Editor: Gerhard Walter, Solutions by HANDELSBLATT MEDIA GROUP GMBH
Interview with Per Meyerdierks, member of the legal department at Google Germany GmbH in Hamburg and Senior Privacy Counsel, about challenges and opportunities when anonymising personal data.
“By combining federated learning with differential privacy, you can make sure the individual contributions you compile do not permit conclusions to be drawn about individuals.”
To what extent is differential privacy the ideal solution for anonymising personal data?
Differential privacy is one of many anonymisation approaches. It’s not necessarily the ideal solution. Often, you need to combine several approaches to achieve your goals.
Differential privacy is a relatively new approach for anonymizing personal data that’s currently being used in more and more fields. It enables you to provide valuable, statistical information without compromising the anonymity of the individuals whose data provide the basis.
What practical experience does Google have with differential privacy?
We choose this anonymisation approach to provide a number of helpful functions in our products. In Google Maps, for example, we can show how many people visit a specific place at specific times without enabling conclusions to be drawn about individual visitors. Anonymised mobility reports are also based on the differential privacy principle. By showing mobility trends in the population, they support health authorities in their decision-making process in the fight against corona.
We’ve also published parts of this technology as open source, making them freely available to any organisation or developer.
In the context of data protection, how important is federated learning for collecting and processing personal data?
As I see it, that’s still an open question – which is why I’m particularly interested in it.
Federated learning is a variant of federated computing. In the old days, most data processing was done on end users’ computers, which at the time were still fairly slow. But from the turn of the century on, as connectivity grew and applications became more demanding, those processes increasingly shifted to the servers of providers, which means the cloud. Today, end devices have so much storage capacity, computing power and data security that more and more data processing operations can now be diverted back. That makes sense financially, improves performance, and also means you can literally put more sensitive data processing processes back into the hands of the people concerned.
With federated learning, for example, personal data used for machine learning can stay on your end device. So the only contribution you make is towards learning. And by combining that approach with differential privacy, you can make sure compilations of individual contributions won’t permit any conclusions to be drawn about individuals.
I’m looking forward to discussing with conference participants how this processing approach should be classified under data protection law. Does the data protection law offer incentives for this approach, or does it actually increase data protection risk?
Do you use the German government’s corona app?
Yes, because it tells me about my own risk of infection without anyone being able to trace who I and my smart phone have met in the last fortnight.
Per Meyerdierks is a lawyer who worked in the legal department of Lycos Europe GmbH in Gütersloh until April 2007. In May 2007 he joined the legal department at Google Germany GmbH in Hamburg, where he is Senior Privacy Counsel. He advises Google primarily on issues relating to European data protection law, and is the company’s contact person for supervisory authorities in several countries, including Germany.