A

Technical Seminar Report

On
PRIVACY ENHANCING COMPUTATION
Submitted in partial fulfillment of the
Requirement for the award of the degree of

BACHELOR OF TECHNOLOGY
IN
COMPUTER SCIENCE AND ENGINEERING
BY
A.SWAMY

(20Q65A0502)

Department of Computer Science and Engineering

AVANTHI INSTITUTE OF ENGINEERING AND TECHNOLOGY

(Affiliated to JNTUH Approved by AICTE, Recognized by Govt of T.S)
Accredited by NBA,NAAC
Gunthapally (V), Abdullapurmet (M), R.R.District-501512
(2022-2023)
 AVANTHI INSTITUTE OF ENGINEERING AND TECHNOLOGY

(Affiliated to JNTUH Approved by AICTE, Recognized by Govt of T.S, Accredited by NBA)

Gunthapally (V), HayathNagar (M), R.R.District-501512

DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING

CERTIFICATE

This is to certify that the technical seminar entitled “Privacy Enhancing

Computation”is being submitted by A.SWAMY (20Q65A0502) in partial fulfillment
of the requirement for the award of the degree of B.Tech in Computer Science
And Engineering , Avanthi Institute Of Engineering And Technology, Hyderabad
from Jawaharlal Nehru Technological University for the academic year(2022-2023)

Mr. SHAKEER BASHA DR.RAMACHANDRA REDDY

M.Tech,MISC,MCSI M.Tech,PhD
Assistant Professor PRINCIPAL
HEAD OF THE DEPARTMENT
Department of CSE

COMMITTED TO EXCELLENCE IN TECHNICAL EDUCATION

 ACKNOWLEDGEMENT

This is an acknowledge of the intensive drive and technical competence of many

individuals who have contributed to the success of our project work.

We are grateful to chairman, Avanthi Group Of Institutions Sri. M. SRINIVASA RAO

for granting us the permission for undergoing the practical training through development of this
Seminar in college.
My sincere thanks to the Principal Dr.RAMACHANDRA REDDY,Avanthi Institute of
Engineering & Technology and to all the faculty members for encouragement in doing this
Seminar.

I would like to express our gratitude to head of the department Mrs.SHAKEER BASHA
C.S.E, Assistant Professor for her valuable suggestions during the course of our project work.

I am thankful to one and all,who co-operated me to complete my Seminar successfully.

A.SWAMY
(20Q65A0502)
 DECLARATION

I hereby declare that the results embodied in this dissertation entitled “Privacy Enhancing
Computation” is carried out by me during the year 2022-2023 in partialfulfilment of
the award of B.Tech, Computer Science And Engineering from Avanthi Institute Of
Engineering And Technology. I have not submitted the same to any other university or
organization for the award of other degree.

SStudent name with Signature

A.SWAMY
(20Q65A0502)
 ABSTRACT

Here isn’t a comprehensive definition that fully incorporates the nuances of what privacy-
enhancing computation is. It’s best described as being a group of diverse technologies that work
together to secure the highest levels of private data conservation. Technologies that boost privacy
and protect data from infringements, beaches, and hacker attacks are used and controlled by
privacy-enhancing computation. Data can be shared freely and without disruption whilst
simultaneously ensuring privacy and security. According to technology research and consulting
company Gartner, by 2025, 50% of large businesses will adopt privacy-enhancing computation to
process data in untrusted climates and multiparty data analytics use cases.

Gartner also adds that the privacy-enhancing computation trend is not easy to execute in
business environments. It’s a complicated process that takes a long time to implement, with some
businesses waiting years to fully reap the benefits. The main reason why businesses choose to
implement privacy enhancing computation is to stave off and deter privacy risks. Any organization
that doesn’t protect its infrastructure risks being targeted by criminals and sacrificing vital
data. Data protection laws such as GDPR and CCPA compel organizations to set up safeguarding
measures for their compiled consumer data. It’s a safety net that was put in place to stop businesses
from incurring a financial loss associated with data breaches. Safeguarding important data in the
age of digital transformation is a key component to successful data migration procedures. It shields
businesses from potential harm whilst guaranteeing that data interpretation does affect the
fundamental authenticity, disposition, and interest of the individual.
 INDEX

