CBS explores possible privacy preserving techniques

/ Author: Miriam van der Sangen
Computer cables
© Hollandse Hoogte / Westend61
The statutory task of Statistics Netherlands (CBS) is to carry out high-quality statistical research for the government sector and academia. CBS handles the data it needs for this work responsibly and with great care. This is a priority for CBS, which has its privacy policy assessed and certified externally. In addition, it is constantly on the lookout for new techniques to meet the growing demand for statistical information, while safeguarding the privacy of all parties.

New techniques

CBS increasingly receives requests from external parties wishing to produce new public statistical information by combining their data with CBS data. In order to do this securely, while keeping a sharp eye on everyone’s interests, CBS is continuously searching for new techniques. One of these techniques is to leave data stored securely with the source owners and to analyse those data remotely. ‘We started exploring these opportunities as early as 2018,’ says Paul Grooten, data architect at CBS. ‘The new CBS data strategy was then adopted by the board of directors. In cooperation with Brightlands Smart Services Campus and TNO, among others, CBS subsequently began to explore opportunities in the area of privacy preserving techniques.’

Research and experimental phase

Privacy preserving techniques are new cryptographic techniques with which privacy-sensitive data are analysed without parties having access to those privacy-sensitive data themselves and without the privacy-sensitive data leaving the organisation where they are stored. Leen Roosendaal, director of Policy and Management Support at CBS: ‘Universities are already doing a lot of research in this area. We are still in the research and experimental phase, in which we want to learn from our experiences. This technique has a clear IT component, but there are also all kinds of legal aspects involved, due to the General Data Protection Regulation (GDPR).’

Data and sources on the increase

According to Roosendaal, there are various reasons why CBS is studying these new privacy preserving techniques. ‘In addition to surveys, CBS obtains data from public registers and records. There are further potential sources for statistics that are not available to CBS. This may be for legal reasons, but also because the owner of a source is not willing to send any privacy-sensitive data to CBS. Furthermore, it is expected that in future it will no longer be sustainable to collect all data in one place, as data and sources are constantly on the increase. In addition, CBS is under an obligation to the people and companies whose data it holds to deal with information about them as securely as possible. These new techniques may provide extra value added in this respect.’ As well as securing privacy and information, analysing data at the source also has the advantage that the latest data can be used.

Cooperation with universities

Another reason for the research is that CBS can use the knowledge and experience gained to create a data infrastructure that enables researchers to combine, in a secure manner, data that are held at CBS with research data stored by the researchers’ own institutions. Grooten: ‘In the research on setting up such a data infrastructure for statistical use, CBS is cooperating with the University of Groningen (RUG) and Maastricht University (UM). The goal is to find innovative ways – technical, organisational and legal – to access, link and aggregate, for statistical purposes, data that are stored at data source owners. A condition for this is, however, that the storage, exchange, analysis and publication of the data must take place within the legal frameworks of CBS and the GDPR.’

International partners

CBS is working in this field not only with national partners, but also with international parties. In mid-2020, for instance, at the initiative of CBS and the Italian National Institute for Statistics (ISTAT) – under the banner of the United Nations – a project was launched with the statistical institutes of Australia, Canada and the United Kingdom to exchange knowledge and experience on this subject. For example, ISTAT has conducted an experiment with the Banca d’Italia, from which the partners can learn a great deal. The experiment does not concern the exchange of data, but is instead a technical and methodological project. It is of great importance that the statistical institutes involved use the same basic principles, so that major steps can be taken internationally. The United Nations itself is also doing research on these techniques. In this context, the ‘UN Privacy Preserving Techniques Handbook’, on which CBS collaborated, has been published.