How to run analytics on data without access to the data?

> I know it will never be hundred percent leak proof

A slow leaking ship will still sink. Attempts so far to anonymise public datasets have been terrible and turned into a garbage fire by attackers every time with minimal effort. Don't hand out false promises.

Guess you are looking for fully homomorphic encryption. A long-outstanding problem with lots of smart people working on it, some are doing ok at getting there.

https://github.com/ibm/fhe-toolkit-linux

Your best bet is probably to just do all the processing locally in the browser. The issue is 1) from most end users' perspectives, they have no idea if it's actually running locally or talking to a server, or how to verify it, or probably what that difference even means in the first place, so a skeptical user won't necessarily gain that much additional peace of mind, and 2) hypothetically a compromise could still result in the local data being siphoned off by an attacker. The latter's still a risk for regular desktop applications, but a bit less so (since you can get a signed binary).

The homomorphic encryption approach probably isn't worth the effort. There's always going to be a trade-off between doing something useful and sufficiently/securely obfuscating/anonymizing the data. So I'd recommend the local approach, with a prominent explanation of how you don't and can't see any of the data.

I asked myself a similar question for web analytics a year ago [1]: how to provide a service without having access to the underlying data. It requires shifting the processing onto the client side, so it limits what you can do, but it's best for privacy, and security (since the data never leaves the native app or browser).

[1] https://chiffre.io

Take a look at Google Private Join and Compute[1]. But be aware that the problem you frame is an unsolved research problem with an active global community. The topics you are looking for are applications of secure multiparty computation and homomorphic encryption. Also, be ready for something as simple as a column join to take 24 hours per query.

[1] https://github.com/Google/private-join-and-compute

This reminds me of https://opensafely.org/, which analyses NHS medical data for research purposes by asking Doctors to run queries on their patient databases and send back only summaries, e.g. "How many of your patients with HIV also had Covid19" https://github.com/opensafely/hiv-research

https://www.darpa.mil/program/programming-computation-on-enc...

https://mathscinet.ams.org/mathscinet/help/about.html "MathSciNet® is an electronic publication offering access to a carefully maintained and easily searchable database of reviews, abstracts and bibliographic information for much of the mathematical sciences literature. Over 125,000 new items are added each year..."

The stakes are lower when money, not privacy, is at risk. I have attempted to argue for years that the MathSciNet catalog of the mathematical literature should be open to all forms of machine learning and mind mapping software experiments. It remains a cash cow for the American Mathematical Society, and they're fiercely proud of its human curation by 19th century methods. Meanwhile, mathematicians continue to believe that math remains separated into tribes, with number theorists lobbying to hire their own at departmental meetings. The true connections between ideas defy these ancient categories. I see a generation of potential advances squandered by not letting third-party tools in to study MathSciNet.

The right ideas could help here. One isn't protecting individual privacy, just a cash cow. The bar is lower.

I'll tell you about International Data Spaces Assocation, just for the sake of completeness, and because others have mentioned some sort of certification of apps, etc. Finding a general solution to the problem posed by OP is quite difficult, as it requires a lot of extra infrastructure, technical and non-technical.

One idea would be:

1. distribute to the data owners a base system (something that can "run" stuff on their premises). People here have mentioned browsers, but for a more intensive processing this might not be enough.. so think of a docker daemon, keys for some docker registries, etc.

2. have a trusted "app store" (e.g. a docker registry where images are built in a reproducible manner from code which is inspected and certified, and then are cryptographically signed)

3. make a well described interface to the apps to consume the data (thinking of the general use case here.. if you just want to analyze fb info then you can make an adhoc parser...)

4. Have the data owner download, check the signature of, configure and run the app on their premises.

Things get even more interesting when the analytics need data from different non-trusting partners, so that Homeomorphic Encryption becomes necessary.

There is at least one specification that aims at supporting all of this: https://www.internationaldataspaces.org/wp-content/uploads/2... although implementation is, so far, lagging behind.

We [0] are getting quite far decomposing algorithms symbolically and then doing some fancy footwork with private set intersection. It ends up being better/faster/cheaper than homomorphic in a lot of use cases.

Shoot us a note -- would love to hear more details.

[0]: https://proofzero.io

It sounds like Federated Learning might be of interest for you:

https://federated.withgoogle.com/ https://en.wikipedia.org/wiki/Federated_learning https://github.com/poga/awesome-federated-learning

There's another approach you can do -- make the analysis portable instead.

Assuming data is in a standard format then you can share your script for people to run themselves. Obviously this is fairly difficult in practice unless you can bundle everything into a client-side script on a website.

For reference Narrator [1] does this -- it puts data into a standard format so that analyses written for one company can be run for another. I'm not suggesting you build your stuff on that platform, but it's an interesting approach that does exist.

[1] https://www.narrator.ai

Either the first party (i.e. the client) runs the data on their own turf or they hand the data to someone else (you or whatever third-party you use) and trust that the other end is going to treat your data right.

I'm sure there's some sort of homomorphic encryption[0] magic scheme that might let you process the data on other servers or something, but I could not even begin to tell you how. Really, it's just trust.

Differential privacy is the field of study for sharing sensitive data in a way that allows analysis while retaining some guarantees of privacy.

How is the service written? I'd look to compile it down to WASM or otherwise run it in the browser, if possible.

Adding the third party only complicates the issue because the user will have to trust you and the proxy, and the proxy will have to trust your code. Best case, let the user download your code as a mobile or desktop app and run the analysis themselves.

You might want to check out Oasis' Parcel SDK: https://www.oasislabs.com/parcelsdk.

What about Fully Homomorphic encryption? Would a FHE scheme enable to discover patterns without seeing the data?

Could you send your code to their execution environment for a one time run (unlocked with a code?)