S.NO CONTENTS PAGE NO

1 INTRODUCTION 1

2 PRIVACY ENHANCING COMPUTATION 2-3

3 REASONS FOR IMPLEMENTATION PECs 4-6

3.1 Implementation PECs 4

3.2 Benefits of implementation PECs 5-6

4 PEC TECHNIQUES 7-10

4.1 PEC Techniques 7-8

4.2 Zero-Knowledge Proofs 8

4.3 Multi-Party Computation 8

4.4 Homomorphic Encryption 9-10

4.5 Differential Privacy 10

5 PERSONAL DATA STORE 11-14

5.1 Personal Data Store 11

5.2 Privacy technology enhance privacy 11

5.3 Privacy computing 12

5.4 Fundamental and well-established privacy

Enhancing technology 12

5.5 Examples of privacy enhancing technology 13

5.6 Privacy-preserving technologies 13

5.7 PEC important for digital transformation 13

6 EMCRYPTION 14-17

7 PRIVACY ENHANCED HARDWARE 18

8 PRIVACY ENHANCING TREND USE 19-21

8.1 Business 19

8.2 Finance 20

8.3 Healthcare 20

8.4 Applications 20-21

8.5 Enter-Privacy Enhancing Computation 21

9 DATA DISPERSION 22-25

10 FUTURE 26-27

11 CONCLUSION 28

12 REFERENCE 29
 1. INTRODUCTION
Data is at the core of all businesses, the most valuable asset in the current age. As its value keeps
increasing, keeping this asset safe becomes the highest priority for organizations. Data needs to be
managed, processed, and analyzed to glean valuable insights. Since data is sensitive, it can also be
abused by malicious attackers. However, considering the tremendous volume of data that needs to
be safeguarded for privacy, data governance and technology integrations, the task becomes
herculean. Though there are privacy legislations such as GDPR in the EU and several others around
the globe, privacy breaches occur very often. One of the main reasons this is happening is because
of business transactions happening through third parties, to gain insights to improve their services,
to get some valuable data, or maybe just to earn additional money by using any available data.

Consumers are becoming increasingly concerned about sharing their personal data as they find it
difficult to track who uses them, the manner it is used and mainly who is responsible for handling
them. Since cyberattacks are on the rise, and attackers using more complex techniques to access
data, the use of privacy-enhancing computation (PEC) and technologies (PET) have become a
crucial security measure for organizations. PEC is one of the leading Gartner strategic technology
trends. With the adoption of technologies like AI, organizations today can process increasingly
complex and growing data in a structured, controlled, and protected manner. Enterprises having a
well-defined roadmap for PEC and technologies implementation are expected to minimize the
exposure to potential attacks and enable secured data usage.

1
 2. PRIVACY ENHANCING COMPUTATION

Fig: Common Privacy Enabing Technologies

Though there is no standard definition there yet, privacy-enhancing computation aims at

leveraging a group of various technologies to enable the highest level of private data protection.
This group of technologies support privacy and data protection and provide safeguards against
violations and hacker attacks. The solutions can be hardware and software designed to glean
valuable data to use for various purposes while building a robust and secure foundation.

These technologies have been around for some time but it’s only recently they have been used for
real-life applications and use cases. Gartner has classified PEC in the “people centricity” category
and according to the research and consulting company.

2
PEC has three forms, comprising of three technologies to protect data.

 The first form involves technology providing a trusted environment where data can be
processed securely. To enable this there are trusted third parties and hardware trusted
execution environments.
 The second form involves processing and analytics through privacy-aware machine
learning. The technologies leveraged in this form consists of federated machine learning
and privacy-aware machine learning.
 The third form of PEC consists of technology enabling data and algorithms transformation.
These include homomorphic encryption to keep the data confidential, multiparty
computation, differential privacy, private set intersection, among others.

Due to gather, the privacy-enhancing computation trend is not easy to implement in most
businesses.This process is long-lasting as the integration should be quik and accurate.

It is an interesting fact that 27% of internet users never enter their real personal data when
registering on the websites,app’s,or any other system where it is allowed to hide private
information.

3
 3. REASONS FOR IMPLEMENTATION PECs

3.1 IMPLEMENTATION PECs

When users enter their personal data into any website, application, and other forms, they want to
ensure that it will be kept private. The data store providers have to have full control and
management of this information. Getting a high level of security is not a complex task anymore.
Thanks to modern privacy techs, the users` data will be secure for 100%.

We would like to highlight the common reason for implementing data protecting technological
tools.

