By Kush Kanwar & Jay Prakash
In an era where data breaches are rising and privacy is a key concern for the general public, protecting sensitive data is a crucial requirement. Not just a compliance requirement but a fundamental human right, privacy needs to be looked at as a design choice rather than a checklist item.
The goal of this blog is to explore the field of Privacy Enhancing Technologies (PETs) in light of increasing privacy regulations, need for collaboration, and tapping the potential of siloed data.
Also Read “O Canada”– A Distant Dream for International Students? Food systems under Modi 3.0 Apple security alert: Mind your language China stifles its own debate: While Sinophobia is not to be condoned, China does face serious growth challenges
Navigating the regulatory landscape
Countries across the globe have shown a growing interest in establishing regulations that help create certain standards for data protection. Currently, at least 80% of the countries in the world have some sort of legislation implemented, or drafted, for data protection and privacy.
Some of the prominent ones that have been implemented in the recent past include the GDPR in Europe (2018), the CCPA in the US (2020), PIPL in China (2021), and DPDP Act in India (2023).
From the data fiduciaries’ perspective, some prominent emerging themes from these regulations include:
1. A data fiduciary is responsible for protecting user’s data and would be held accountable in case of any incidents of breach or non-compliance [Example – DPDP, India:Chapter II. 8.
2. Data fiduciaries are required to take reasonable technical and organizational security measures to protect customer’s personal information [Example – GDPR, EU: Article 25.1, and PDPA, Singapore Part 6.24.
In light of these challenges, government bodies have begun recommending Privacy Enhancing Technologies (PETs) as a means for data collaboration and privacy. Recent publications include the Information Commissioner’s Office (ICO), UK guide for using PETs and how they can help with data protection regulations, the Hong Kong Monetary Authority (HKMA) recommending usage of PETs for data collaboration use cases such as alternative data credit scoring, and UN Guide on PETs.
Some of these resources discuss how PETs can help organizations meet key principles mentioned in these legislations, such as purpose limitation, data minimisation, completeness, accuracy, consistency, and data erasure & encryption.
Unlocking the true potential of data
Businesses currently are unable to foresee the outcomes and benefits they could expect if the true value of data via collaboration could be properly and securely harnessed. Aiming to meet the bare minimum compliance makes businesses lose out on the value that data which they don’t possess holds.
A report by McKinsey suggests that the economic impact of open data ecosystems on GDP gains could range from 1 to 5 percent, with benefits flowing to financial institutions and consumers.
Some studies below in the financial services sector showcase how organisations leveraging data via collaboration improved their business outcomes:
As it is said, a company’s model and the insights they generate are only as good as the input data. Better the data, richer the outcomes. Therefore to yield better outcomes, collaboration between organisations is paramount to share information with each other, while respecting customer privacy.
Emergence of Privacy Enhancing Technologies (PETs)
While data at rest and during transit has been adequately protected by proper encryption standards, data in use exposes the information to the processing party, and remained a vulnerable aspect in the data journey before the advent of PETs.
As the name suggests, Privacy Enhancing Technologies preserve the privacy of customer data while processing, without compromising on data’s usability. These cryptographic methods are now not only feasible but are revolutionising our approach to data privacy and analysis.
Some of the prominent PETs include confidential computing (hardware-based secure and physically isolated enclave to execute computations) and Multi-Party Computation (allowing joint computation of some function between a set of parties without exposing it to other participants).
Conclusion
PETs are useful in situations requiring collaboration, and in areas where sensitive information. The use cases could span across industries such as finance, healthcare, telecom, etc., including fraud detection and monitoring, open banking and open finance, medical research, decentralised authentication, and many more.
The authors are Business Strategy & Growth Lead and, Founder & CEO at Silence Laboratories.
Disclaimer: Views expressed are personal and do not reflect the official position or policy of Financial Express Online. Reproducing this content without permission is prohibited.
