New technologies give rise to innovative business models and products by simplifying the mechanics of data-sharing across and between organizations – all while preserving the veil of privacy. Thanks to advances in data-sharing technologies, you can buy and sell potentially valuable information assets in highly efficient, cloud-based marketplaces. Combine this data with a new array of privacy-preserving technologies, such as fully homomorphic encryption (FHE) and differential privacy, and you can now share encrypted data and perform computations on it without having to decrypt it first. This provides the best of all potential worlds: sharing data while preserving security and privacy.
All of this has fueled a promising new trend. Stores of sensitive data lying fallow in servers around the globe due to privacy or regulatory concerns are starting to generate value across enterprises in the form of new business models and opportunities. During the next 18 to 24 months, we expect to see more organizations explore opportunities to create seamless, secure data-sharing capabilities that can help them monetize their own information assets and accomplish business goals using other people’s data.
Though currently in an early stage, this data-sharing trend is picking up steam. In a recent survey, Forrester Research found that more than 70% of global data and analytics decision-makers are expanding their ability to use external data, and another 17% plan to do so within the next 12 months.
Moreover, the global FHE market alone is growing at an annual rate of 7.5% and is expected to reach US$437 million in value by 2028. Currently, the health care and finance sectors are leading most FHE explorations.
What accounts for this growth? Simply put, data gains value when it is shared. Gartner™ predicts that by 2023, organizations that promote data-sharing will outperform their peers in most business metrics.
Consider the following examples of data-sharing in action:
- Using aggregated data to securely achieve common goals. Organizations can work with “frenemies” within a market sector to achieve common goals such as developing deeper customer insights or detecting fraud patterns across an entire sector.
- Increasing efficiency and lowering costs. Across enterprises, data vendors no longer have to provision hardware, maintain databases, and build application programming interfaces (APIs). Customers can push a button to access anonymized, curated data feeds. Within the enterprise, encrypted data makes artificial intelligence (AI) and machine learning (ML) exercises safer, and compliance audits easier.
- Broadening your research collaboration. Sharing basic foundational or early-stage findings can accelerate critical research initiatives without compromising a hard-won competitive advantage.
- Securing intellectual property. Super-sensitive data such as AI training data that may be stored in public clouds can be better protected.
- Encrypting data in motion. In the arenas of high-frequency trading, robotic surgery, and smart factory manufacturing, confidential data flows rapidly across multiple entities. FHE allows users to access critical data quickly without encryption keys.
Opportunities like these to monetize data through sharing and pooling can offer a competitive advantage for first movers – a motivating concern these days across markets. It is not uncommon for new participants in data-sharing ecosystems to experience what has been described as an “oh, sweet Lord moment” upon realizing that their competitors operating on the same platform are doing much more with data assets. In this moment, many resolve to become the best AI- and data-driven organization possible.
Share And Share Alike
As the lifeblood of digital transformation, data looms large in Deloitte’s Tech Trends reports. In Tech Trends 2021, for example, we discussed how in order to realize their MLOps ambitions, companies must manage their data very differently. Today, the data-sharing revolution is making it possible for organizations to access more data, more securely within their own ecosystem and across other organizations. But, once again, reaching this potential requires managing data differently – this time adding innovative technologies and techniques that free information assets from traditional privacy and security restrictions.
This year’s data trend comprises three major dimensions: opportunity, ease of use, and privacy.
Share And Thrive: The Promise Of New Business Models And Opportunities
Shared data can create shared opportunities and new business models. As the data-sharing trend advances, we expect more organizations to engage in “data collaboration” to tackle common challenges and pursue mutually beneficial revenue, operational, and research opportunities. Moreover, the ability to share data safely with external data management service providers can help organizations streamline data management processes and lower related costs. Consider the following opportunities data-sharing can drive:
- Industry vertical marketplaces. Even the fiercest of competitors often share common challenges that are best resolved through collaboration. Take suppliers in the food industry: If they all anonymized sensitive sales and delivery data and pooled it together for analysis, perhaps they could unlock the mystery of supply and demand. Or banks in developing regions could pool anonymized credit data to build an interbank credit risk scoring system. Or one of the biggest opportunities of all: Could pharmaceutical researchers and doctors operating within a secured ecosystem pool data to understand how to bring life-saving innovations to market more quickly?