The first and foremost reason why we need PECs is to prevent any possible risk to the privacy of
the consumers of an organization. For any cybercriminal, any organization lacking a well-
established protection system provides a clear, golden opportunity for tapping and misusing the
system data without any answerability. This exposes the sensitive information of any
organization’s customers posing a threat to users’ privacy that ultimately affects their trust and
loyalty in the long run. It is vital to rule out the possibilities of other major issues such as human
dignity violations, misinterpretations, identity crises that may result after a security breach. Hence,
it is a dependable method to share data while assuring the customers and other businesses (in B2B
context).

4
3.2 BENEFITS OF IMPLEMENTATION PECs
Here are some of the benefits of enabling privacy-enhancing computation.

Fig:Benefits Of Implementation Of PECs

3.2.1 Harm prevention

When there is no protection against the prevention of privacy data breaches, malicious users can
gain easy access to information without any permission. This can be various types of information
such as data from social media accounts, cloud stores, bank details, among others.

A Data breach can affect the privacy of the users and harm their lives for a long time. PECs are
capable of shielding access to sensitive information and ensures that a mandatory set of
permissions are enabled to protect and gain access to sensitive information.

5
3.2.2 Tackling undetermined and unfair conditions

It is difficult to track activities performed by third-party providers and how they are using the
sensitive consumer data. Agreed, there are terms and conditions and privacy policies, but there is
no way to ensure the policy rules are followed. This is where data protection laws and government
regulations can help users, as the violations can be challenged.

3.2.3 Avoid possibilities of misrepresentation

Personal data disclosure can compromise sensitive data and it can be used by malicious users to
do harm to individuals. Information can be misrepresented or changed for instance it can be
published representing another person. PEC ensures that such interpretation of data does not affect
the authenticity of the original person, identity and interest of the individual, even if the data is
misrepresented or used for different purposes.

3.2.4 Avoiding violation of human dignity

When there is a lack of privacy, it can present a perfect arsenal for users with malicious intent to
misuse information and may change views or decisions of the original person, making them appear
out of character. This can create problems like misjudgements of people in real life, violating their
dignity. PECs can help avoid such situations.

6
 4. PEC TECHNIQUES

4.1 PRIVACY ENHANCING COMPUTATION TECHNIQUES

Fig: PEC Technologies

The privacy-enhancing computation trend involves a range of different modern technologies that
aim to protect personal data in various methods.

Types of Privacy Enhancing Technologies PETs contribute to privacy and data protection in a
variety of ways. The first category of PETs are tools that alter data itself. These typically seek to
disrupt or break the connection between data and the individual they are associated with. Another
group of PETs focuses on hiding, or shielding, data, rather than altering it. Encryption is an
example of this, since it changes the format of data, but is intended to only obscure it temporarily,

7
rather than alter it permanently. Finally, there is a broad category of PETs that represent new
systems and data architectures for processing, managing, and storing data. Some of these systems
break apart data for computation or storage, whereas others provide management layers to track
and audit where information is flowing and for what purpose. *These categories are based on the
authors’ analysis of the PET space. The authors acknowledge that there are multiple ways to group
these technologies, techniques, and processes. Figure These different categories can be used
together to create layered protection. For example, data can be altered through de-identification
techniques, concealed through encryption, and processed using privacy-protective systems.
Following a brief discussion of the challenges that are associated with PETs, the remaining
sections of the report will describe different PETs and use cases within these categories.

4.2 ZERO-KNOWLEDGE PROOFS

Zero-Knowledge Protocol (or Zero-Knowledge Password Proof, ZKP) involves authentications

where no passwords are exchanged. This makes communication more secure. In this only true
information is shared, without revealing anything else.

Fig: Zero-knowledge Proofs

8
4.3 MULTI-PARTY COMPUTATIONS

Secure Multi-Party Computation (SMC) is a cryptographic protocol, allowing people to work

together in computing functions over their inputs without revealing them individually. This means
people can analyze various data without violating privacy. Different parties indulge in shared
computational processes, but nobody can detect or track what was performed by any other party
at any time during these processes.

Fig: Multi-Party Computation

4.4 HOMOMORPHIC ENCRYTION

Homomorphic encryption is a technology allowing the processing of encrypted data for third-party
providers. This is a new way to protect data as the data remains confidential though it can be
processed. Private data used in sectors or for requirements like medical, banking, among others,
can be processed by a general index, without needing private information. Data can be unencrypted
only by specific individuals having the particular keys to access it.

