Google's Private Join and Compute Gives Companies Data Insights While Preserving Privacy (venturebeat.com) 22
An anonymous reader shares a report: Over 70 million records were stolen or leaked from poorly configured databases last year, making privacy a top concern. That's no doubt one motivation behind Google's open-sourcing this morning of Private Join and Compute, a new secure multi-party computation (MPC) tool designed to help organizations work together with confidential data sets. "We continually invest in new research to advance innovations that preserve individual privacy while enabling valuable insights from data," wrote engineering director Sarvar Patel and research scientist Moti Yung in a blog post. "Many important research, business, and social questions can be answered by combining data sets from independent parties, where each party holds their own information about a set of shared identifiers, some of which are common."
At its core, Private Join and Compute lets organizations gain aggregated insights about the other party's data. They're able to encrypt identifiers and associated data, join them, and then perform calculations on the overlapping corpora to draw useful information. All identifiers and their associated data remain fully encrypted and unreadable throughout the process. While neither party is forced to reveal their raw data, they can answer questions at hand using outputs of the computation -- for instance, counts, sums, and averages. Private Join and Compute achieves this with two cryptographic privacy methods devised to protect sensitive data: Private set intersection and homomorphic encryption.
At its core, Private Join and Compute lets organizations gain aggregated insights about the other party's data. They're able to encrypt identifiers and associated data, join them, and then perform calculations on the overlapping corpora to draw useful information. All identifiers and their associated data remain fully encrypted and unreadable throughout the process. While neither party is forced to reveal their raw data, they can answer questions at hand using outputs of the computation -- for instance, counts, sums, and averages. Private Join and Compute achieves this with two cryptographic privacy methods devised to protect sensitive data: Private set intersection and homomorphic encryption.
"Put your secret proprietary eggs in our basket" (Score:1)
Trust GOOGLE with PRIVACY? Right after I get done trusting Facebook with my financial transaction history..
I don't hate Google, but I trust them as much (Score:2)
Re: (Score:1)
Re: (Score:2)
So (Score:1)
Is it private data or not? If its private data why can Google access it? If its public data then why do I care if someone steals it from Google, that's just switching who makes profit from my public data. The point is if its data I don't want other companies to have I sure as hell don't want Google to have it either. What's so special about Google where I should give them my trust.
Re:So (Score:4, Informative)
It is private data. The point of multiparty computation (MPC) is that you encrypt data in a specific but safe way that allows computation on the data without figuring out what the data is. Like, say that you and someone else wants to know who earns the most money. You do NOT want to tell him and he does NOT want to tell you how much each of you earn.
To solve the problem, you both encrypt how much money you earn, using a specific encryption scheme, and then using MPC you can compute, from the encrypted values of what you earn and what he earns, what the encrypted value of the max of these two values are, without decrypting the values ever. From that you can see if you or he earns the most.
What Google is talking about is similar, but with other types of data and functions (i.e. databases and joins).
It is a lie. (Score:3)
They can leave the data in comparison sets individually encrypted and compare them. They are still invading my privacy, and it is still something that I don't won't. Nobody does.
Google is just putting lipstick on a pig here.
Re: (Score:2)
Yeah, the fundamental issue being danced around here is - this isn't their data, it's my data. Which is why I don't use Google products for my personal stuff anymore.
My work email and calendar are on G Suite, but in Washington State any state employee's email and whatnot are considered public records anyway so...
Re: (Score:2)
* Except Waze - I do occasionally use Waze.
Of course it does (Score:2)
Google will protect privacy? It is to laugh:
Ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha ha...
See?
BBC doing similar, but a smaller box... (Score:2)
Running on (your own) Rasperry Pi, the BBC yesterday launched the BBC box, an implementation of Databox [databoxproject.uk] which allows you to process your own data exported from various platforms (examples given include iPlayer, spotiify, Instagram, Strava, Monzo) to give you insights based on your own data, which you control and can export to others based on your permissions.
https://www.bbc.co.uk/rd/blog/... [bbc.co.uk]