- Partners in a value chain. Many manufacturers and retailers purchase consumer data from third-party data brokers, but as is often the case, there is not enough quality data to really make an impact. What if systems of partners within a value chain – from suppliers to manufacturers to marketers – pooled their customer data to create a more nuanced picture of demand?
- Let somebody else do the AI model training. AI models are often considered highly sensitive forms of intellectual property. Because they can typically fit on a thumb drive, they also represent high security risks, so many organizations have traditionally performed their own modeling in-house. Thanks to encryption technologies, this may be about to change. With modeling data secured, chief data officers can safely outsource AI modeling and training to third parties.
- Data providers streamline deliveries. On data-sharing platforms, buying access to real-time market or logistics data is as simple as pushing a button. Data providers will no longer need to provide APIs or ship files.
Acquire External Data Easily At The Push Of A Button
Cloud-based data-sharing platforms are helping organizations seamlessly share, buy, and sell data. These heavily virtualized, high-performance data marketplaces are typically structured in a data-sharing-as-a-service model in which, for a fee, service subscribers can manage, curate, and tailor data. They can also secure their data to a degree by using platform-provided “clean rooms,” safe spaces with defined guidelines where organizations can pool their data assets for analysis. Finally, subscribers can aggregate and sell access to their data to other subscribers. Data buyers get à la carte or custom views into different aspects of markets, products, or research.
The fundamental business strategy underpinning this “sharing-as-a-service” model has already demonstrated its effectiveness in other high-profile information and content-sharing arenas such as music file-sharing and social media. In these, a vendor provides an easy-to-use data-sharing platform, and customers provide the content (data).
The data marketplace sector is currently in an early gold rush phase, with startups such as Databricks, Datarade, Dawex, and Snowflake, and hyperscale cloud providers such as AWS, Azure, Google, and Salesforce racing to stake their claims in this promising market. And promising it is: The nexus of data growth and democratization, along with digital transformation, is helping create a revolution in which demand for external data is skyrocketing. No longer merely a tool for informing executive decision-making, data is now a business-critical asset to be sold, bought, traded, and shared. And the platform that facilitates this exchange most easily and effectively could eventually become the standard for data-sharing in industry data verticals or even across entire markets.
We’re seeing data-sharing use cases – and in some areas, success stories – proliferate as more organizations begin pursuing opportunities to monetize and expand their data assets. For example:
- During the early days of the COVID-19 pandemic, fiercely competitive global pharmaceutical firms explored ways to share pre-clinical research data via data-sharing platforms.
- COVID-19 vaccine administrators used centralized state-operated platforms to share daily micro-level vaccination and testing data with public health care agencies.
- Investment managers at a global financial services firm capture and analyze data from their back, middle, and front offices in real time. As a result, the time required to begin sharing investment data with clients shrinks from “months to minutes.”
It remains to be seen how certain aspects of the data-sharing platform market will evolve. While there will eventually be some consolidation and standardization, multiple platform markets could also take root. For example, there could be systems of partners in private data marketplaces, or perhaps public marketplaces targeting unique needs will spring up organically. Whatever shape data marketplaces eventually take, we anticipate that the gold rush will continue to pick up steam, particularly as vendors develop ironclad security and more organizations sign up for these platforms, thus expanding the volume of external data available for consumption.
Share Data Without Compromising Privacy
Data gains value when we share it. Yet data privacy policies and competitive secrecy demands have historically placed a damper on our ability to realize this value. Today, a new class of computational approaches collectively known as privacy-preserving computing (or confidential computing) is poised to liberate organizations and their data from privacy’s shackles. Approaches such as FHE, differential privacy, and functional encryption make it possible for organizations to reap the benefits of data-sharing without sacrificing privacy (figure 1).
Privacy-preserving techniques can also enable collaboration among competitors. Consider multiple financial institutions that compete head-on in distinct areas of financial services. Even though they compete for clients, collectively they may wish to collaborate to achieve common goals such as detecting overconcentration risk, sophisticated fraud patterns, or financial crimes.
In another example, consider organizations that do not compete but belong to complementary companies within an industry sector such as travel. There are beneficial data-sharing use cases in which companies contribute information to co-marketing and discount campaigns across airlines, hotels, and rental car agencies. Each participating company would like to know about the client behavior and activity of the others so they can provide their end consumer with greater value and a more enjoyable customer experience. Yet each has a duty to protect client information. Privacy-preserving computing may be the breakthrough catalyst that allows these companies to interact and collaborate more deeply.
