Multi-Regulation Computing: Examining the Legal and Policy Questions That Arise From Secure Multiparty Computation

Proceedings of the 2022 Symposium on Computer Science and Law Pub Date : 2022-11-01 DOI:10.1145/3511265.3550445

Julissa Milligan Walsh, Mayank Varia, A. Cohen, A. Sellars, Azer Bestavros

{"title":"Multi-Regulation Computing: Examining the Legal and Policy Questions That Arise From Secure Multiparty Computation","authors":"Julissa Milligan Walsh, Mayank Varia, A. Cohen, A. Sellars, Azer Bestavros","doi":"10.1145/3511265.3550445","DOIUrl":null,"url":null,"abstract":"This work examines privacy laws and regulations that limit disclosure of personal data, and explores whether and how these restrictions apply when participants use cryptographically secure multi-party computation (MPC). By protecting data during use, MPC offers the promise of conducting data science in a way that (in some use cases) meets or even exceeds most people's conceptions of data privacy. With MPC, it is possible to correlate individual records across multiple datasets without revealing the underlying records, to conduct aggregate analysis across datasets which parties are otherwise unwilling to share for competitive reasons, and to analyze aggregate statistics across datasets which no individual party may lawfully hold. However, most adoptions of MPC to date involve data that is not subject to privacy protection under the law. We posit that a major impediment to the adoption of MPC - on the data that society has deemed most worthy of protection - is the difficulty of mapping this new technology onto the design principles of data privacy laws. While a computer scientist might reasonably believe that transforming any data analysis into its privacy-protective variant using MPC is a clear win, we show in this work that the technological guarantees of MPC do not directly imply compliance with privacy laws. Specifically, a lawyer will likely want to ask several important questions about the pre-conditions that are necessary for MPC to succeed, the risk that data might inadvertently or maliciously be disclosed to someone other than the output party, and what recourse to take if this bad event occurs. We have two goals for this work: explaining why the privacy law questions are nuanced and that the lawyer is correct to proceed cautiously, and providing a framework that lawyers can use to reason systematically about whether and how MPC implicates data privacy laws in the context of a specific use case. Our framework revolves around three questions: a definitional question on whether the encodings still constitute 'personal data,' a process question about whether the act of executing MPC constitutes a data disclosure event, and a liability question about what happens if something goes wrong. We conclude by providing advice to regulators and suggestions to early adopters to spur uptake of MPC. It is our hope that this work provides the first step toward a methodology that organizations can use when contemplating the use of MPC.","PeriodicalId":254114,"journal":{"name":"Proceedings of the 2022 Symposium on Computer Science and Law","volume":"23 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2022 Symposium on Computer Science and Law","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3511265.3550445","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

This work examines privacy laws and regulations that limit disclosure of personal data, and explores whether and how these restrictions apply when participants use cryptographically secure multi-party computation (MPC). By protecting data during use, MPC offers the promise of conducting data science in a way that (in some use cases) meets or even exceeds most people's conceptions of data privacy. With MPC, it is possible to correlate individual records across multiple datasets without revealing the underlying records, to conduct aggregate analysis across datasets which parties are otherwise unwilling to share for competitive reasons, and to analyze aggregate statistics across datasets which no individual party may lawfully hold. However, most adoptions of MPC to date involve data that is not subject to privacy protection under the law. We posit that a major impediment to the adoption of MPC - on the data that society has deemed most worthy of protection - is the difficulty of mapping this new technology onto the design principles of data privacy laws. While a computer scientist might reasonably believe that transforming any data analysis into its privacy-protective variant using MPC is a clear win, we show in this work that the technological guarantees of MPC do not directly imply compliance with privacy laws. Specifically, a lawyer will likely want to ask several important questions about the pre-conditions that are necessary for MPC to succeed, the risk that data might inadvertently or maliciously be disclosed to someone other than the output party, and what recourse to take if this bad event occurs. We have two goals for this work: explaining why the privacy law questions are nuanced and that the lawyer is correct to proceed cautiously, and providing a framework that lawyers can use to reason systematically about whether and how MPC implicates data privacy laws in the context of a specific use case. Our framework revolves around three questions: a definitional question on whether the encodings still constitute 'personal data,' a process question about whether the act of executing MPC constitutes a data disclosure event, and a liability question about what happens if something goes wrong. We conclude by providing advice to regulators and suggestions to early adopters to spur uptake of MPC. It is our hope that this work provides the first step toward a methodology that organizations can use when contemplating the use of MPC.

查看原文本刊更多论文

多规则计算:检查安全多方计算产生的法律和政策问题

本研究考察了限制个人数据披露的隐私法律和法规，并探讨了当参与者使用加密安全多方计算(MPC)时，这些限制是否以及如何适用。通过在使用过程中保护数据，MPC提供了以一种(在某些用例中)满足甚至超过大多数人对数据隐私概念的方式进行数据科学的承诺。使用MPC，可以在不泄露底层记录的情况下将多个数据集的单个记录关联起来，可以在各方出于竞争原因不愿共享的数据集上进行汇总分析，也可以在没有任何一方合法持有的数据集上分析汇总统计数据。然而，迄今为止，大多数MPC的采用都涉及不受法律隐私保护的数据。我们认为，在社会认为最值得保护的数据上采用MPC的主要障碍是，很难将这项新技术映射到数据隐私法的设计原则上。虽然计算机科学家可能有理由相信，使用MPC将任何数据分析转换为其隐私保护变体是一个明显的胜利，但我们在这项工作中表明，MPC的技术保证并不直接意味着遵守隐私法。具体来说，律师可能想要问几个重要的问题，包括MPC成功的先决条件，数据可能无意或恶意地泄露给输出方以外的人的风险，以及如果发生这种糟糕的事件，可以采取什么追索权。我们对这项工作有两个目标:解释为什么隐私法问题是微妙的，律师谨慎行事是正确的，并提供一个框架，律师可以用它来系统地推理MPC是否以及如何在特定用例的背景下涉及数据隐私法。我们的框架围绕着三个问题展开:一个是关于编码是否仍然构成“个人数据”的定义问题，一个是关于执行MPC行为是否构成数据披露事件的过程问题，一个是关于如果出现问题会发生什么的责任问题。最后，我们向监管机构提供建议，并向早期采用者提出建议，以促进MPC的采用。我们希望这项工作为组织在考虑使用MPC时可以使用的方法提供了第一步。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 2022 Symposium on Computer Science and Law

自引率

0.00%

发文量