Privacy preserving statistical studies on linked databases

The aim of the research project PRIST is to develop a more secure solution for studies that need linked data from different databases.

In PRIST a register-based study is conducted to compare the process and accuracy of a regular and privacy-preserving study. The aim is to discover relationships between levels of IT education and salary and between working during studies and time required for graduating.

The project is carried out by the following partners:

  • Association of Information Technology and Telecommunications ITL as the decision-maker needing answers to the defined research questions,
  • Estonian Center for Applied Research CentAR as the analyst and subject area expert,
  • Estonian Information System’s Authority RIA, Ministry of Finance, Information Technology Center RMIT and Cybernetica as participants in the secure multiparty computation,
  • data is secret-shared by Ministry of Education and Research and Estonian Tax and Customs Board,
  • data processing is reviewed by the Estonian Data Protection Inspectorate.

Technology used in PRIST is based on the theory of secure multiparty computation. Secure multiparty computation preserves confidentiality of input data and only designated parties can conduct pre-specified operations with the study data. This helps researchers to respect the natural persons’ fundamental right to the protection of personal data and keep it secret with best contemporary scientific and technological guarantees.

Secure multiparty computation also offers a solution to the data owner’s problem with research where data owner loses control of data processing as soon as data is given out of the organization. With secure multiparty computation the data owner retains control of data and its processing during the whole time when data is used and can revoke this permission when needed.

During the project new privacy-preserving statistical software and research process are developed and tested. Privacy guarantees of the new process is compared with a traditional study that does not use personal data.

In the PRIST study data processing is implemented with the Sharemind® software.

Sharemind® has been developed by Cybernetica in a number of research projects and according to published information is the most complete secure multiparty computation platform existing.

The statistical software of the PRIST project is implemented as a Sharemind® application written in the imperative SecreC programming language. SecreC distinguishes between the public and private data at the data type level. With SecreC the full Sharemind® system is available to software developers without cryptographic expertise.

The project is funded by the European Regional Development Fund through the Implementing Agency Archimedes Foundation from the operational programme for the Development of the Economic Environment, priority axe for Improving the competitiveness of Estonian R&D through the research programmes and modernization of higher education and R&D institution.

The project reference in the register of structural support is 3.2.1201.13-0017.