Privacy Enhancing Technologies Evolution Series (Part 1)

This blog post highlights key takeaways from IAB Tech Lab’s event on March 24^th, 2022, focusing on Privacy Enhancing Technologies (PETs). This session was the first of IAB Tech Lab’s planned three part ‘Privacy Enhancing Technologies Evolution Series’ and is available to watch on demand here. Please sign up for the upcoming session on 22nd September, 2022 at this link.

1. What are Privacy Enhancing Technologies (PETs)?

PETs are technologies that are focused on maximizing data security to protect consumer privacy and minimizing the amount of data processed. The term PETs is a broad definition that covers a range of technologies that are united by the goal of protecting personal information.

PETs are well established in other industries, particularly those that more often handle personally identifiable data such as healthcare, government, and finance. The case study below from BNY Mellon gives an example of how and why PETs are being engaged in the financial industry.

Example of PETs in other industries: Inpher’s BNY Mellon Case Study

Situation:
– BNY Mellon wanted to improve fraud detection with more counterparty data, as fraud models were limited in what they could achieve using the banks’ own data.

Challenge:
– Banks and government agencies are unable to share sensitive data.

Approach:
– Engaged PETs (in this case Inpher’s XOR product) to give their fraud models access to distributed data from financial and government counterparties without moving or exposing any information. Results:- 20% increase in detection rate of fraudulent transactions and identification of financial criminals- Reduction in false positives and cost in manual processing For more information on this example please view Inpher’s presentation in the event on demand.

Ethan Sailers, Manager, Solutions Engineering, OneTrust explains what PETs do and why they are needed, “PETs offer risk mitigation and protection for everyone involved. Of course, we think about the consumer because they’re what drive the interactions and the growth of our businesses. But PETs also protect the enterprise because they offer better controls over the data that we’re leveraging, which makes us more resilient to change, and adds better protection against industry events.”

1. Why is the digital advertising industry paying attention to PETs?

There are some key drivers that have moved the digital advertising industry towards PETs and privacy technology in general:

The changing regulatory landscape. There has been a march towards increased privacy regulation across the world, such as Europe’s General Data Protection Regulation, Brazil’s Lei Geral de Proteçao de Dados (LGPD) and California’s California Consumer Privacy Act (CCPA). These regulations have impacted how analytics and programmatic can be leveraged in digital marketing.

Changes from large technology firms. Many of the big players such as Meta, Google and Apple have made big announcements in the privacy space, changing how users interact with their platforms and express choice around how their data is used.

Evolving consumer expectations. Users are becoming savvier about the use of their data, and conscious of ‘creepy’ factor of potential over-personalization of advertising.

These drivers mean that unless there is a major change to how data is handled, less and less data will be available in the industry, particularly due the decline of the 3^rd party cookie and device identifiers like IDFA. As a result, marketers will struggle to create personalized advertising, optimize campaigns, and attribute outcomes. Consumers will receive less personalized and relevant ads. Publishers may suffer decreased advertising income potentially forcing more subscription models and creating a move to a less open internet.

However, the changes that are happening are here to stay and in fact may provide an opportunity for improvement as an industry. PETs are a potential part of that evolution as Steve Silvers, SVP, Product at Neustar a TransUnion Company, says “We need to accept the fact that data is going to be harder and harder to access. We need to focus on the use cases and what we need to be successful as marketers and PETs are probably the best technological opportunity for us to continue to focus on key use cases such as measuring ROI without getting direct access to data. …I think that the industry needs to embrace it and focus on the outcomes and stop looking backwards. “

3. Which PETs are in discussion in the digital advertising industry?

PET is a broad term that encompasses many types of technology, however there are a few key examples of PETs that are currently in discussion in digital advertising:

Secure Multi-Party Computation (MPC) – Allows two or more entities to share encrypted data and extract insight but not learn anything about each other’s data.

Trusted Execution Environment (TEE)- Have some similarities to MPCs but differ by enabling operation within a third-party single server. TEEs provide a secure and isolated compute environment that offers ‘input privacy’ and guarantees security and data privacy during data processing. The application performs clear text computation within TEEs, from the outside the data is encrypted.

On-device learning– Technology that employs an algorithm trained on historical data generated by actions such as consumer interest or conversion to then make predictions. The information is processed directly on the device, with no individual information sent back to the server.

Differential Privacy (DP) – an approach that adds a layer of protection by either adding a layer of ‘noise’ i.e., randomized data, or by aggregating data to a certain threshold size before sharing, thereby protecting individuals from being identified again. DP can be, and is often, combined with any of the aforementioned PETs as part of an overall privacy approach.

It is important to note that these technologies are not an either/or solution, and more often than not, they can be used in combination with one another.

The box below details a real-life instance of how PETs can be leveraged by the digital advertising industry, using Meta’s ‘Interoperable Private Attribution’ proposal as an example to understand how PETs may be applied in reality.

Example of PETs in action: Meta’s Interoperable Private Attribution (IPA) Proposal

Meta (in conjunction with Mozilla) has made a proposal to the industry named Interoperable Private Attribution (IPA). IPA leverages a suite of PETs including MPC and DP to allow for cross-device conversion attribution, whilst minimizing privacy risks.

– IPA uses match-keys, which are write only, identifiers that anyone can set or benefit from. When an ad is seen, the browser or app OS would attach the encrypted match-key to the impressions and do the same for the conversion. Match-keys can only be read by the browser/OS and are purpose limited, i.e., they can only be used for the function of aggregate conversion measurement.
– Matching of ad impressions and conversions happens server-side, within MPC. The actual values of the match-keys are hidden from the MPC itself.
– DP would be applied on top of the results to additionally protect the data from being disaggregated. IPA would therefore allow businesses to see accurate ad reporting without sharing personal data with ad-tech companies or anyone else.

