UK pushes financial firms to adopt privacy-enhancing technologies

With hindsight, 2019 will be remembered as a turning point for privacy-enhancing technology (PET) in the UK: the beginning of a push to drive adoption of what had previously been considered an emerging technology.

It started when the Royal Society, the UK’s national academy of sciences, published a report on the uses and limitations of PETs in data analysis. In a foreword, University of Oxford professor Alison Noble wrote that the report “captures a moment in time where the technologies are maturing and opportunities to use these technologies are beginning to emerge.”

Sure enough, the report proved to be the first of many projects undertaken by regulators, legislators, national bodies, and companies to demonstrate that the enticing promise of PETs—to enable the large-scale analysis of sensitive data while maintaining principles of data protection—was becoming a reality.

The same year, the Financial Conduct Authority (FCA) held a tech sprint showcasing potential uses of PETs in fighting financial crime. And the Information Commissioner’s Office (ICO), the UK’s data protection regulator, began incorporating PETs into its anonymization guidance, before coming out with standalone guidance on the use of PETs.

This renewed focus on PETs has continued into 2023, when information commissioner John Edwards told all companies sharing large amounts of data, “We recommend that over the next five years you start considering using PETs.”

And a new bill designed to introduce a more flexible data protection regime, facilitate innovation in data sharing, and enable the construction of data bridges with international partners was even mentioned by King Charles in his state opening of Parliament.

Banks that need to collaborate on tackling money laundering, identifying fraud, and generating synthetic data to test systems are already turning to PETs to preserve secrecy and ensure compliance with data protection regulations. Vendors and users of PETs say it is easier than ever before to implement these technologies in the UK, but warn that the hardest step will be getting financial institutions on board.

Ronen Cohen, vice president of strategy at PET vendor Duality Technologies, points to the example of the National Health Service’s federated data platform—including a tender specifically for a provider of privacy-enhancing technology—as a sign that that the government and industry understand the benefits that these technologies can bring.

“Once you start seeing government health agencies going out to public tender on privacy technologies, that means that it’s no longer an experiment. And when you see regulators like the ICO making these strong statements … PETs are entering the mainstream, not just in discussion, but in usage,” Cohen says.

The potential payoff is significant. Money laundering alone is estimated to cost the UK over $125 billion every year. The value of other opportunities created by financial institutions unlocking mutualized data insights is incalculable.

But change happens slowly in financial services in the best of times. And when it comes to sharing the data that gives them a competitive edge, financial institutions are often reluctant to take the lead. “When they do need to collaborate, it’s done over a phone call and in a back room. Moving from that to starting to use technology at scale—that’s a big cultural shift,” Cohen says.

Firm foundations

Paul Comerford, principal technology advisor of anonymization and encryption at the ICO has witnessed this growing interest in PETs firsthand. Originally a cybersecurity specialist at the ICO, he transitioned into a role focused on anonymization in 2019, just as efforts to refresh the anonymization guidance were bringing PETs into the spotlight.

Comerford explains that there are a few drivers for the increased attention to PETs. One is the introduction of the EU’s General Data Protection Regulation (GDPR) in 2018, which spurred organizations to take data protection more seriously. But he also says that there has been a surge in the progress of privacy-enhancing technologies over the last five years.

“Four or five years ago, some of them just weren’t ready. Computationally, they were too intensive, they would take too much time to run, there was too much overhead. And I think those problems are slowly going away with some PETs more than others. Also, standardization is starting to gain traction now with some of the PETs,” Comerford says.

The Centre for Data Ethics and Innovation (CDEI) launched a public repository of PET use cases in 2021, detailing how organizations are already harnessing PETs in industries from finance to transportation. The idea is that other companies hoping to implement PETs can find examples of specific technologies and methodologies that have solved similar problems.

The ICO’s guidance on PETs also points to a degree of standardization, listing the various data processing activities and the specific PETs or combinations of PETs that can help protect data privacy in each case. Sources say that such explicit guidance from regulators is rare and valuable.

But development and implementation can still be a challenge due to the relative lack of expertise and knowledge surrounding PETs. Nic Lane, a professor who leads the University of Cambridge Machine Learning Systems Lab, says beginning research into the technologies is still harder than it should be. When his group began looking into federated learning (FL) three years ago, they were quickly confronted with the limitations of existing frameworks.

“I realized that even to do some research in this space meant that you were coding a bunch of things up that should already exist,” Lane says.

The difficulties he encountered in his research led Lane to co-found Flower Labs, which provides an open-source framework to federate machine learning projects and other workloads. The original goal was just to enable his group to do the work that it wanted to do, but to his surprise, a community started to form around Flower Labs.

It’s probably 10 times easier right now for some Joe on the street to train a 7 billion–parameter LLM on readily available data than it is to build a federated system. And there’s no good reason for that.

Nic Lane, University of Cambridge

Lane says he believes the key to the further development of Flower Labs is the availability of software and well-executed frameworks. He points out that other potential limiting factors—such as regulatory confusion or the difficulty of assessing privacy—also exist for other types of machine learning, which are nonetheless thriving.

“It’s probably 10-times easier right now for some Joe on the street to train a 7 billion–parameter LLM on readily available data than it is to build a federated system. And there’s no good reason for that. Fundamentally, the problems are equally hard,” he says.

Similar to the meteoric rise of chatbots, Lane says he hopes the example of leading organizations and the availability of the necessary technology will cause momentum to build. “As soon as we can make it easy for people to do this, they will start doing it. There is regulatory confusion, jumpiness at banks, and lots of other things. And you could try to fix those first. But we take the opinion that if there’s enough value, and if you make it easy to do, then people at thousands of companies or in research labs will just start doing it,” he says.