Currently, four challenges are slowing progress in the field of privacy-preserving computing:
- Many of these techniques require new software tools and changes to utilize the data. Being able to fully utilize these tools and support the changes can require significant time and effort from already-busy teams.
- Privacy-preserving techniques can, in some instances, slow speed and performance, which can be problematic with data-in-motion and real-time analysis and dissemination.
- There is currently no easy way to maintain control over the governance and usage of data once it is in someone else’s hands, which raises potential privacy or compliance risks.
- Finally, there are certain regulatory roadblocks around privacy and data ownership that will need to be addressed before privacy-preserving compute can reach its full potential.
Yet work is underway on all these fronts, and it is not unreasonable to say that within the next 18 to 24 months, privacy-preserving computing will offer a broad range of use cases and opportunities.
The Way Forward
Though privacy-sharing computing and advanced data-sharing technologies are already helping organizations positioned at the vanguard of this trend extract more value from data, they are not a panacea for all data management requirements and challenges. You will continue to need strong data governance; tagging and metadata are still necessary.
What’s more, the new tools and approaches do not change longstanding company data culture overnight. For example, established companies often have entrenched processes and standards for managing and using data, whereas startups and digital natives may take more relaxed approaches. Or, due to the very personal relationships that inform decision-making and strategy, family-owned businesses are typically more hesitant to share data – however anonymized – beyond enterprise walls.
We anticipate that these and similar issues are just bumps on the road to a fundamentally new era of transformative data-sharing. You have an untapped asset sitting in your servers. What are you waiting for?
Lessons From The Front Lines
CVS Builds On Data Foundations To Distribute Vaccines
With nearly 10,000 stores across the United States and proven success in annually administering flu and other vaccines, CVS Health was well positioned to make a significant contribution to the historic COVID-19 vaccine rollout. Still, when vaccines became widely available in the spring of 2021, the pharmacy and retail giant needed analytics immediately to understand when and where immunizations were needed most. Karthik Kirubakaran, senior director of retail data engineering, says the organization’s data management processes and technology met the challenge: “Because we had an effective data strategy in place, we were able to extend our capabilities and roll out a new system in weeks instead of months.”
Kirubakaran and his team gathered external data from vaccine suppliers and the Centers for Disease Control and Prevention (CDC) to forecast supply and demand. They then fed this information into internal systems that enabled patients to schedule appointments, partners to set up clinics, and analysts to measure campaign effectiveness. The team also shared data externally with research agencies and universities to help gauge vaccination rates in the population. All of this was done at an unprecedented pace during the pandemic. Fortunately, CVS Health’s data organization capabilities enabled it to rapidly make sense of incoming data, while data-sharing tools provided secure, near–real time exchange. “We were able to move quickly by creating a data mesh across multiple platforms, instead of consolidating to any single technology,” says Kirubakaran.
The team established governance immediately to prioritize data protection and compliance with privacy and data security laws. It also identified clear owners and stewards and created different layers of security for data in transit and at rest. For example, it leveraged third-party clean-room technologies to anonymize data for analysts, who then measured the rollout program based on demographic segments instead of individual identities.
CVS faced new challenges as the vaccine rollout continued. Before each successive distribution of doses to retail stores, Kirubakaran’s team huddled in a virtual war room to pore over demographic and demand data to identify underserved areas. “It was critical for us to create forecasts that were as accurate as possible and facilitated access to vaccines where they were needed,” says Kirubakaran. His team then updated its predictions based on supply information from each store, and even analyzed internet searches for COVID-19 vaccine availability to know where demand was high.
CVS plans to leverage its data-sharing know-how for other use cases as the vaccine rollout slows down. For instance, Kirubakaran’s team is working to use real-time data to understand a customer’s basket in the retail store and match it to past purchase behavior for more accurate coupons at checkout. He’s guided by a CVS leadership directive asking all CVS employees to treat customers as someone they can serve instead of someone they can sell to. Says Kirubakaran, “The idea is to serve the community, to do it in a way that is seamless to the customer, and only tap into the data that they allow us to access.”
