Data collaboration with Multi Party Computation is applicable in many fields. In this article we will guide you to the applications in various industries that can help you define your use case.
Applications of Multi Party Computation
MPC provides a powerful way to collaborate on data in a privacy-preserving manner. It enables organizations to collaborate on data even when it cannot, may not or will not be shared otherwise. Such sensitive data processing could relate to, for example, anti-money laundering, anti-trust laws, or data that is not allowed to leave a certain jurisdiction (e.g. due to data localization laws). Example use cases are plentiful, and rapidly emerging in real life:
- Healthcare: privacy-sensitive patient data resides with different care providers. To develop a better understanding of treatment effectiveness, data are typically replicated in dedicated (costly) studies. The movement of such real-world evidence aims to reuse existing patient record data. MPC enables the use of this real-world data while protecting patient privacy.
- Law enforcement: Information about criminal activities and fraud is scattered across law enforcement agencies, banks and private businesses. Combining this information to spot patterns and avoid repeat actions by the same criminal is very difficult today. Again, MPC enables different organizations to combine their information, without disclosing unnecessary details.
- Cyber security: Cyber threat intel is highly sensitive. No organization will disclose details of how they have been attacked. The Dutch National Cyber Security Center (NCSC) is deploying MPC to collect and consolidate cyber threat intel information from more than 100 (growing to 15.000) organizations and businesses in the Netherlands in a confidential manner. With this, the NCSC can distill trends and inform organizations almost instantly about active threats.
- Financial services: Under intense regulatory pressure, banks have expanded their financial crime detection teams to thousands of employees. Unfortunately, these teams largely operate in silos. Smart criminals exploit this by using multiple banks to launder their money. MPC, in this case, offers a secure way for financial institutions to work together more closely against money laundering.
- International data transfers: Often, data is transferred because there is a need for central reporting. However, in many use cases data does not have to be accessed on record-level. In other words, the analyses and reports that are run on a global database often do not contain personal data; such data was only used to make the computations to generate the report at hand or run the statistical analysis. When deploying MPC technology, the central database can be split in local databases, so that each organization will only have ‘their own’ dataset, whilst over-arching reports and analyses can still be done. Since the European Data Protection Board has specifically mentioned MPC as a suitable technical measure to avoid transfer of personal data to problematic jurisdictions, organizations will have to consider the viability of this technology in their data transfer impact assessments.