Unlocking Business Value: Insights from the PETs London Conference

business strategy, data governance
data governance - a building image

By Sabri Skhiri

The recent Privacy Enhancing Technologies (PETs) London Conference convened stakeholders across Legal, IT, and various business domains to delve into the evolving data privacy and security landscape. With a focus on collaborating and sharing data through cutting-edge PETs, the summit provided valuable insights into how organisations can optimise the value of their data while ensuring privacy and security. Here, we distil the key themes and insights shared during the conference, shedding light on the business implications of PET adoption and the delicate balance between overhead, value, and regulatory compliance.

 

The Evolving PET Landscape
The conference highlighted several established PETs, including anonymisation, synthetic data generation, federated learning, fully homomorphic encryption (FHE), multi-party computation (MPC), and trusted execution environments (TEEs). Notably, TEEs received increased attention, driven by technological advancements and the growing need for secure data processing. NDLR: Concerns persist regarding the overhead associated with TEEs, particularly in non-defence sectors, where their value proposition remains unclear.

Moreover, Large Language Models (LLMs) emerged as potential catalysts for PET adoption, given their reliance on sensitive data processing. Data governance was also cited as a foundational PET, emphasising the importance of inventorying and classifying data to ensure compliance. It was noted that PETs come into play when access cannot be granted based on legal grounds, highlighting the symbiotic relationship between data governance and PET implementation.

 

Regulation and Guidance: A Balancing Act
A recurring theme throughout the conference was the tension between robust data privacy regulation and the need for clear technical implementation standards. While regulations continue to evolve, the absence of clear guidance impedes widespread PET adoption. Regulations such as the Data Act, AI Act, and Data Governance Act introduce diverse compliance obligations, compounding the challenge for organisations.

In this complex regulatory landscape, clear guidance from regulators and expert advisors becomes imperative to unlock the value of data while ensuring compliance. Euranova's compliance pack service offer stands out as a potential solution for bridging the gap between legal requirements, technology, and data governance.

 

Unlocking Value Through Data and PETs
Organisations showcased how they leverage PETs to unlock the value of data while adhering to privacy regulations. Examples include PwC Germany's collaboration with Anonos on anonymisation solutions and Roche's integration of PETs into their data product journey. Mastercard's evaluation of MPC in a Proof of Concept (PoC) in Singapore for financial crime investigation further underscores the potential of PETs in diverse applications.

However, implementing PETs is not without its complexities. Creating awareness and buy-in across different departments is crucial, as is demonstrating how PETs support legal requirements. Bridging the knowledge gap between legal and technical teams is essential to navigate implementation challenges effectively.

 

Beyond Implementation: Collaboration and Building Trust
Panel discussions emphasised the critical role of collaboration in successful PET implementation, bringing together diverse stakeholders to overcome hurdles. Building trust in PETs emerged as a key challenge, necessitating transparency and explainability in technology. Addressing these concerns is vital to foster trust among data subjects and within organisations.

 

Legal Questions and PETs
The conference also tackled key legal questions surrounding PETs and data privacy. Legal experts discussed the legal basis for anonymising data, highlighting the importance of adhering to stringent definitions of anonymisation. The implications of data subject consent withdrawal on machine learning models sparked debate, underlining the need for clearer guidance amid evolving legal landscapes.

 

In conclusion, the PETs London Conference underscored the immense potential of PETs to unlock the value of data while safeguarding privacy. Moving forward, collaboration, clear legal frameworks, and continued development of PETs will be essential for responsible data use in the digital age. By striking a balance between innovation, compliance, and trust-building, organisations can harness the full potential of PETs to drive business value while upholding privacy and security standards.

All blog articles