PET peeves

PETs can be sorted broadly into two categories: software-based or hardware-based. Both still have their limitations. The hardware-based trusted execution environment (TEE) ensures that sensitive data is processed in a secure region of the CPU while remaining invisible to the operating system. But because the sensitive data is decrypted and processed in the clear within this enclave, most regulators do not consider this to be a privacy tool.

Software-based PETs, meanwhile, can be more time-consuming and computationally intensive, and often depend heavily on good governance and implementation.

Another difficulty lies in assessing the accuracy of the implementation in protecting the privacy of sensitive data. Until a successful attack or re-identification of anonymized data is carried out, it is hard to say exactly how well any PET or combination of PETs works. It is possible to measure how long the process takes to run, how complex the system is, and subject the system to attacks, but none of these can produce a reliable metric for comparison with alternative tools.

To this end, standards bodies are working to facilitate adoption of PETs by introducing technical guidelines for specific PETs and codifying the steps for assessing anonymization.

Professor Kai Rannenberg is the convenor of Working Group 5 within ISO’s information security standing committee, which is tasked with overseeing standards for identity management and privacy technologies.

His group has designed some standards for anonymization technologies, which can be used by businesses that need to safeguard the privacy of personal client data they are processing.

“A challenge that we’re dealing with is that often people want to know from us, ‘there’s a certain data anonymization technique, but how secure is it? How much data do I need to put into it to ensure anonymization?’ And that kind of assessment actually cannot be done in the general case, because it’s extremely context-dependent,” Rannenberg says.

The ICO's Comerford adds that certification schemes could eventually emerge alongside mature standards, allowing developers to Kitemark a PET for a particular use case, but that is a long way off.

Like Rannenberg, Duality’s Cohen recognizes that context and governance can have an outsized impact on the way in which a PET is implemented, and even the choice of PET. In fact, it is becoming more common for organizations to employ multiple PETs. When sharing sensitive data, for example, they could employ federated learning to minimize the information transferred between parties, along with homomorphic encryption to prevent parties from accessing the input information.

“Not everything can be fixed by a hammer or by screwdriver. And it used to be that privacy technology companies said, ‘This is the privacy technology to go with; it’ll solve everything.’ And I think everyone has seen that’s really not the case,” Cohen says. “And so you’re seeing privacy technology companies, Duality included, combining privacy technologies, either to support any type of computation, support new types of data, or support certain types of scale needs. That’s definitely a trend that’s happening. And you’ll actually see much more uptake as a result. It becomes more commercially feasible for organizations to take on because it solves more challenges.”

One company employing a combination of PETs is Tune Insight, a Swiss startup that completed a $3.4 million funding round last month. Using federated learning, homomorphic encryption, and secure-multiparty computation, Tune Insight helps hospitals collaborate with each other on multi-site analysis or with insurers on value-based healthcare without disclosing sensitive patient data. Due to the combination of techniques employed, all data that Tune Insight’s systems transfer is both encrypted and aggregated, meaning that any mutualized insights released at the end of the process cannot be linked back to the original records.

Juan Ramón Troncoso-Pastoriza, CEO of Tune Insight, says the same principles used in healthcare and insurance could transform anti-money laundering and fraud detection in financial institutions, reducing the current rate of false positives by 75% to 80% using machine learning-based systems working on collective data from multiple banks.

He gives the example of blacklist validations, which is when a bank wants to know whether an International Bank Account Number (Iban) was flagged in other banks’ networks without disclosing which bank flagged it or what score each bank gives the number. A system based on federated learning could simply retrieve information such as whether the number is on the blacklist of any banks or the average score given to the Iban by all the banks.

The challenge is that such a system requires buy-in from multiple institutions in order to construct a holistic view of transaction or client data.

“Normally, we talk directly with a hub,” Troncoso-Pastoriza says. “You need to create a critical mass of banks joining together in order to start having real value. … So talking with regulators, talking with the companies that do fraud detection for multiple banks—this is how we can actually serve a big network without having to onboard bank by bank.”

For now, though, financial institutions still seem to be waiting for successful examples before taking the plunge with their own sensitive data. “I would say that at the moment, PET adoption, unfortunately, is quite low. Some of the factors include the maturity, the complexity, the lack of understanding of how PETs could help with compliance and share data safely,” says the ICO's Comerford.

Legal and regulatory data handling requirements are often cited by compliance and data protection officers as reasons for the tentative adoption of PETs. But while regulation is clearly going in the direction of introducing more guarantees for the data subject, new stringent data rules should embolden firms by demonstrating more clearly how data can and cannot be processed.

“Data protection doesn’t prevent you from data sharing. It’s perceived as doing so, but it doesn’t. And there might be other perceived barriers to data sharing: customer preference, competitive advantage, trusting recipients, and financial regulations, for example,” Comerford says.

With the technological foundations in place and the regulatory landscape becoming clearer, the next task for proponents of PETs is to spread the word.

For its part, the ICO is working on publishing seven different use cases and organizing a workshop with customers and providers early in 2024 to demonstrate and discuss how PETs can be adopted safely.

But Comerford also offers a word of caution. For all their rapid progress in recent years, PETs are a long way from being able to do everything. “I don’t think they should be regarded as a silver bullet for all compliance needs. They will work very well for some types of data processing. But of course, there are some types of processing that may be unfair or unlawful, and the use of PETs is not going to get you over the line in those situations,” he says. “PETs are a very useful thing to have in the toolbox, but they’re not suitable for every use case.”