Slide 1
Slide 1 text
Privacy by design
Challenges and Opportunities using
Privacy Enhancing Technology (PET)
Yanick Dols
Ecosystem Developer at Brightlands
Fabian van den Broek
Assistant Professor at Open University
Slide 2
Slide 2 text
Yanick Dols
Ecosystem Developer at Brightlands
Smart Services Campus
Slide 3
Slide 3 text
Brightlands
A Limburg initiative for
a sustainable and
healthy future
Stimulate innovation
Create employment
Attracting and retaining talent
Boosting the Limburg economy
Slide 4
Slide 4 text
From four innovation campuses we look for solutions for
tomorrow that already lead to opportunities today
Sittard-Geleen
Brightlands
Chemelot Campus
Smart materials
Sustainable production of chemicals
Maastricht
Brightlands
Health Campus
Regenerative medicine
Precision medicine
Innovative diagnostics
Venlo
Brightlands
Greenport Campus
Food
Healthy nutrition
Heerlen
Brightlands
Smart Services Campus
Data science
Smart services
Slide 5
Slide 5 text
Brightlands
Chemelot Campus
Brightlands
Health Campus
Brightlands
Greenport Campus
Brightlands
Smart Services Campus
Slide 6
Slide 6 text
Knowledge crossing borders
Geographically, organizationally and scientifically
Slide 7
Slide 7 text
No content
Slide 8
Slide 8 text
We encourage close
cooperation between
entrepreneurship,
science and
governments
Entrepreneurs
hip
Public
sector
Knowledge
institutes
Brightlands
Slide 9
Slide 9 text
We combine on our
campus science,
entrepreneurship,
talent and
state-of-the-art
facilities
Offices
& Facilities
Innovation
& Research
Talent &
Education
Public
sector
Citizens
Entrepreneur
s
Knowledge
institutes
Slide 10
Slide 10 text
No content
Slide 11
Slide 11 text
You learn and innovate on a specific theme
with our business and knowledge partners
ESG
reporting
Poverty
& debt
Admin
tech
Smart public
services
Energy
transition
Climate
change
Fraud
detection
Digital
identity
HR
tech
Sustainable
homes
Digital
inclusion
Customer
interaction
Businesspartners Themes
Knowledge Partners
Slide 12
Slide 12 text
WE WORK WITH SEVERAL
Artificial
Intelligence
Synthetic
data
Multi Party
Computing
DISRUPTIVE TECHNOLOGIES
Blockchain Self Sovereign
Identity
Quantum
Computing
Slide 13
Slide 13 text
Fabian van den Broek
Assistant Professor at Open University
Slide 14
Slide 14 text
security privacy
the Security vs. Privacy debate
security
privacy
Slide 15
Slide 15 text
security privacy
Slide 16
Slide 16 text
security problems privacy problems
Slide 17
Slide 17 text
security problems privacy problems
1
1. e-mail scam
Slide 18
Slide 18 text
security problems privacy problems
1. e-mail scam
2. account take-over by criminal
2
Slide 19
Slide 19 text
security problems privacy problems
1. e-mail scam
2. account take-over by criminal
3. Google employee spying on your e-mail
3
Slide 20
Slide 20 text
security problems privacy problems
1. e-mail scam
2. account take-over by criminal
3. Google employee spying on your e-mail
4. profiling by Google based on your e-mail
4
Slide 21
Slide 21 text
security problems for
Google
privacy problems for users
1. e-mail scam
2. account take-over by criminal
3. Google employee spying on your e-mail
4. profiling by Google based on your e-mail
security problems
for users
Slide 22
Slide 22 text
security problems for
Google
privacy problems for users
1. e-mail scam
2. account take-over by criminal
3. Google employee spying on your e-mail
4. profiling by Google based on your e-mail
5. cryptominer on Google’s servers
security problems
for users
5
Slide 23
Slide 23 text
1. e-mail scam
2. account take-over by criminal
3. Google employee spying on your e-mail
4. profiling by Google based on your e-mail
5. cryptominer on Google’s servers
security problems privacy problems
Slide 24
Slide 24 text
1. e-mail scam
2. account take-over by criminal
3. Google employee spying on your e-mail
4. profiling by Google based on your e-mail
5. cryptominer on Google’s servers
different attacks & different attackers
Slide 25
Slide 25 text
1. e-mail scam
2. account take-over by criminal
3. Google employee spying on your e-mail
4. profiling by Google based on your e-mail
5. cryptominer on Google’s servers
different goals
Slide 26
Slide 26 text
1. e-mail scam 🡪 finances
2. account take-over by criminal 🡪 authenticity/integrity
3. Google employee spying on your e-mail 🡪 privacy / confidentiality
4. profiling by Google based on your e-mail 🡪 privacy / autonomy
5. cryptominer on Google’s servers 🡪 computation cycles
Slide 27
Slide 27 text
1. e-mail scam
2. account take-over by criminal
3. Google employee spying on your e-mail
4. profiling by Google based on your e-mail
5. cryptominer on Google’s servers
How to compare or value these?
