SODA

Introduction

More and more data is being generated, and analyzing this data drives knowledge and value creation across society. Unlocking this potential requires sharing of (often personal) data between organizations, but this meets unwillingness from data subjects and data controllers alike. Hence, techniques that protect personal information for data access, processing, and analysis are needed.

To address this, the SODA project will enable practical privacy-preserving analytics of information from multiple data assets using multi-party computation (MPC) techniques. For this data does not need to be shared, only made available for encrypted processing. The main technological challenge is to make MPC scale to big data, where we will achieve substantial performance improvements. We embed MPC into a comprehensive privacy approach, demonstrated in an ICT-14.b and a healthcare use case. Our first objective is to enable MPC for big data applications by scaling the performance. We follow a use case-driven approach, combining expertise from the domains of MPC and data analytics.

Our second objective is to combine these improvements with a multidisciplinary approach towards privacy. By enabling differential privacy in the MPC setting aggregated results will not leak individual personal data. Legal analysis performed in a feedback loop with technical development will ensure improved compliance with EU data privacy regulation. User studies performed in a feedback loop with our consent control component will make data subjects more confident to have their data processed with our techniques.

Our final objective is to validate our approach, by applying our results in a medical demonstrator originating from Philips practice and in a use case arising from the ICT-14.b data experimentation incubators. The techniques will be subjected to public hacking challenges. The technical innovations will be released as open-source improvements to the FRESCO MPC framework.