Data protectionNew privacy technologies protect personal data better

Published 10 April 2015

In Estonia, the public and private sector have databases, the merging and analysis of which could help the state and enterprises make better management decisions. Such consolidation of data, however, would be a serious threat to privacy and violate data protection rules. A researcher suggests a more convenient way of analyzing very sensitive data without the fear of data leak. The new approach would be appropriate for preserving privacy in genome-wide association studies, satellite collision prediction analysis, and conducting labor market studies.

In Estonia, the public and private sector have databases, the merging and analysis of which could help the state and enterprises make better management decisions. Such consolidation of data, however, would be a serious threat to privacy and violate data protection rules.

On 9 March at the Institute of Computer Science of the University of Tartu, Liina Kamm defended her doctoral thesis, proposing new methods for making statistical analysis so that the privacy of private individuals is ensured. A University of Tartu reports that she suggests a more convenient way of analyzing very sensitive data without the fear of data leak. The practical part of the dissertation describes preserving privacy in genome-wide association studies, satellite collision prediction analysis, and conducting labor market studies.

In a modern society, from the moment a person is born, a digital record is created. From there on, the person’s behavior is constantly tracked and data are collected about the different aspects of his or her life. “Whenever you swipe a customer loyalty card in a shop, go to the doctor’s, do taxes or simply move around with a mobile phone in your pocket, sensitive data are gathered and stored by companies and state authorities,” describes Kamm to open up the background of her thesis.

Sometimes we give our permission for this kind of surveillance for some benefit. “For instance, we could get a discount using a customer loyalty card. Other times we have a difficult choice — either not to be able to make mobile phone calls or allow tracking our movement based on cellular data. The government tracks information about our health, education and income to better cure us, educate us and collect taxes. We hope that the data are used in a meaningful way, but we also have an expectation of privacy,” explains Kamm.

Liina Kamm did her research at the Information Security Research Institute of Cybernetica AS, where she closely cooperated with the development team of the secure data analysis system Sharemind.

Liina Kamm’s research strongly expanded the opportunities of applying Sharemind. For instance, together with statisticians, she developed a convenient privacy-preserving data analysis tool Rmind. In the course of her work, Kamm had to solve several research problems of mathematical statistics and computational mathematics,” commented Peeter Laud, Research Director of Cybernetica AS.

Rmind allows statisticians to carry out studies on the data without having to know the details of the underlying cryptographic protocols.

In data security, the protection of data alone is not a sufficient goal. We need technologies that would be able to protect and analyze data at the same time. Liina Kamm’s dissertation shows how it is possible to carry out different analyses of protected data more conveniently. Creating such practical tools on the platform of Sharemind significantly expands the applications of the software outside the narrow field of cryptography,” said the Head of the Institute of Computer Science of the University of Tartu Professor Jaak Vilo, describing successful research cooperation with the enterprise.