4. How to evaluate PETs

PETs are a relatively nascent technology in the digital advertising industry, and as the industry consolidates towards standards, each business needs to be armed to understand and evaluate the solutions currently available. As with any investment, there are trade-offs with each technology that need to be balanced and carefully evaluated.

The importance of use cases

Before jumping in to choosing a privacy approach, it is key that each business has a clear picture of the use cases specific to that organization and a well-defined set of challenges.

Dr Jordan Brandt, Co-founder & CEO of Inpher has specific tips on how to do this, “Make sure that you first articulate the specific problem that you’re trying to address. How many data sources are you looking at? Where are they? Are there jurisdictional constraints? What types of operations are you trying to run? Are you just doing basic stats and analytics, or are you building recommender systems? How is the data distributed? Are we just vertically stacking data with the same attributes, or do we want to pull in horizontally stacked data? And what kind of model accuracy do I need? … Then do your thorough market diligence, evaluate all the PET vendors out there, evaluate the open-source libraries that are out there, and provide them with a detailed use case description so that they can give you a solution that is actually solving for your need.”

Use cases are important beyond clarity, as one of the key value propositions that PETs offer is purpose limitation, a key regulatory requirement. As the data use is limited to an agreed upon use case, evaluating PETs should always be in the context of that use case, and different solutions for different use cases will leverage different PETs.

How to evaluate PET supported solutions

Once the use case has been defined, Casey Beal, Product Marketing, Ads Ecosystem Privacy, Meta, proposes the following framework to help evaluate the solutions available:

“Privacy Profile: What solutions are in place to protect an individual’s privacy?

Application: What can you do with the results? Do you have all the information you need to act?

Ease of implementation: How much can you achieve with your investment/resources? Does it require a lot of computing resources or infrastructure?

Interoperability: Does it work across all consumer/ads touchpoints? Is it constrained to a singular platform or interface?”

Taking a common use case in advertising, measurement of the effectiveness of a campaign, this framework can be applied to different PETs available to examine trade-offs between usability and efficiency in that use case. One PET to enable measurement may be easy to implement with little investment but depends on trusting a third party and produces insights that are delayed and therefore difficult to act upon and have little interoperability. Contrast this to another PET for the same measurement use case that uses a different approach and may involve more investment and new infrastructures upfront but offers better interoperability and granularity. These are examples of the trade-offs that need to be considered.

It is important to note that each company will consider the trade-offs based on their own business needs. Taking the above two example approaches, a small business may be prohibited from choosing the second method due to the high costs and lack of internal expertise needed to implement it. Each evaluation criteria will have different weights based on the needs of each organization.

What are some of the common benefits and challenges of different PETS?

Again, the trade-offs for each PET must be considered in the context of the use case and the business needs of each company, but there are some overall benefits and challenges of each PET that can help clarify their role.

– Secure Multi-Party Computation (MPC)- Data sharing in marketing is rarely limited to just two parties and MPC, by definition, allows for multiple parties to be involved. However, MPC can be one of the more expensive and resource heavy solutions to implement.

– Trusted Execution Environment (TEE)- Though offering many of the same benefits of MPC, TEEs are generally lower cost and easier to deploy. However, this approach relies on trusting the party operating the single server where the operations take place that the data existing in that server is being handled properly. In contrast, MPC allows each party to segregate their own data and does not depend on trusting a third party.

– On-device Learning– Offers the regulation-friendly benefit that the data never comes off the device as individual actions are never sent back to the server.

– Differential Privacy (DP)- DP is probably the PET that is currently the easiest to implement so is being adopted first by many organizations. It can easily plug into existing tech stacks and does not require a large investment. However, it may have limited efficacy on its own, i.e., when not used in combination with other PETs.

5. What about Data Clean Rooms?

Another much talked about privacy technology, data clean rooms, play a role in how the advertising industry addresses privacy going forward.

Data clean rooms are decentralized environments that enable two or more parties to process their sets of data, often jointly, in a secure and purpose-limited way. The degree of trust is where clean rooms differ from TEEs, essentially full trust is placed in the operator of the clean room to ensure privacy is maintained. Though not strictly defined as PETs themselves, data clean rooms can be used in conjunction with PETs and are commonly used together as complementary technologies. As an example, a PET such as MPC might be used to make matches between disparate sets of data and the clean room might be one of the places that holds one or more of those data sets (alongside, for example, a CRM or computer).

The use of data clean rooms is growing rapidly, and they offer a way to gain some of the insights that have been lost due to the erosion of third-party cookies. This includes actions such as (but not limited to) overlap analysis, frequency, latency conversion analysis and attribution analysis.

However, clean rooms are not turnkey, and require human interaction. They also do not operate in real time which can make it challenging to provide actionable data. Lastly, currently the scale of data being pushed through clean rooms is relatively small, meaning those looking for scale must sometimes use modeling to bridge that gap.

Clean rooms do offer new ways to marketers to use data previously unavailable to them, as Bosko Milekic, Co-founder & Chief Product Officer, Optable points out, “One of the great things that clean rooms can bring that I’m not sure everyone has realized yet is that it used to be the case that in advertising we would stick to so-called pseudonymous identifiers and avoid data like emails and phone numbers etc. But with clean rooms we can enable companies to limit the purposes of processing by design and I think these types of data become a lot more tractable to use for collaboration.”

6. What’s next for PETs in digital advertising?

Investing in PETs is a key step in the long-term investment in sustainability of ad funded internet. The ad tech industry is at the start of this journey, and collaboration and a focus on open-source solutions is key to speed up their adoption in digital advertising.

The IAB Tech Lab’s PETs Working group will continue to bring together experts to define and evolve standards and Open Source software projects as well as provide guidance on integration of PETs into Adtech stacks.