Privitar, a UK startup, is specialized in the burgeoning new field of “privacy engineering.” Its software aims to ensure acceptable levels of privacy when corporates mine datasets containing sensitive information such as customer data, patient records, banking transactions, geospatial coordinates or trade data.
Starting in May 2018, when the European Union applies the General Data Protection Regulation (GDPR), companies that don’t anonymize their data properly face fines of up to 4% of their global revenue.
That’s not all: the importance of building trust with clients who want to know how their sensitive data is being collected and used has made privacy risk a boardroom issue at large corporates in the US and other parts of the world.
Privitar delivers data privacy and anonymization software to a global client-base in the financial services, retail, telecom and pharmaceutical sectors.
The company, which announced on July 18 that it had raised $16 million in venture capital in a round led by France’s Partech Ventures, plans to use the financing to further develop privacy-by-design products that can be used by corporates in a variety of sectors, CEO Jason du Preez, said in an interview with The Innovator.
Today, about 70% of Privitar’s clients are in the financial services sector. “What we found is that it is relatively easy to apply some of the same software and algorithms in other industry verticals,” says du Preez.
Demand for privacy engineering is strong. “Within Europe, with the introduction of the new GDPR, regardless of the industry vertical, everybody needs to pay attention to this problem,” says du Preez. “ Outside of Europe it really depends on the specific attitudes and views on data privacy but we are seeing a global trend and a general move towards doing more in this space.”
Advances in machine learning have led to an unprecedented growth in the amount of personal — and potentially sensitive — data generated and collected by companies and governments.
“ Everybody, including governments, banks, pharmacies, is interested in data-driven insights,” says du Preez. “The issue is can you get legitimate insights from data without revealing people’s private information?””
Data masking techniques, which are meant to strip out identity attributes, do not always effectively anonymize data because if the information is used in combination with other data sets the data can still be linked to a specific individual, he says. Some other approaches go too far in the other direction, stripping data of any useful information.
Privitar’s Publisher tool create an anonymous copy of the data while ensuring that the data is still fit for purpose and optimized for a specific use case, says du Preez. Another Privitar tool — called Lens — aggregates data while preventing the isolation of material about a specific user.
“Everything we are doing is about producing data in such a way that the insight you look for is statistically significant and meaningful and you get strong, clear results but the moment you begin to seek information about a single entity the algorithms prevent this from happening,” he says.