When it comes to data sharing, privacy and its preservation are often times most future-relevant topics. Therefore, the third and last session of the collaborative webinar series of the TRUSTS together with Safe-DEED took place on 21 April exactly on that topic.
Ioannis Markopoulos, (Forthnet, TRUSTS & Safe-DEED) and Alexandros Bampoulidis (RSA FG, TRUSTS & Safe-DEED) talked about privacy risks and GDPR roles. Lukas Helminger (KNOW Center GmbH, TRUSTS & Safe-DEED) shared insights and practical aspects from an end user perspective.
Personal data is contains information about individuals. Such data is used for example within marketing and advertisement. But the collected information might be private and sensitive. Therefore, the EU installed the GDPR to protect this specific form of data.
As a regulation, the GDPR is directly applicable across the EU. A horizontal legislation applies to all sectors and activities involving the management of personal data. The GDPR empowers individuals by enhancing their control over their personal data and by allocating significant responsibilities to the entities managing such data, namely, data controllers and data processors.
The data controller determines the purposes for which and the means by which personal data is processed. So, if your company or organisation decides ‘why’ and ‘how’ the personal data should be processed it is the data controller who is responsible for protecting the individuals‘ privacy. The data processor handles personal data only on behalf of the controller. The data processor is usually a third party external to the company.
Privacy risks and how to avoid them
To protect the privacy of an individual and to prevent the disclosure of sensitive data, the anonymization of this data is very important.
Privacy Risks exists in different kind of data. In 2006, AOL released their search log to the public for research purposes. These search logs contained the complete search history of the users and the documents they clicked. So it was possible to identify individuals. Another privacy problem are location data. A study showed that four points of location and time are enough to identify an individual.
To mitigate those privacy risks the data needs to conform to privacy models. To conform to these models the dataset must be distorted. How? For example in distorting the values of the data set and sharing it. Another possibility is to not share the raw data but to allow it to be queried by outsiders and distored the responses.
Privacy Preservation from a practical angle
Lukas Helminger from Know Center GmbH explained new business opportunities through multi-party computation (short: MPC), its aims and issues. One example of a MPC protocol is the effectiveness of a joint marketing campaign (for more information take a look at the presentation and the recording).
Finally, Lukas Helminger showed a demonstrator about privately intersecting customer data sets between companies (PSI), which was developed in Safe-DEED and will be further developed by TRUSTS (more about the Safe-DEED Personal Data Demonstrator).
Do not miss the next webinar on Business Aspects of Data Markets, 10 May 2021, 11am (CEST).
Join the TRUSTS MeetUp-Network
- Exchange with partners of the project and other MeetUp Networkers concerning current challenges of data markets, data sharing and accompanying chances and challenges
- Get involved in the European Data Community
- Receive insights into the project’s outputs
- Learn from Use Cases and Best Practices for your company
- Contact email@example.com for more information! Ambassador Network of TRUSTS