9
 Fig: Homomorphic Encryption

4.5 DIFFERENTIAL PRIVACY

Differential privacy is an algorithm allowing information about datasets to be shared without

revealing the identities of individual members in each group. The system analyses data and
generates its statistics, hiding the individual data. The algorithm ensures the protection of private
data and individual-level information remains safe.

Fig: Differential Privacy

10
 5. PERSONAL DATA STORES

5.1 PERSONAL DATA STORES

A personal data store (PDS) is general access to individual data and the ability to upload, share,
change, or delete this data by the data owner. It can contain addresses, phone numbers, passport
data, bank accounts histories, electronic health records, etc. This technology enables controlling
own data by each individual. A personal data store aims to provide the opportunity to add or take
out the private data on the third-party providers’ side. This type of stores has a range of benefits
for a business like:

 more effective gathering and keeping data

 absence of law risks to announce private data without permission
 the data can be easily updated

5.2 HOW DOES TECHNOLOGY ENHANCE PRIVACY

Technology enhances privacy by allowing secure access to client data. An excellent example of this
is AI companies that need secured access to client data to build machine learning models. Privacy-
enhancing technologies (PETs) are the only safe way to achieve this while simultaneously allowing
businesses to utilize and commercialize accumulating non-sensitive data.

Privacy-enhancing technologies not only change the accessibility of information but work to change
privacy standards as well. For consumers, Innovative technology allows everyday users to take
swift action and secure personal information that could have otherwise been sent to third parties.
For businesses, privacy-enhancing technologies will enable them to track their data flows, including
transferred data that captures when, who, and the conditions of transfer.

11
5.3 WHAT IS PRIVACY COMPUTING

Privacy computing is a powerful cloud computing technology that insulates sensitive data and
protects it in a CPU enclave during the processing cycle. The refined data and the methods used to
process it are only attainable through an authorized program code. Privacy computing networks are
virtually invisible and cannot be tracked or recognized by attackers or cloud providers.

Cloud data privacy is becoming more crucial than ever during the digital age, as more and more
businesses automate processes and take steps to move full force into the digital expanse. Privacy
computing aims to provide assurances to businesses and facilitates the transfer of sensitive data to
public cloud services. Privacy computing removes the persisting data security exposure by
protecting data used during processing or runtime.

5.4 WHICH IS A FUNDAMENTAL AND WELL-ESTABLISHED PRIVACY

ENHANCING TECHNOLOGY

Several future privacy-enhancing technologies are being researched, developed, and implemented
by businesses worldwide. These include but are not restricted to limited disclosure technology,
anonymous credentials, enforcement of data handling conditions, and data transaction logs.

Privacy breaches and lack of self-sufficiency in analytical understanding are two reasons privacy-
enhancing technologies are imperative to modern digital culture.

5.5 EXAMPLES OF PRIVACY-ENHANCING TECHNOLOGY

 Cryptographic Algorithms

Homomorphic encryption is an intelligent cipher technique that facilitates computational operations

on encrypted data. The resulting information is fully encrypted and matches perfectly to system
data when decrypted, enabling the end-user to transfer, analyze and return said data.

12
  Data Masking Techniques

Data masking techniques can be used by businesses that want to protect sensitive information in
data sets. Obfuscation is the central term associated with data masking. It describes the methods
used to rebuild sensitive information by diverting and misleading data from a profile or log.

 AI & ML Algorithms

Synthetic data is created artificially through several algorithms, including powerful ML algorithms.
Privacy-enhancing technologies in this context can be used to transform data into testing
environments that third parties can share.

5.6 WHAT ARE PRIVACY-PRESERVING TECHNOLOGIES

Privacy-preserving technologies are a group of cryptographic techniques that allow businesses to

operate safely within a cloud-based security environment. They work by increasing utility by taking
considerable advantage of technologies such as machine learning or the cloud to preserve security
and privacy.Privacy-preserving technologies work harmoniously within an organization’s network
and system to prevent security breaches. Blockchain, data mining, authentication, big data, and IoT-
connected devices all use privacy-preserving technology to increase valuable data’s efficiency,
safety, and security.

5.7 WHY PRIVACY-ENHANCING COMPUTATION IMPORTANT FOR

DIGITAL TRANSFORMATION

The post-Covid work environment has seen a massive migration into cloud-based networking
as digital transformation initiatives spring into action simultaneously as the economy picks up.

