How can organisations attempt to find a balance between privacy, convenience and the user experience – or will that friction always be a factor? What role can technology play?
Friction will always be a factor. Just as we see with cybersecurity there is a delicate balance and sometimes a trade-off between security and freedom. Similarly with privacy, the tension lies between privacy and convenience, with user experience being part of the convenience equation. People will give up large amounts of privacy for convenience and a better user experience, which is why we should consider privacy risk and best practice, not just public opinion when designing technology.
Today’s perceptions of privacy breaches differ from the past, highlighting the evolving standards of acceptability. To adapt, businesses must continuously update practices and technology to align with public expectations. Communicating these complexities effectively requires easy to digest and clear language, which is appropriate for that audience at that time. The average time reading a privacy notice is 90 seconds, and so you don’t have long to get quite complex information across.
Technology can help also, and is always developing and maturing. Privacy-enhancing technologies offer a pathway to greater convenience without excessively compromising privacy. For example, Secure Multi-Party Computation (MPC) is a cryptographic technique that allows different parties to work together on a computation or algorithm without revealing their individual inputs to each other. This and other technologies mean that organisations can collaborate and combine their data to achieve a common goal, while ensuring that each party’s sensitive information remains confidential. Technology approaches can ensure both utility and privacy are maintained effectively.
What advice can you offer any public sector organisation looking to take on board the issue of privacy relating to identity?
Ensure the right stakeholders are engaged right from the start, including data protection, cybersecurity, legal, technology experts and the product owner. Engaging all relevant stakeholders early on is vital because product owners may sometimes overlook critical governance and technology aspects. This oversight can result in things like data sharing agreements being based on initial ideas rather than practical realities, potentially leading to project failure. By involving all key stakeholders you provide a comprehensive consideration of privacy concerns and technology constraints from the start of the project. If you don’t have access to data privacy engineers, then there are a variety of privacy-enhancing technologies which data scientists, developers and cybersecurity engineers can upskill themselves in.
Are there any notable examples of successful approaches to addressing data privacy issues in the public sector?
The COVID tracking app is a very notable example in the UK public space. The app was implemented using on-device computing, which means all computation of personal data occurred on users’ phones without relying on a central database to track and store people’s locations. This approach ensured that sensitive data remained on individual devices, enhancing privacy and efficiency in data processing for the app.
How does AI impact data privacy considerations for public sector organisations?
AI is huge at the moment, and it requires substantial amounts of data to operate effectively. However, in the public sector, utilising vast amounts of personal data raises privacy concerns. To address this, it’s essential to leverage privacy-enhancing technologies such as anonymising or pseudonymising the data before training a model on it. Transparency is also key to help build understanding and trust as the AI project evolves, bringing all stakeholders along the journey and communicating clearly about the AI’s purpose and progress.
What are your top privacy-enhancing technologies?
Secure Multi-Party Computation (MPC) is my personal favourite because it enables secure data sharing for the purpose of analysis, without the need for unencrypted data to leave its trusted environment, an essential capability that should be more prevalent in the public sector.
Federated learning is another useful technology that allows machine learning models to be trained on multiple data sets across different organisations, avoiding the disclosure of sensitive information. This approach synergizes well with MPC.
If you liked this content…
Private set intersection is another handy technique, which enables comparison of lists of identifiers or values to identify overlaps without disclosing sensitive details which would be inappropriate to share, facilitating data analysis while preserving privacy.
Compliance as code is another effective approach where compliance requirements are embedded directly into code, ensuring continuous and automated adherence to regulations. This is a practical approach to maintaining compliance seamlessly.
Another technology which may be helpful for your business case is Homomorphic Encryption, which enables computations to be performed on encrypted data without decrypting it first, maintaining data confidentiality throughout processing.
A common thread among these technologies is the emphasis on leaving unencrypted data in its original location while enabling secure and privacy-preserving operations using cryptography. A fundamental principle in modern data governance and security practices.
What are the essential cybersecurity practices that organisations should implement to support their privacy efforts?
While privacy and security are distinct concepts, I’d highlight several sensible default security practices that are necessary to effectively protect privacy.
Actively managing vulnerabilities in systems is vital. Teams should continuously scan for vulnerabilities in the software development and deployment process. Prioritise and promptly fix identified issues based on risk. Regularly patch systems and monitor advisories to address known vulnerabilities.
Implementing strong access control is another important focus, use multi-factor authentication for all accounts. Apply least privilege principles, granting minimum permissions required. Regularly review and audit access and develop an authorization model aligned with your risk profile.
Also, it’s important for development and IT teams to consider privacy when developing the threat model for a system. Privacy cannot be ignored when identifying and prioritising cyber risks. This helps build the right security requirements to protect data.
When implemented well, as part of a holistic information security management programme, these practices significantly reduce risk and enable more effective privacy protection. Sound privacy relies on a foundation of strong security.
Erin and Jim will be speaking at Think Digital Identity and Cybersecurity for Government on June 11. Book your place here.
