Privacy-enhancing technologies (PETs)

Privacy-enhancing technologies (or PETs) utilize data protection principles to enhance data security and minimize the use of personal data, helping users to protect their personal information. They have been around for a while, and presently enjoy a return to popularity. These technologies can enable, enhance and preserve data privacy throughout the information lifecycle. Customers are concerned about their privacy, which can lead to brands and businesses losing such clients, who feel they can’t trust the privacy level, or even suffer from fines and penalties. Privacy enhancing technologies have a great impact on privacy breaches and can help to eliminate such risks. These technologies also help to achieve a high level of privacy protection when data-sharing is required (for example, when third party participation is unavoidable).

There is a long list of use cases for Privacy-enhancing technologies. First of all, it is useful for financial transactions. Customers’ private information has to be secured, and PETs can assure the safety and privacy of transactions and deals. PETs also find it useful in test data management. They can be helpful for in-house management of testing applications and analysis of data. Businesses working as intermediaries also use privacy enhancing technologies to protect information privacy of the parties involved in their processes. Healthcare institutions also make use of PETs, dealing with patients’ personal data (such as electronic health records or EHRs), to prevent data leakage.

PETs examples

PETs encompass a rather broad range of technologies. The most well-known are:

• Homomorphic encryption. One of the most secure PETs, allowing operation on encrypted data. It can be used for analysis without compromising data anonymity and privacy (however, there is an issue of data volume limitation). It generates an encrypted result which later must match the operation result. It also allows transfer, analysis and return of encrypted data (the owner can later decrypt and read it). It allows sharing sensitive data for analysis and helps to work with applications which keep encrypted data in cloud storages. The most common types of homomorphic encryption include partial homomorphic encryption (performs one type of operations. For example, additions or multiplications only), somewhat homomorphic encryption (performs two or more types together, but there are limits in the number of allowed operation types) and full homomorphic encryption (performs more than one type of operations without limits in number).
• ZKP (Zero Knowledge proof). It ensures that someone can prove their knowledge of some fact without revealing the fact itself. In other words, ZKPs uses a series of cryptographic algorithms which allows the validation of information without showing up the proving data. They are very popular among banking and financial domains, where it is necessary to ensure accessibility to some services requiring private customer data, which in turn must be kept secret.
• SMPC (Secure Multi-Party Computation). It is in some ways similar to homomorphic encryption and enables computation of values from multiple data sources. It allows to make complex calculations to analyze large chunks of data. This technology can be used as machine learning tools and allows sharing encrypted data with third parties for analysis, getting back the results without the risk of compromising the data content privacy.
• Differential privacy. A cryptographic algorithm which protects from personal information leaks by adding a so-called ‘statistical noise’ or ‘random noise’ layer (which prevents extracting specific information and makes it possible to describe group patterns within the dataset while maintaining privacy). It allows sharing of results received by implementation of an automated learning model to data sets.
• Data masking techniques. This group of technologies is used to protect sensitive information in data sets. It includes obfuscation (which includes various methods of hiding sensitive information via addition of distracting or misleading data to profiles or logs), pseudonymization (replaces the content of identifier fields which contain specific personal information with fictional data), data minimization (restricts the collection of personal information to the minimum necessary for providing services) and communication anonymizers (replace online identity with a disposable untraceable one).
• Synthetic data generation. Creates artificial data using various algorithms (such as machine learning algorithms), for example, to transform data into a testing environment accessible for third parties.
• Federated learning. A machine learning technique which trains algorithms through decentralized edge devices or services, allowing users to achieve data minimization with the help of reducing data amounts to be retained on a centralized server or cloud storage.
• TEE (Trusted Execution Environment). Enables operations within a single third-party server and  provides an isolated computing environment to maintain privacy of an input and ensure data privacy and security while the data is being processed.
• On-device learning. Employs algorithms, which are trained on historical data (such as consumer interest, conversion, etc.) to make predictions. Information is processed on a device with no individual data being sent to the server.

Blockchain based PETs

There are several types of blockchain-based and blockchain-oriented privacy-enhancing technologies. The most known among them are:

• CT (Confidential transactions). This technology aims at shielding transaction amounts, which should not be available to the public. Sensitive information in this case is accessible only by the sender, the receiver and, in exceptional cases, some other selected parties. The idea was put forward for the first time by Adam Beck (Blockstream CEO) in 2014.
• MimbleWimble. It is a blockchain protocol, which got its name from the popular Harry Potter book series (it is a spell which prevents people from letting out sensitive information). Using Elliptic Curve Cryptography, it can verify transaction amounts without revealing sensitive and important data on the public network. This information can be disclosed to the sender and the receiver of the transaction only.
• Ring signatures. This technology enables any member of a certain group or a circle of network participants to validate their transactions to entities from outside the group without revealing the name of those who approved them. For example, ring signatures are utilized by a popular privacy coin called Monero.
• Dandelion. It is a protocol implementation at a blockchain base layer which offers a new communication pattern for the nodes. It helps to minimize the efforts to trace origins of transaction messages or nodes’ IP addresses.
• Bulletproof. A specific type of ZKP. Short, non-interactive proofs, requiring no trusted setup. They help to make transactions on blockchain networks (such as Bitcoin) more efficient and confidential.
• ZKP and SMPC (already mentioned earlier). The former first was introduced by MIT specialists in 1985 and has been widely used in blockchain. A popular coin ZCash utilizes ZKPs. The latter are cryptographic protocols, which distribute computation among a number of various parties without revealing the calculations of one party to the others.