Catena-X Changes The Automotive Value Chain Collaboration Model
European automakers are members of a mature industry; their manufacturing practices are fine-tuned, meticulously planned, and just-in-time, which doesn’t leave much room for the unpredictability of the past year. Facing the dual crises of COVID-19 supply delays and semiconductor shortages, the European automotive industry needed to react quickly, but information across the entire automotive value chain, from suppliers to customers to recyclers, was sparse. Several key manufacturers, suppliers, and tech companies, including BMW and Siemens, joined forces to devise a new way of working.
Twenty-eight partners launched “Catena-X,” a data exchange ecosystem that enables organizations to share information on their own terms, with privacy and security guaranteed. “We needed a collaboration platform to work with value chain partners, one that opened up a new playing field,” says Oliver Ganser, head of the Catena-X consortium.
Catena-X, which is Latin for “chain,” launched in August 2021 as one of the first major use cases of the European Union’s federated and secure data-sharing standard, known as GAIA-X. This decentralized approach comprises a multitude of individual platforms, all following a common EU standard. Organizations using GAIA-X can exchange data and collaborate across sectors while retaining data sovereignty. “Instead of companies developing trust in each other individually, we can all trust our data to the GAIA-X framework,” says Ganser.
While GAIA-X provided the standards needed, small and large players ultimately decided to join Catena-X to address their supply chain issues. In one instance, an auto manufacturer found a quality issue that potentially affected tens of thousands of its vehicles. It would normally conduct a major recall and levy millions in penalties to suppliers, but by collaborating with suppliers to share data, the manufacturer was able to pinpoint the quality issue and reduce the number of vehicles that needed a recall by more than 80%.
In the near future, Catena-X will provide a user-friendly system environment that can integrate with enterprise resource planning to transfer data, as well as a software-as-a-service–like portal where smaller suppliers can directly upload data. As new companies join and partners are connected from different areas of the value chain, the consortium anticipates creating new business models. For example, partners may pay incentive fees for sharing data with certain parameters, and sustainability and circular economy is another major use case. “The biggest reason for organizations to join is to solve complex business problems with shared data. Monetizing the data is not our priority,” says Ganser.
The Catena-X board is cognizant that change can be hard for a storied industry like German manufacturing. “This is not just technology; this is a transformation of the automotive industry,” says Claus Cremers, a Catena-X board member and director at Siemens. The board is dedicated to rethinking the value chain and encouraging its members to adopt a startup mentality. Eventually, its goal is to expand out of Europe into global collaboration and acceptance. “We will always produce cars, but we can re-invent ways to run our overall business instead of relying on past methods,” says Ganser.
DARPA Revs Up Data Encryption
The Defense Advanced Research Projects Agency (DARPA) has a history of shaping emerging technologies. The agency – which is part of the US Department of Defense – sponsored research that helped create everything from the internet and the personal computer to drones, GPS, and much more. Currently, DARPA is responding to the expansion of cloud computing and other virtual networks by researching new methods for sharing data while lowering privacy and security risk. Dr. Tom Rondeau, program manager at DARPA, believes building trust through privacy-preserving techniques is key to democratic values. “Being able to share information in a way that preserves privacy and security is foundational to democracy,” says Rondeau.
Rondeau leads the Data Protection in Virtual Environments (DPRIVE) program, which funds startups and incumbents to create hardware that can enable advanced encryption techniques. Standard encryption techniques keep data safe in transit or in storage, but require users to decrypt data for computational use, which exposes it to cyberthreats. In contrast, DPRIVE is focused on enabling fully homomorphic encryption (FHE), a technique that keeps data protected even during computation. Until now, it could take months of computation time to apply the FHE technique to sensitive data stores. DARPA aims to cut down that time drastically by creating specialized chips and coprocessors. Once this privacy-preserving tech is available and it’s embedded into phones and tablets, data can be captured and stored securely on every consumer device, with only encrypted data sent elsewhere for analysis. “If we can accelerate FHE execution, the technique can become a fundamental part of our data-processing approach to almost every application,” says Rondeau.
With FHE, the DPRIVE team is creating standards of security by rigor, meaning computational difficulty, so users know just how secure their data is. Understanding levels of security should be like buying a safe, according to Rondeau. Safes are rated by how long it takes for a skilled burglar to break through. Their security rating helps buyers make better decisions around safeguarding valuables. Similarly, if data management teams know how long it takes to hack into different kinds of encryption, they can determine which information requires the most security, and how often encryption codes should be changed to prevent hacking. “We should be able to prove exactly how secure something is, not just for consumers to feel protected when using their devices, but also for better measuring our national security,” says Rondeau.
