PI Lab roundtable 17 July 2020

Anonymization through Multi-Party Computation


The analysis of data from different sources is becoming increasingly important. In addition to creating added value, the process of combining different datasets leads to new insights, better decision-making, and more robust research (including market research), in addition to stronger products and services. At the same time, relevant data is often too sensitive to be casually shared with others. The European privacy legislation (General Data Protection Regulation or GDPR) introduces new restrictions on which data can be shared, for what purpose, and in what way.

How can organizations share information securely without revealing any underlying data of a sensitive nature? One innovative solution for generating the functionality of a shared database without having to reveal the data is Multi-Party Computation (MPC). MPC is a ‘toolbox’ of cryptographic techniques that allows several different parties to jointly compute data, just as if they have a shared database. Cryptographic techniques are used to protect the data, so it can be shared in a way that prevents the parties involved from ever being able to view other people’s data. The participating parties determine who is allowed to view the outcome of the computation.

Recently, there have been publications claiming that, in some cases, Multi-Party Computation may lead to anonymization (Meilof Veeningen, 2018) (Wouter van Haaften, 2020) (Gerald Spindler, 2019). This implies that the GDPR is out of scope for the processing of this anonymized data. However, the GDPR is a useful instrument to ensure proper security and privacy measure for data processing.

During this roundtable we would like to discuss how to assess anonymization techniques such as Multi-Party Computation in the light of the GDPR. The central questions will include, but are not limited to, the following:

  • How to interpret anonymization in the context of absolute and relative concept of identifiability?
  • What is the effect of Multi-Party Computation on the anonymity of data?
  • Should the GDPR also be applicable on anonymized personal data?
  • How can identification risks be quantified?

The roundtable will be hosted as a digital video conference. 


13:00 – 13:10 Introduction (Alex Sangers MSc, TNO)

13:10 – 13: 25 Beyond privacy (Gijs van Dijck, Maastricht University)

13:25 – 13:40 Identifiability and the illusive notion of anonymization (dr. Nadezhda Purtova LLM MSc, TILT)

13:40 – 14:00 Q&A and discussion

14:00 – 14:15 Use case 1: MPC in BigMedilytics (dr. Gabriele Spini, TNO)

14:15 – 14:30 Use case 1: Legal interpretation of MPC in BigMedilytics (Wouter van Haaften MSc, University of Amsterdam)

14:30 – 14:55 Q&A and discussion

14:55 – 15:10 Use case 2: Compliance in secure health care fraud prioritization (Michael Astro, Rabobank)

15:10 – 15:25 Q&A and discussion

15:25 – 15:30 Closing remarks (Alex Sangers MSc, TNO)


Gerald Spindler, A. Z. (2019). D3.5 Use-case specific legal aspects. H2020 Scalable Oblivious Data Analytics.

Meilof Veeningen, S. C. (2018). Enabling Analytics on Sensitive Medical Data with Secure Multi-Party Computation. European Federation for Medical Informatics.

Wouter van Haaften, A. S. (2020). Coping with the general data protection regulation; anonymization through multi-party computation technology. 23rd International Legal Informatics Symposium.

Gijs van Dijck is an empirical legal scholar who specializes in tort law, insolvency law, and contract law. He uses empirical legal research methods and data sciences methods, network analysis in particular, to analyze legal issues. Research topics include the role of non-monetary relief in tort law, apologies and law, the effects tort law has on behavior, class actions, funding mechanisms in bankruptcies, and legal analytics ('big data'). He has taught courses on tort law, contract law, property law, legal methodology, and empirical legal research. Van Dijck has published in top journals including the Journal of Empirical Legal Studies and the Oxford Journal of Legal Studies. He has been a speaker at various conferences, including ones at Oxford, Harvard, Yale, Duke and Cornell. He was a visiting scholar at Stanford University in 2011.  Van Dijck is Professor of Private Law, Director of M-EPLI, researcher at the Maastricht Law and Tech Lab, and Principal Investigator at BISS Institute, Smart Services Campus.

Dr Nadya Purtova (LLM’05, CEU, Budapest, MSc’06, Leiden, PhD’11 cum laude, Tilburg) is Associate Professor at Tilburg Institute for Law, Technology, and Society, Tilburg University, the Netherlands. She does research on data protection and informational privacy law, recently, in the context of health, regulation of health technologies, property rights in personal data, data commons, and economic analysis of data protection law. Her dissertation on property in personal data (Tilburg University Best Doctoral Dissertation Award for 2010/11) is published by Kluwer Law International. She is a recipient of a prestigious 2016 European Research Council (ERC) Starting Grant which funded a five-year project “Understanding information for legal protection of people against information-induced harms” (ERC-2016-StG-716971 INFO-LEG). The project aims to re-examine conceptual foundations of the data protection law and commenced in March 2017. The meaning of concepts ‘personal data’ and ‘identifiability’ are among the key themes of the project.

Starting from a civil and fiscal legal background Wouter van Haaften has been involved in managing personal data at the Dutch Ministry of Finance since 1993, working on the distribution of income data to other Ministries for various purposes. In that capacity he was member of the Voorlopige Raad door de Persoonsinformatievoorziening. From 2003-2006 he was program manager of ICTAL, a program providing for data exchange between companies and public organizations. The program contained a transaction portal, a company website and a new business register.  In 2007 he left the civil service to become a researcher and consultant operating on the interfaces between market and government, between ICT/organization and government and between policy making and eventual operations. Currently he is a senior researcher and consultant in the field in-vehicle data and data protection at the Leibniz Institute and Hooghiemstra & Partners. Furthermore, he is working on a thesis on automated vehicles and data protection at the Faculty of law at the University of Amsterdam.

Dr. Gabriele Spini is cryptography expert at the Cyber Security and Robustness department of TNO.

Gabriele has a background in Mathematics; following undergraduate studies in Italy and France, he moved to the Netherlands in 2013 to pursue a PhD in Cryptology.He obtained his doctoral degree from the universities of Leiden, the Netherlands, and Bordeaux, France, in 2017, with a thesis on the relationship between Cryptology and the theory of error-correcting codes. He was then post-doc at the Dutch Center for Mathematics and Computer Science (CWI) in Amsterdam, before joining TNO in 2018, his research focusing on cryptographic technologies for privacy-preserving data analytics.

Michael Astro teaches Compliance on Innovation for the Dutch Compliance Institute and is a Compliance Advisor on Innovations for Rabobank with specializations in Tokenization and Secure Multi-Party Computation. With use of Value Sensitive Design he’s furthered the research into tokenized financing of SME clients and compliance by design in general within the bank. Besides his projects for Rabobank he is an active contributor to several projects with partners like NVB, 2Tokens, TNO and the Techruption program.

Registration is free but required. Meeting will be online. You'll receive a link.