How to face the challenge of privacy in the era of big data
PETs and legal frameworks jointly upholding human rights in the digital age.
In the era of big data, people’s every move contains great value. Collecting user information, and analyzing user preferences and interests, is used to push advertisements and optimize search results. This has been a practice in browsers, search engines, and many apps for many years. For example, a map app can indirectly collect information on the flow of people and traffic by analyzing the user’s location and commuting methods, and then learn about the hot spots of the flow of people or road congestion and other situations, and plan the best route.
Big data brings a better user experience, but it also brings real risks. According to research, more than 80% of Americans only need postal code and birthday , Gender can be used as the only identification, even if part of the information is de-identified, it is still possible to accurately find individual users through the data. Whether it is based on trusted software or used out of necessity, once the data is leaked, the people who have collected the data are often unable to protect themselves.
The United Nations General Assembly passed the “Privacy Resolution in the Digital Age” in 2013, emphasizing that all rights that people enjoy outside the Internet, including the right to privacy, should be protected on the Internet. Taiwan also implemented the “Personal Data Protection Act” in 2012 to safeguard the privacy of its citizens. Technically, it uses “Privacy Enhancing Technologies” (PETs) to help minimize the use of personal data and improve data. Security.
At the democratic summit that just ended, I shared the results of “the newsletter system” with my international partners . Before the “messaging system”, some stores adopted handwritten methods or used online forms. However, in addition to possible privacy issues, the multi-headed carriage approach would also increase the difficulty of the epidemic. Therefore, with the assistance of the g0v community, the government launched the “SMS real-link system”. Users do not need the Internet, and even non-smart phones can use it. The data concatenation of the SMS is used to assist the epidemic response.
Everything has two sides. The linkage system records footprints and makes epidemic investigation more convenient. On the other hand, people will worry about whether the information will be affected by the government. Or abuse by telecommunications companies. In order to solve the public’s doubts, the SMS real-time linkage system converts store information into codes, and telecom operators cannot obtain the correspondence between stores and codes. The newsletter data is stored in different carriers and will be deleted after 28 days. When the epidemic command center needs the nuclear footprint of the epidemic investigation, it will integrate the SMS data scattered in various telecom companies, so that the store code data can completely interpret the location information and ensure that these data will only be used for epidemic prevention.
Common privacy-enhancing technologies include homomorphic encryption, differential privacy, and federated learning. Take Homomorphic encryption as an example. This encryption method allows the server to perform operations on the ciphertext, and the result can be obtained after decryption.
From the figure below, you can see the difference between homomorphic encryption and general cloud computing. In a general cloud computing scenario, all data needs to be uploaded to the cloud server for computing. However, uploading data to cloud computing may still have the risk of data leakage. With homomorphic encryption, the encrypted data can still be calculated after being uploaded to the cloud, and the returned data is also encrypted, and the result can be obtained after decryption.
To use the above “privacy enhancement technology”, high-performance and high-speed computing resources are required. I hope that in the future, Taiwan will have independent research and development and independent management capabilities on PETs. The national high-speed network The computing center has a national-level supercomputer infrastructure, and is looking forward to becoming a development environment for PETs, bringing together research results from all walks of life, together with a complete legal system, and jointly upholding human rights in the digital age.