Data is the most critical aspect of modern business. Privacy-enhancing computing is just one of the
ways that companies are transforming their digital outlooks. As we work to become more
autonomous and streamline repetitive processes, migrating to the cloud is critical to data-driven
transitional policies that allow you to adapt in real time.

13
 6. ENCRYTION

The most recognizable and common form of shielding data is encryption. Encryption is a reversible
process that converts data to an unintelligible form called ciphertext; decrypting the ciphertext
converts the data back into its original form (referred to as plaintext). The purpose of encryption
and decryption is to allow only authorized users to access the plaintext using a key for conversion.
Even if unauthorized users get access to the encrypted data, or ciphertext, they will not be able to
read it without having access to the key. Cryptographic algorithms, called ciphers, create random
strings of characters to represent the underlying data. These algorithms have corresponding
cryptographic keys, which are also strings of characters, and these are used together to change the
underlying data into ciphertext. The longer and more complex cryptographic keys are, the harder
it is for an adversary to crack the code and decipher the underlying plaintext data. Encryption can
use the same key to both encrypt and decrypt data, or different keys.

Symmetric key cryptography (also called private-key cryptography), uses the same key to both
encrypt and decrypt data. Symmetric keys are relatively short, so the process of shielding and
revealing, data is faster and requires fewer computing resources. It is also less resource intensive
because only one secure piece of information, the symmetric key, needs to be managed. Symmetric
key ciphers are typically used to encrypt data at-rest, in files and databases, because the entity
storing the information is managing both sides of that process anyway. Symmetric encryption at-
rest also occurs directly in computing devices to protect them from physical theft, such as disk or
hard-drive encryption (see the section below on Privacy Enhanced Hardware). The best at-rest
symmetric key ciphers are not computationally feasible to crack with current technology.Despite
its many advantages, symmetric cryptography has two important disadvantages that both pertain
to key management. As described above, there is only one key that needs to be kept secret. If a
user wants to share encrypted data with others, they will also have to share a copy of their one
private key to decrypt the data. In this case, copies of the single key are created and distributed to
authorized users. If any of these copies are lost, the data becomes vulnerable; therefore, exchanging
and securing unique symmetric keys must be done carefully and it is challenging to scale.

14
Asymmetric cryptography, also known as public-key cryptography, is slower than symmetric
cryptography because different keys are necessary to encrypt and decrypt data. However, it is more
scalable,since it is designed to enable secure key-exchange among multiple users. Asymmetric
cryptography is based on a pair of keys that is generated for each user. One of the keys remains
always private and is only known to the user, while the other is public and it is shared with any
device the user would like to securely exchange data with.A fundamental principle of asymmetric
cryptography is that the public and private key in the key pair can both encrypt and decrypt the
data. However, during a data transfer only one of the keys (either the public or private) is used to
encrypt data, and the other key is used to decrypt data, and vice versa. When a user wants to share
data, they will encrypt the information using a recipient’s public key. Asymmetric cryptography
then ensures that only that recipient’s private key, can decrypt the message. In this way, many
parties can have the tools to secure data, but only one receiver can decipher the information.
Because of this functionality, asymmetric cryptography is commonly used to protect data in-
transit. In today’s connected world, this includes extremely common use cases, such as e-mail,
logging into a website, or exchanging messages on platforms, as well as digital currency
applications such as sending and receiving Bitcoin.

Data is crucial to a company success maintaining its privacy and ensuring regulatory
compliance are difficuly.learn about privacy enhancing technologies that protect data

One of the most important issues in technology is data protection, especially in an age where
companies collect sensitive data that can eventually cause catastrophic data breaches to occur. In
the United Kingdom, privacy is the right to control how a person can use their personal and
identifiable data. Data supplied must be retrieved without the use of statistical output.

FEDERATED LEARNING
Federated learning is machine learning technology which helps a device learn an underlying
prediction model by sharing data while retaining data local to the system. Mobile phones download
and improve the current model and upload only their summaries to the centralized model. From
then the change is then averaged with other devices updates to increase the shared model. Multiple

15
entities can build smart machines without sharing data through federated learning. It reduces
storage requirements from central servers or cloud storage systems.

ON-DEVICE LEARNING
User behaviour is analysed by the device for identifying a pattern without sending individual
information on an external computer or network server. On-site learning improves algorithmic
intelligence through autocorrection. Apple Face ID enables users to use a machine learning
algorithm to collect data about how their face looks, this helps identify users more accurately and
safely.

