, and a variety of MPC techniques exist (each representing various trade-offs between performance and other factors) that rely on such an exchange of information that appears random to participants.
MPC in the Context of Related Privacy-Enhancing Techniques
Many related cryptographic techniques, including both those that have been ubiquitous for decades and those that are as novel as MPC, can be integrated with MPC. Traditional techniques such as symmetric and public-key cryptography can be leveraged to ease the burden of deploying MPC and thus to accommodate a broader range of scenarios, as has been demonstrated in multiple real-world use cases.
But MPC can also be combined with other emerging techniques that provide complementary but orthogonal advantages, such as differential privacy (DP) and blockchain:
DP techniques that protect individual records within a dataset while still allowing aggregate analyses over that dataset to be computed and shared. An MPC implementation of a DP workflow can protect all input and intermediate data within a computation (thanks to MPC), and anything the output implies about individual records in the original inputs (thanks to DP).
A range of blockchain techniques allow individuals and organizations to collectively maintain a distributed ledger that is verifiable and cannot be modified. If a scenario requires both (1) the ability to store and compute over encrypted data and (2) permanent storage and/or verifiability of encrypted data, it may make sense to combine the two technologies.
It is worth noting that the performance overheads and costs of MPC and other secure computation technologies almost always exceed those of traditional, non-secure solutions. When combining these technologies, their respective overheads and costs may be cumulative.
Contemporary Challenges and the Opportunities of MPC
Today, organizations operating in a broad range of domains (health, finance, education, government, and so on) face a number of existing and emerging challenges as they create and execute workflows within their own organizations and across their partners and customers: reducing the costs and liabilities of inter-organizational data exchange, protecting customer privacy, adhering to regulatory requirements, and others. MPC can help these organizations by introducing additional options and flexibilities where they might not otherwise exist.
MPC can act as a less expensive alternative to clean rooms and trusted third parties. It can address a variety of specific use cases involving one or more organizations, helping decision-makers analyze data to answer simple questions (e.g., with “yes” or “no” answers) without first undertaking a burdensome negotiation process that may involve legal expenses, delays, and risks of data exposure or unauthorized data reuse. Example of use cases include:
Partner organizations can evaluate the value or effectiveness of their partnerships, such as calculating conversion rates or identifying response correlations across audience segments and outreach strategies.
Consortia of organizations can create benchmarks using pooled data without sharing any of their constituent datasets.
Industry competitors can run fully confidential surveys across customer populations.
MPC can also have a significant impact on the evolution of consumer-facing web applications. In addition to letting organizations offer customer-facing applications that are privacy-preserving (i.e., allowing customers to enjoy the value of a service while not sharing their data with the service provider), MPC dramatically expands the range of available tools for navigating the rapidly evolving landscape of data protection and privacy regulations. For example, the General Data Protection Regulation (GDPR) within the European Union and the California Consumer Privacy Act (CCPA) in the US state of California impose requirements on organizations that collect or process personal data of individuals.
The key takeaway is that MPC can allow organizations to transform their workflows and services to operate only on encrypted, pseudonymized, or de-identified data while retaining some or all of the utility of those services and workflows. Organizations can continue to innovate and offer a wider range of new services to customers while maintaining compliance.
Getting Started with Secure Computation
Nth Party builds and offers products that help organizations introduce MPC into their web services and data analysis workflows. Leveraging its expertise and relying on years of experience developing MPC open-source frameworks, software, and applications that have been proven in real-world deployments, the Nth Party team maintains a rich suite of libraries and tools for quickly assembling MPC solutions to address contemporary privacy and security challenges.
If you would like to see the material in this article covered in greater depth and with more detailed examples, take a look at our recent white paper and check back for upcoming articles that will delve into each of the above topic areas.