Differential privacy is a method of enabling sensitive personal data to be used in analysis while ensuring no information is ever exposed that can be used to identify an individual. InfoSum employs various differential privacy concepts to protect individuals present in data from being identified through analysis.
No results are given or displayed where the number of results is less than the threshold. For example, where a dataset has a redaction threshold of 100, a query to show individuals by location would show zero for the Hampshire category even if 99 individuals are located in Hampshire.
Results are rounded down, meaning introducing a single, or a small number of individuals through granular queries will not cause the result to change
For example, continuing the previous query, there are 1,035 individuals located in Hampshire in the data, but the rounding is set to 50, so this will return a result of 1,000.
A small level of purposeful inaccuracy is inserted into the results to ensure analysis can’t expose an individual.
For example, if an attacker adds individuals he suspects are located in Hampshire to the dataset one-by-one and keeps re-running the previous query; without noise, the attacker can expect the result to jump to 1050 once 15 are added. With noise, this becomes unpredictable, so it is impossible to identify which added individuals are located in Hampshire.
A limit is placed on the number of queries that can be executed against a single dataset, avoiding the over-collection of data through repeated analysis.
For example, if a user is attempting to execute multiple queries with very minor changes to try to identify if the individual lived in Hampshire, they will hit a limit and no longer be able to query the dataset(s).
We don’t hold any data. We provide the identity infrastructure to power a decentralised ecosystem.
Federated technology keeps your data in its own unique Bunker, that only you can access.
You remain in control of who can analyse your data. This never grants access to the raw data.
First-party data sets are matched using existing identifiers, removing the need to share data.
Our proprietary Insight Engine generates a virtual database that enables multiple data sources to be analysed without moving, centralising or sharing data.Learn more
We utilise differential privacy concepts during both analysis and activation to safeguard personal data and ensure no individual can ever be identified within our UDP.Learn more
Our technology doesn’t rely on a single ID or identity graph. Instead it automatically determines the identifier, or combination of identifiers, within the dataset to create the optimal match.Learn more
Our rich permissions management ensures data owners remain in control of who can use their data in their analysis, and to what extent it can be analysed.Learn more
Our automated normalisation and mapping process ensures no changes are required to the original data to make it compatible across multiple data sources.Learn more
Our UDP is built on a federated architecture that ensures all datasets remain decentralised in their own isolated Bunker, but can be analysed ‘as one’.Learn more