Slide 28
Slide 28 text
security privacy
Slide 29
Slide 29 text
less security more security
Slide 30
Slide 30 text
Helps keep data
confidential
Helps availability
of data
backups
Slide 31
Slide 31 text
security
privacy
Slide 32
Slide 32 text
good for security property Y that party A & B care about
assuming attacker model E
bad for security property Y’ that A & C care about
assuming attacker model E’
good for security property X of party A
assuming attacker model E’
bad for privacy property X of party B
good for privacy property Z’ of party B
bad for societal concern Z’’
design space
Slide 33
Slide 33 text
security
requirement Y
detecting
abuse
usability
• for users & customers
• for organisation
• for sys-admins
• for software
developers
cost
security
requirement X
revocation
non-repudiation
anonymity
privacy
requirement Z
repudiation
benefits
Slide 34
Slide 34 text
Do not despair….
• Security is hard…
• Privacy is (often) harder…
• But, you have to do it. By design.
Slide 35
Slide 35 text
Enter PETs….
Slide 36
Slide 36 text
Privacy Enhancing Technologies (PETs)
Techniques that improve privacy, while keeping functionality
Slide 37
Slide 37 text
Many different PETs
• Zero knowledge proofs (ZKP)
• Attribute-based Credentials (ABC)
• Fully Homomorphic Encryption (FHE)
• Multi-Party Computation (MPC)
• Federated Learning (FL)
• Differential Privacy (DP)
• ….
Slide 38
Slide 38 text
Many different PETs
• Zero knowledge proofs (ZKP)
• Attribute-based Credentials (ABC)
• Fully Homomorphic Encryption (FHE)
• Multi-Party Computation (MPC)
• Federated Learning (FL)
• Differential Privacy (DP)
• ….
Slide 39
Slide 39 text
Zero-Knowledge Proofs (ZKP)
Proof knowledge of a certain value, without revealing it
• Pick a card from a randomized deck
• Prove the color of the card (red/black),
without revealing anything else
Slide 40
Slide 40 text
Zero-Knowledge Proofs (ZKP)
Prover Verifier
Proof
Prover
secret ?
Slide 41
Slide 41 text
ZKP
Slide 42
Slide 42 text
ZKP
ABC
Attribute-based credentials (ABC)
• Proof ‘attributes’ of yourself
• Name, birthdate, bloodtype, etc.
• Without revealing anything else
Slide 43
Slide 43 text
ZKP
ABC
Attribute-based credentials (ABC)
• Proof ‘attributes’ of yourself
• Name, birthdate, bloodtype, etc.
• Without revealing anything else
Slide 44
Slide 44 text
Multi-Party Computation
• Allow multiple parties to compute something together
• Each party has their own input
• No party learns the input of other parties
• The result can be shared, or individualized
Slide 45
Slide 45 text
…
1
secret
2 3 n
secret secret secret
function
Slide 46
Slide 46 text
So many
PETs…
Slide 47
Slide 47 text
PET Decision
Tree
Slide 48
Slide 48 text
No content
Slide 49
Slide 49 text
No content
Slide 50
Slide 50 text
No content
Slide 51
Slide 51 text
More information?
Step by at our
stand #31
Thank you!