New encryption methods allow collecting and analyzing sensitive data while maintaining the highest data protection level.
The collection of sensitive data, as currently discussed in connection with the “Green Passport”, has provoked heavy criticism since it is feared that data protection and data security cannot be guaranteed. In fact, ready-to-use technologies to solve this dilemma have long been developed in research, as Stefanie Lindstaedt, Managing Director of Know-Center, explains: “Thanks to intensive international collaboration, we have mature innovative methods at hand that enable secure and verifiable evaluation of confidential and sensitive data while protecting privacy.”
Applied cryptography methods, such as homomorphic encryption, are used for this purpose. They ensure that confidential data are processed without being decrypted first.
While successful areas of application already exist internationally – e.g., in Estonia education and income data have been analyzed using this new encryption method – the method has not been used in Austria yet. As part of the Safe-DEED research project, in cooperation with Graz University of Technology and international partners, Know-Center has successfully demonstrated the application using simulated data.
The so-called CoronaHeatMap shows where people infected with the Corona virus were located when they got infected, providing a valuable addition to contact tracing. This could help health authorities to better understand the regional spread of the virus and to take specific measures effectively. In order to achieve this, a person’s health data are interlaced with the mobile phone movement data via homomorphic encryption. No conclusions about individual persons are possible.
According to project leader, Christian Rechberger, of the Institute for Applied Information Processing and Communication Technology at Graz University of Technology, the data register for crisis situations would be “a predestined” first use case for this new technology. “With homomorphic encryption, the data register can be implemented while maintaining privacy and protecting sensitive personal data,” Rechberger explains, outlining the technology’s advantage as follows: “No data source has to copy the data anywhere else, the registers do not have to be merged centrally. The data remain local, and the calculations are encrypted. Only the result of the respective study is eventually disclosed.”
In the healthcare sector in particular, artificial intelligence is becoming a key technology that can help reduce healthcare spending and improve patient care. “If health data from different sources are combined, it is possible, e.g., to better predict illnesses and disease progression based on the patient’s medical history and to develop better therapies,” Lindstaedt states, indicating areas of application beyond the pandemic control.
However, the exchange and analysis of sensitive data requires distinct ethical and legal frameworks and trustworthy solutions in order for the society to benefit from AI applications.