Whitepaper – Important legal aspects when applying Multi-Party Computation in the public domain

White paper - Important legal aspects when applying Multi-Party Computation in the public domain

Secure Multi-Party Computation (MPC) is a technology that facilitates data analysis applications in a privacy-friendly manner. MPC enables parties to perform calculations with the data of a party, without one party’s data becoming known to the other party. As a result, parties can make their data available for joint analysis without sharing their actual data.

The public domain has expressed a desire to use MPC. However, many public organisations are uncertain about the legal acceptability of using MPC. Among other things, public organisations wonder how the deployment of MPC relates to the requirements of privacy law. In particular, the question often arises to what extent the deployment of MPC can contribute to the lawfulness of using personal data collected for a specific purpose for other purposes (so-called “multiple use”). Both data protection legislation, such as the General Data Protection Regulation (GDPR), and sector-specific laws provide rules on multiple use of data. For example, the General Act on State Taxes (Algemene Wet inzake Rijksbelastingen, AWR) has duty to keep silent and the Participation Act (Participatiewet, Pw) contains a strict purpose limitation.

In the whitepaper below, legal experts from Pels Rijcken’s Innovation, Privacy & Technology (IP&T) team, with support from technical experts from Linksight and TNO, explore the legal aspects (in relation to the technical aspects) of deploying MPC, based on two specific forms of application. In doing so, it also addresses the question whether, and if so, what legal requirements may affect the deployment of MPC. This whitepaper aims to reduce legal uncertainty existing among public organisations and was created on behalf of the Gaia-X hub the Netherlands, now part of the Centre of Excellence for Data Sharing & Cloud.

Download the whitepaper

Share:

Read more

White paper: Guidance for successful data space deployment

White paper: Guidance for successful data space deployment

Parties interested in deploying a data space need to use the right technologies and need to make sure they get the business and governance of the data space right. This is easier said than done, because there is relatively little guidance on how to deploy a data space successfully. What guidance can be given?

The benefits of combining data spaces and Privacy Enhancing Technologies

The benefits of combining data spaces and Privacy Enhancing Technologies

Data spaces and Privacy Enhancing Technologies have a common goal: making insights from data accessible in a confidential manner. But the development of both is driven by two different communities. This must change. By applying PETs within data spaces, confidentially exchanging insights from (privacy sensitive) data becomes more scalable.