Fraunhofer Institute for Applied Information Technology FITData has become an essential good in almost all business areas. While administrative and industrial processes are continually being digitized, new forms of businesses centering around the management of digital data and knowledge have emerged as well.
Currently, we observe a shift within this development that emphasizes the exchange of digital data across company borders. This shift creates new challenges for business partners and private citizens alike. In contrast to physical goods, data can be copied arbitrarily and processed without consent of the original data owner. Besides critical goods such as a company's business secrets, also customer data can be leaked and create massive damages for the affected businesses and their customers.
Hence, the research group Data Protection and Sovereignty (DPS) focusses on all questions related to the trade-off between technically realizable data protection on the one hand and the profitable analysis, processing, and sharing of data on the other hand.
Especially the paradigm of data sovereignty is currently gaining more traction as it promises to break up data silos and therefore enable the utilization of data across different stakeholders that could not be shared with others so far. These and related aspects are particularly emphasized, promoted, and required by modern legislature, such as the GDPR.
This development requires the conceptualization, development, and evaluation of technical building blocks and architectures such that companies can seize their data while protecting themselves and their customers to the best extent possible.
Our research group thus investigates how technical guarantees can be realized with low overhead and specific to the respective use case in contexts such as the training of artificial-intelligence models (e.g., Large Language Models) or large-scale data exchanges via data spaces.
Always considering the use case at hand, we rely on our expertise in, for example, the areas of Secure Multi-Party Computation (SMPC), Homomorphic Encryption (HE), Differential Privacy (DP), but also our experience in distributed systems, especially data spaces and blockchain technology.
We specialize in assisting with and developing of solutions for:
- Balancing between data protection and data utility for data science and artificial intelligence.
- Enforceable guarantees to protect data before, during and after processing.
- Adding differential privacy and anonymization to existing data processing solutions.
- Interfacing with legal experts to assess the legal compliance of existing or newly developed solutions with regards to the GDPR and related EU legislation.