How Multiparty Computation Could Secure Higher Ed Data Sharing

Congress looks to MPC programs to collaborate with universities without compromising student privacy.

Following concerns about student privacy, Congress has a new proposition for universities to share student outcomes data with government agencies using a multiparty computation (MPC) program rather than a traditional database, Campus Technology reports

Supported by the National Association of Independent Colleges and Universities (NAICU), the MPC component of the Student Right to Know Before You Go Act (S. 2169/H.R. 4479) would allow the government to compute “values of interest from multiple encrypted data sources without any party having to reveal their private data.” 

Student privacy is important for universities, acting as protectors of students’ data in compliance with federal and state protection laws like the Family Educational Rights and Privacy Act (FERPA). This plan could put university administrators’ minds at ease about having to share private student information with government officials, while simultaneously allowing universities to benefit from the data these databases would provide.

SIGN UP: Get more news from the EdTech newsletter in your inbox every two weeks!

What Is Multiparty Computation?

While not a new concept, use of MPC is becoming more relevant in the cybersecurity mainstream.

Secure MPC provides a way for organizations concerned about privacy to collect data from each other for the benefit of larger data analytics, while only being able to see their own inputs.

The first successful application of MPC was among Danish beet farmers, who used the concept to determine sugar beet market prices without giving away the price at which each farmer was willing to sell, which would reveal their economic situation to competitors. 

While the Danish farmers used a third-party auctioneer, new versions of MPC use different models to avoid the need for an outside party.

One of the protocols now used by MPC is secret sharing, which divides data from the different participants and distributes it randomly in encrypted packages that ultimately combine for computations.

The technology could end the use of “traditional, centralized databases, instead moving to temporary links of data for statistical purposes,” according to an evidence-based policy report cited by New America.

Companies and Universities Launch Research into MPC Technology

While the bill is still being considered by Congress, higher education institutions and service providers are beginning to take interest in MPC, especially as it relates to blockchain, which has become a focus for many universities.

Since Microsoft announced its partnership with ConsenSys to provide Blockchain as a Service on Microsoft Azure in 2015, the company has been working hard to add secure MPC to its list of services.

Recently, the CTO for Azure, Mark Russinovich, addressed Microsoft’s continuing research into secure MPC as part of its vision to “help companies thrive in this era of secure multi-party computation, delivering open, scalable platforms and services that any company, from ledger startups to governments, health organizations to global banks, can use to create new value.” 

At Columbia University, administrators have teamed up with IBM to create a new center to accelerate innovation in blockchain and data transparency, according to a press release

The center plans to research secure MPC and similar data sharing techniques to innovate safe and secure collaboration between entities.

“We anticipate that, through this partnership, we will significantly advance scholarship and applications of data-sharing and data-transparency technologies," Columbia University Provost John Coatsworth says in the release. "Our students and faculty, working together with IBM, will play an important role in the vibrant exchange of ideas and research surrounding this transformative technology."

Jirsak/Getty Images
Jul 26 2018