Dr. Ellison Anne Williams, Founder and CEO of Enveil discusses the challenges of secure data sharing and collaboration.
Why is secure data sharing and collaboration critical now?
We are in an era of digital transformation where data is a foundational component of success. Organizations have (or are seeking) access to more data than ever before and while this data can be an incredible tool when used to inform decision making and influence future strategy, respecting data privacy, confidentiality, and security is essential. This is especially critical when some portion of the data is sensitive and/or restricted due to regulatory requirements. Organizations need to be able to leverage data, from both internal and external sources, without elevating risk by compromising their competitive interests or the data itself. This increasingly has them looking for technical solutions that can secure data without affecting usability — after all, data serves no purpose unless you are able to unlock value through usage.
Why is the problem so challenging?
There are several factors that complicate the secure and private use of data, many of which revolve around volume and complexity. Whether sharing and collaborating across internal data silos or with third-party entities, most organizations are dealing with a large amount of data spread across a number of disparate sources, many of which have specific use restrictions and heterogenous regulatory and/or confidentiality requirements. Alternatively, pooling data assets substantially increases risk relating to customer privacy, competitive interests, and data localization requirements and, even when data centralization is possible, the benefits gained often do not outweigh the risks introduced. Not to mention that it is incredibly risky to create single points of security failure.
What are Privacy Enhancing Technologies (PETs) and what makes them unique?
Privacy Enhancing Technologies are a business-enabling family of technologies that enhance, enable, and preserve the privacy of data throughout its lifecycle. PETs can secure the usage of data, allowing data to be searched, analyzed, and operated on without compromising that interaction or the underlying data. The category, which includes technologies such as homomorphic encryption, secure multiparty, computation, and trusted execution environments, has seen a recent surge of interest driven by market factors such as a consumer-driven increased drive for privacy and the quick-moving heterogeneous regulatory landscape. By protecting data while it’s used or processed, PETs enable capabilities that are not otherwise possible for a number of business use cases, including a decentralized approach to collaboration. This uniquely allows organizations to leverage data assets where they are today, overcoming many of the risks inherent in centralizing or pooling assets.
What is driving the adoption of PETs in the commercial market?
For businesses, the core interest in PETs is driven by a need to leverage and extract value from a wide range of data sources. Gartner analysts recently named privacy-enhancing computation as one of its 2022 Top Strategic Technology Trends, estimating that 60% of large enterprises will be leveraging one or more of these techniques by 2025. The governments of the United States and the United Kingdom have also recognized the category’s value to protect privacy and intellectual property, and enable cross-border and cross-sector collaboration. They recently announced plans to collaborate on bilateral innovation prize challenges specifically focused on advancing the adoption of PETs.
Can you give an example of how organizations are leveraging PETs for secure data sharing and collaboration today?
In the financial services space, banks are using PETs-powered solutions to facilitate secure and private data sharing in order to more effectively evaluate customer risk. These organizations spend a massive amount of time and resources completing Know Your Customer (KYC) and Customer Due Diligence (CDD) checks on new and existing customers, but regulations prevent them from sharing customer risk intelligence across privacy jurisdictions or between entities. This lack of access to existing intel often forces analysts to make risk-rating decisions based on incomplete information. PETs can help eliminate that gap by enabling banks to securely and privately cross-match and search regulated data across jurisdictions in a business-relevant timeframe while ensuring sensitive assets remain protected during processing. Gaining access to a wider set of data in this secure and privacy-preserving manner improves outcomes by reducing false positives, driving prioritization, advancing the efficiency of financial crime investigations, improving enterprise data quality, and enabling greater operational efficiency.
What do you think this market will look like 18 months from now?
PETs are just beginning to come into their own as a category as recent technology breakthroughs have made them computationally practical for commercial use at scale. In the next 18 months, we’ll see a substantial shift toward using these technologies to solve big-picture privacy challenges like data sharing and collaboration. Organizations will recognize their unique ability to deliver both business-enabling and privacy-preserving capabilities and we’ll see market-leaders implementing PETs for operational use at scale.