Lots of digital applications process personal data. This applies to user data on mobile phones and social media, but also sensitive medical analyses, audits for insurance companies, and creditworthiness checks. How can this information be effectively protected from misuse? How can data-processing companies protect both the data and their know-how in the form of their algorithms? , professor in the Thomas Schneider, is working on these questions. He has now been awarded a prestigious Consolidator Grant from the European Research Council (ERC) for his research. The scientist's new project PRIVTOOLS will be funded with around two million euros over a period of five years. Research Field Information and Intelligence at TU Darmstadt
Far beyond the major platforms such as Amazon, Google and Meta, data is collected and valuable information about user behaviour can be deduced from it. One example is credit bureaux that collect large amounts of financial data to assess the creditworthiness of individuals, have them evaluated by machine learning methods, and pass on the resulting credit ratings to their customers. The problem: so far, the data has mostly been processed unencrypted, and is therefore susceptible to cyberattacks and misuse for other purposes. At the same time, the fundamental right to privacy is enshrined in the law, especially in the European Union (EU). The EU’s General Data Protection Regulations (GDPR) requires companies to use robust data protection measures.
Tools for software developers
This is where Thomas Schneider's research comes in. In the new project PRIVTOOLS (“Tools for Protecting Data and Function Privacy”), he and his team will improve and unify privacy-preserving technologies and develop tools for their automatic generation. To this end, three different methods are considered in particular. Secure multi-party computation allows several participants to jointly compute a publicly known function without disclosing the secret input data. Private set intersection protocols allow participants to calculate intersections or variants of their secret databases. Private function evaluation enables the secure evaluation of a secret function on secret input data.
“The main goal of our project is the joint development of composable protocols and tools for the automatic generation of software that protects data and functions,” summarises Thomas Schneider. This will enable companies and authorities to process personal data securely and without leakage. The algorithms also remain protected as intellectual property. The protocols and tools developed in the PRIVTOOLS project are intended to be usable by software developers even without special expertise in cryptography, and will be provided free of charge as open-source software.
Highly promising research in privacy protection
Thomas Schneider is W3 Professor of Computer Science at TU Darmstadt and heads the . In their research, he and his team show that privacy can be efficiently protected in various application scenarios. To do so, they use methods from applied cryptography and algorithm engineering to develop protocols, tools and software prototypes that efficiently protect sensitive data. In 2021, the team won the second prize in the German IT Security Award for their research “ContactGuard: Mobile Private Contact Discovery”. Cryptography and Privacy Engineering Group (ENCRYPTO)
Before being appointed professor in March 2018, Thomas Schneider was an independent research group leader at TU Darmstadt (2012 – 2018), and received his PhD with distinction from the Ruhr University Bochum (2008 – 2011) in IT security. In 2012, he received the Science Award of the Society for Data Protection and Data Security (GDD) for his dissertation.
Second funding from the European Research Council
On behalf of the European Union, the European Research Council (ERC) promotes excellent basic research in Europe on the basis of scientific excellence and innovation potential. The ERC Consolidator Grants support excellent scientists in consolidating their independent research. In 2019, Thomas Schneider already received a prestigious ERC Starting Grant for the project PSOTI (“Privacy-Preserving Services on the Internet”). “I am delighted to receive this prestigious award for our top-level research. This enables my team and me to conduct research on scientifically, socially and economically important topics in an optimal scientific environment at TU Darmstadt with its Profile Topic Cybersecurity and Privacy and at the Department of Computer Science,” says Thomas Schneider.