PSEUDONYMIZATION/OBFUSCATION/DATA MASKING
Various methods, such as obfuscating data and re-using pseudonyms can be used in the
replacement and concealment of sensitive data by introducing sensitive data in a false manner.
Usually, it is used by companies to protect user data and respect the privacy law. Some methods
of anonymisation including renaming or deleting information can cause reidentify.

GENERATIVE ADVERSARIAL NETWORKS (GANS)

GAN generates suppositional instances of data that simulate data sets. This method allows
analytical researchers to obtain high-level synthesized information from the computer. GANs have
been used to quickly identify anomalies on the Internet to detect medical test results.

SYNTHETIC DATA GENERATION (SDG)

SDGs are data produced artificially using raw data which have identical statistic attributes. As
SDG data sets can be much greater than their original sets of data, this technique has been adopted
both for test environments and for AI applications.

16
Why Privacy-Enhancing Computation Is Important For Digital
Transformation?

The post-Covid work environment has seen a huge migration into cloud-based networking
as digital transformation initiatives spring into action at the same time as the economy picks up.

Data is the most important aspect of modern business. Privacy-enhancing computing is just one of
the ways that businesses are transforming their digital outlooks. As we work to become more
autonomous and streamline repetitive processes, migrating to the cloud is critical to data-driven
transitional policies that allow you to adapt in real-time.

In this context, digital transformation can be described as a cultural change that requires
organizations to repeatedly challenge existing conditions by using policies that champion
investigation and innovation. This directly correlates to the implementation of privacy-enhancing
computation which allows for layered security measures to be put in place, which have long-term
measurable benefits to both the business and the consumer

17
 7. PRIVACY ENHANCED HARDWARE

Computer manufacturers are increasingly introducing off-the-shelf, privacy-enhancing features to

their product lines to address business and personal use cases. Regardless of the underlying use
case, this kind of hardware is deployed to shield data flowing through devices. In business use
cases, these technologies can reduce the reliance on employees to follow specific privacy and
security protocols, or to perform the techniques and processes themselves. These technologies are
not a primary focus of this report because they are commonly targeted for consumer use;
nevertheless, they are important to understand as a form of shielding data. Examples of privacy-
enhancing hardware features include:
 Privacy screens that make it difficult for strangers to observe over a user’s shoulder.
 Biometric authentication, including fingerprint and/or facial recognition.
 Built-in webcam shutters.
 Kill-switches that deactivate the microphone and webcam, as well as any wireless
or Bluetooth connections on a particular device.
 Drive encryption that keeps data shielded at-rest and ensures that the computer will
start only when certain hardware and/or software conditions are met.
 Anti-interdiction mechanisms that detect hardware and software tampering that
may occur while a device is in transit from the manufacturer’s fulfillment center to
the end user.

18
 8. PRIVACY ENHANCIND TREND USE

Fig: Data Lifecycle Representation

Any enterprise and facility want to keep their data private under all conditions. Privacy-enhancing
technologies make it much easier and reliable. The main purpose of this trend is to encrypt data
that is processed on the third-parties hardware. The use of thee techs is vast and can be applied in
various industries like:

8.1 BUSINESS

Most business companies are constantly dealing with huge amounts of data – internal as well as
customers`. It can be phone numbers, addresses, emails, photos, and other documents. Each client
wants to be sure that their personal information will not be announced to third parties without their
permission. PETs are essential for implementing companies that process customers` private data
as their reputation and reliability depend on it.

19
8.2 FINANCE

Establishments that do business with their customers` finances and bank accounts data demand the
highest level of protecting this data. Banks and other financial facilities take a huge responsibility
for keeping the data confidential and protect it from any hacker attacks. As customers provide
payments on different online shops, apps, etc., using their account number, the financial
institutions have to ensure that the private data won’t be accessed by third-parties.

8.3 HEALTHCARE

Due to digitalization, the healthcare industry implements electronic health records systems to save
accurate data about each patient and track their states of health. Some patients` data can be shared
to research the inauspicious effects of particular treatments and drug influences. Privacy-
enhancing computation technologies ensure that specific patients` data will be kept secure.

8.4 APPLICATIONS

Web and mobile applications are usually maintained by third-party providers. They apply changes,
updates, and testing processes. PETs help to reduce access to users` data without affecting the
process of maintaining the app. This trend supports both sides – customers and providers to keep
a high rank.