By Kush Kanwar & Jay Prakash
In an era where data breaches are rising and privacy is a key concern for the general public, protecting sensitive data is a crucial requirement. Not just a compliance requirement but a fundamental human right, privacy needs to be looked at as a design choice rather than a checklist item.
The goal of this blog is to explore the field of Privacy Enhancing Technologies (PETs) in light of increasing privacy regulations, need for collaboration, and tapping the potential of siloed data.
Countries across the globe have shown a growing interest in establishing regulations that help create certain standards for data protection. Currently, at least 80% of the countries in the world have some sort of legislation implemented, or drafted, for data protection and privacy.
Some of the prominent ones that have been implemented in the recent past include the GDPR in Europe (2018), the CCPA in the US (2020), PIPL in China (2021), and DPDP Act in India (2023).
From the data fiduciaries’ perspective, some prominent emerging themes from these regulations include:
1. A data fiduciary is responsible for protecting user’s data and would be held accountable in case of any incidents of breach or non-compliance [Example – DPDP, India:Chapter II. 8.
2. Data fiduciaries are required to take reasonable technical and organizational security measures to protect customer’s personal information [Example – GDPR, EU: Article 25.1, and PDPA, Singapore Part 6.24.
In light of these challenges, government bodies have begun recommending Privacy Enhancing Technologies (PETs) as a means for data collaboration and privacy. Recent publications include the Information Commissioner’s Office (ICO), UK guide for using PETs and how they can help with data protection regulations, the Hong Kong Monetary Authority (HKMA) recommending usage of PETs for data collaboration use cases such as alternative data credit scoring, and UN Guide on PETs.
Some of these resources discuss how PETs can help organizations meet key principles mentioned in these legislations, such as purpose limitation, data minimisation, completeness, accuracy, consistency, and data erasure & encryption.
Businesses currently are unable to foresee the outcomes and benefits they could expect if the true value of data via collaboration could be properly and securely harnessed. Aiming to meet the bare minimum compliance makes businesses lose out on the value that data which they don’t possess holds.
A report by McKinsey suggests that the economic impact of open data ecosystems on GDP gains could range from 1 to 5 percent, with benefits flowing to financial institutions and consumers.
Some studies below in the financial services sector showcase how organisations leveraging data via collaboration improved their business outcomes:
As it is said, a company’s model and the insights they generate are only as good as the input data. Better the data, richer the outcomes. Therefore to yield better outcomes, collaboration between organisations is paramount to share information with each other, while respecting customer privacy.
While data at rest and during transit has been adequately protected by proper encryption standards, data in use exposes the information to the processing party, and remained a vulnerable aspect in the data journey before the advent of PETs.
As the name suggests, Privacy Enhancing Technologies preserve the privacy of customer data while processing, without compromising on data’s usability. These cryptographic methods are now not only feasible but are revolutionising our approach to data privacy and analysis.
Some of the prominent PETs include confidential computing (hardware-based secure and physically isolated enclave to execute computations) and Multi-Party Computation (allowing joint computation of some function between a set of parties without exposing it to other participants).
PETs are useful in situations requiring collaboration, and in areas where sensitive information. The use cases could span across industries such as finance, healthcare, telecom, etc., including fraud detection and monitoring, open banking and open finance, medical research, decentralised authentication, and many more.
The authors are Business Strategy & Growth Lead and, Founder & CEO at Silence Laboratories.
Disclaimer: Views expressed are personal and do not reflect the official position or policy of Financial Express Online. Reproducing this content without permission is prohibited.
Get live Share Market updates, Stock Market Quotes, and the latest India News and business news on Financial Express. Download the Financial Express App for the latest finance news.
login
who are we?
contact us
qosheapp
Toi Staff
Gideon Levy
Belen Fernandez
Rami G Khouri
Mort Laitner
Donald Low
Ali Fathollah-Nejad
Nikkei Editorial
visit website