You’ve likely heard the phrase “data is the new oil.” And as we enter a new decade, it appears that
data remains one of the most valuable assets a company can produce – and keep safe.

As business operations continue to prioritize data privacy and security, consumers are becoming
more aware of their own personal data and are getting wary of who they let manage it. In fact, a
recent survey from Pew Research Center discovered that 79 percent of adults were concerned with
how companies were using the amount of data (like IP addresses) collected about them. Further,
52 percent opted not to use a product or service due to worries about how their personal
information might be collected.

20
8.5 ENTER -PRIVACY ENHANCING COMPUTATION (PEC).

While this technology has been around for decades in the academic realm, only very recently has
it started being utilized in real-world applications. One of the Top Strategic Technological Trends
of 2021 chosen by Gartner, if PEC wasn’t already on your radar, it will be by the end of this article.

21
 9. DATA DISPERSION

9.1 DATA DISPERSION

Data dispersion refers to a process where data are broken into smaller pieces and maintained across
a distributed storage infrastructure that, typically, spans multiple geographic locations. In this
process, software is used to break data fields up in a random way. For example, if a piece of data
is a social security number, the software will break apart the 9 digits in random chunks and store
them in different places. Data dispersion can provide data security and enhanced privacy because
even if a storage location is breached, or those files accessed, the information will not be complete,
or comprehensible, without the remaining pieces. Information could still be compromised, but
multiple locations would need to be targeted, along with the underlying software that broke the
data into smaller pieces. Data dispersion can also improve scalability and performance of systems
because smaller pieces of information are being stored, and it can be used in tandem with processes
that create redundancy and backup storage. Data can be replicated, and then broken down into
smaller pieces and stored across multiple devices. This is called storage slicing, and it is a concept
similar to the mature Redundant Array of Inexpensive Disks (RAID) technology. RAID helps
ensure data can be made available and reassembled even if some storage devices, or locations are
compromised, or otherwise unavailable. Data dispersion can be used with other PETs such as
encryption. The small chunks of information can subsequently be encrypted in storage, in a process
known as database sharding, or “microsharding.” 64 Data dispersion is becoming much more
common with the increasing use of Cloud services. Distributing storage through the Cloud has
significantly reduced the cost and administrative burden associated with maintaining multiple
storage locations required for dispersion. However, the distribution of data across multiple
geographical locations can also increase compliance and availability risk. Since data can be
dispersed across several geographical regions, and even across several Cloud service providers,
outages can occur and make pieces of data inaccessible. Additionally, data may be subject to the
laws and regulations of different jurisdictions, complicating regulatory compliance

22
 Privacy-Enhancing Computation Examples
Here are some key uses for Privacy-Enhancing Computation (PEC):

9.1.1 HR
The use of PEC in the Human Resources Department can be in facilitating gender equality and
reducing the gender pay gap in the workplace.

9.1.2 Fraud Prevention

Fraudsters are known to victimize certain industries and multiple companies in that industry.
Companies can work directly together using PEC to detect the criminals quickly. Also, the good
customers can be identified when they collaborate to establish a pool of trusted consumers.

9.1.3 Medical Research

In a pandemic year, it is understandable why the medical communities need to draw large amounts
of data, even across borders and laws, for research. Patient records are rightly protected by many
regulations. The PEC process makes actionable patient information both accessible and private.

9.1.4 Internal Data Analysis

PEC methods can help large corporations obtain and share information, even between many brands
and across borders and policies, while maintaining regulated privacy.
23
9.2 PETs USE

As all privacy-enhancing technologies were counted above, we would like to discuss where these
technologies are used and what functions they perform to protect users` private data.

9.2.1 Anonymizers
This tool is related to users` behavior on the web. Its main aim is to hide the real geolocation,
email, and other information about users. It is not also hidden but replaced by inexisting data like
accidental emails, nicknames, IP addresses. It can perform for one website, mail, messenger as
well as for the browser.

9.2.2 Fake accounts

This method is usually used when a user wants to create an account on a specific website or apps
and doesn’t want to show the real personal information. Such users create fake emails, use false
names and contacts, fictional bio, interest, etc. These bogus accounts can also be used for more
serious aims than social media. It adds the user to a particular system but doesn’t show the real
data.

9.2.3 Confusing data

Confusing private data is one of the good practices to protect it. The account can be real and
contains true information. Along with it, users can add mixing-up facts and distracting data
elements. This method hides the personal real information with masking techniques and specific
algorithms. So in case of a hacker attack, it will be much more complicated to recognize the
required data.

9.2.4 Private data access

This example applies differential privacy technology. Each individual has constant access to their
data, can change, update and delete it at the user’s own discretion. It means that some data
disappears forever and can not be kept or used anymore.

24
9.2.5 EPID
This is a kind of digital signature that is created to identify the group or system members without
showing who it is. The key is usually complex and consists of several verification steps.

9.2.6 Pseudonymization
This technique aims to identify private data with pseudonyms and hide the real content. It does not
influence data analysis or data processing. It is used to cover the individual as well as group
information.

25
 10. FUTURE

As the world increasingly moves online and more data is shared, privacy concerns will continue
to grow. To address these concerns, researchers are working on ways to improve privacy-
enhancing computation.

Privacy-enhancing computation in the #Future will continue to be an important area of research.

There are many ways to improve the privacy of data, and new techniques are constantly being
developed. In the future, privacy-enhancing computation may be used more widely to protect data
from unauthorized access and to allow people to share information more securely.

 One area of research is developing new cryptographic techniques that provide

better security and privacy. For example, homomorphic encryption allows
computations to be performed on encrypted data without decrypting it first. This
could be used to allow cloud providers to perform computations on sensitive data
without seeing it themselves.
 Another area of research is improving existing privacy-enhancing technologies,
such as Tor. Tor is a system that routes internet traffic through a network of
volunteer nodes, making it difficult to trace the source of the traffic. However, Tor
has been criticized for being slow and difficult to use. Researchers are working on
ways to make Tor faster and easier to use while still providing strong anonymity
protection.
 Finally, researchers are also exploring ways to use #BlockChain technology for
privacy-enhancing purposes. Blockchain is a distributed database that can be used
to store data in a secure and tamper-proof way. One potential application is creating
a decentralized identity management system that would give users more control
over their personal data.

26
Privacy-enhancing computation will continue to evolve as new technologies are developed and
improved upon. As Privacy becomes an ever more important concern for individuals and
organizations alike, the importance of this field will only grow in the years to come.

27
 11. CONCLUSION

The amount of data being processed on the web is huge, and it continues to grow every day. When
people are asked to fill in their personal information, they want to be sure that this info will be
announced, published, or stolen. It concerns all spheres of their lives – from social media to bank
account data.

Today there is a wide range of technological tools to help protect data in different ways. Some of
these methods process the individual data, others can protect vast amounts of information. Most
internet users want to stay anonymous, even if they use delivery services. Thanks to privacy-
enhancing technologies, the security borders continue to expand their abilities and level of
anonymity

28
 12. REFERENCE

 Mathews, Anna Wilde. “Major Hospitals Form Company to Capitalize on Their

Troves of Health Data.” The Wall Street Journal, February 11, 2021.
 “2019 ‘Worst Year on Record’ for Data Breaches.” Ensighten, September 11,
2019.
 Ohm, Paul. “Broken Promises of Privacy: Responding to the Surprising Failure of
Anonymization.” UCLA Law Review. UCLA School of Law, Accessed March
2020
 Sweeney, Latanya. “Simple Demographics Often Identify People Uniquely.” Data
Privacy Lab, January 1, 2000.
 Acosta, Nefi. “Are IP addresses 'personal information' under CCPA?” Internet
Association of Privacy Professionals, April 28, 2020.
 Kenny, Steve. “An Introduction to Privacy Enhancing Technologies.” Internet
Association of Privacy Professionals, May 1, 2008.
 “What is the difference between privacy, confidentiality and security.”
Techopedia, July 2, 2020.
 “Privacy Enhancing Technologies – A Review of Tools and Techniques.” Office
of the Privacy Commissioner of Canada, November 2017.
 “Control TowerSM.” Wells Fargo, Accessed March 19, 2021.
 Kang, Sunny Seon. “Post-Schrems II, Privacy-Enhancing Technologies for Cross-
Border Data Transfers.” Jurist, January 25, 2021.
 Sadler, Chris. “Homomorphic Encryption Could Fix The Gaps In Our Data
Security.” New America, September 1, 2020.
 “Security, Privacy and Abuse Prevention.” Google Research, Accessed April 2021.

29