DPRIVE offers a key use case for securely sharing data on national security threats with other governments. “FHE could become a way of sharing intelligence data from the field while protecting our sources and techniques for gathering intelligence,” says Rondeau. Similarly, in the case of financial crime analysis, law enforcement agencies need data to analyze crimes, while banks are mandated to protect their consumer data. Rondeau believes advanced encryption techniques could make it possible for both parties to share and analyze the data needed to identify money laundering without compromising privacy.
Today, FHE computation is very computationally intensive and too slow for many use cases. Though DARPA is working with partners to solve this technical problem through better hardware, scaling up the solution is the organization’s end goal. Rondeau and his team believe that once privacy-preserving tech, techniques, and standards are commonplace, they can improve everyone’s privacy over time. Says Rondeau, “This is a technology that can support and export our democratic principles on the security and privacy of information. It can do a lot of good.”
Kyle Rourke, Vice President Of Global Platform Strategy, Snowflake
As the vast majority of enterprise computing moves to hyperscalers, the world’s data is consolidating via cloud providers into a handful of physical data centers. This transition alone, though, doesn’t make the data any easier to access and unlock for monetization across organizations. At Snowflake, we recognized a decade ago that to share and utilize data effectively, organizations need to be part of a network with built-in trust and governance, underpinned by a technology that eliminates data silos.
Snowflake has always enabled organizations to store and analyze their data in the cloud. As customers realized massive performance and concurrency gains, their appetite to leverage even more data, including data owned by other organizations, has increased. Last year, we unveiled our foundational technology that creates a single network which every customer can connect to, akin to one massive relational database, or a sort of social network for data. This made it possible for organizations to share data with others in real time, if they choose, by simply granting access within the platform. We’ve watched the number of interorganizational connections grow rapidly.
By sharing or combining data with others, organizations are now developing a variety of innovative products and services. For example, a company that gathers location analytics can distribute data at the click of a button to rideshare companies that want to know where drivers are most needed. Media publishers can combine their customer data with data from retailers to create a new dataset that allows both organizations to better target their ads and products. Going forward, data networks can grow like social networks: Exponential adoption will drive value creation in new and unexpected ways.
Across the industry, the methods of sharing data are evolving. In the past, organizations would have to find secure ways to gather data, copy and upload it to their own servers, ensure their data collection was compliant with policies, and more. As marketplaces for live data continue to grow, organizations can buy or sell data as a service without the costs of ingestion, maintenance, and compliance. With less friction in the way, organizations are free to become more creative. Data that was traditionally siloed within just one company will now be unlocked for the benefit of the many, and we’re yet to see what novel, lucrative uses will result.
Of course, organizations cannot share most data without privacy measures in place. Data networks like ours require strong governance to facilitate trust and willingness to share. Clean rooms bring data together from multiple companies for joint analysis under guidelines that keep the data secure. Restricted queries can prevent drill-down into sensitive data such as PII while allowing analysts to gather anonymized records to feed into their models.
Eventually, the ability to run analyses or create models using data from outside the enterprise will become commonplace. Our customers are increasingly telling us where to go next as they explore different ways of collaborating on data. The change we’re seeing now is similar to how the internet unlocked and democratized access to information: The ability to collaborate and operate in a safe, compliant, trusted way with data is going to open up radical new possibilities for business.
Are You Ready?
- Which data assets could you share with partners to tackle common challenges and pursue mutually beneficial revenue, operational, and research opportunities?
- Have you leveraged external data from data marketplace platforms to augment your own data assets? How did access to more information enhance your decision-making process?
- Which privacy-preserving computing techniques are you using? How has or would the ability to analyze anonymized data enable new use cases and innovative experimentation?
originally posted on deloitte.com by Frank Farrall, Nitin Mittal, Chandra Narra, Juan Tello and Eli M. Dow
Frank Farrall: Principal | Deloitte Consulting LLP
Frank is the leader of Deloitte’s AI ecosystems and platforms business, with responsibilities across a portfolio of high growth offerings that are powered by innovative artificial intelligence technologies. He is responsible for developing agile business strategies and implementing AI solutions to help clients drive growth and operational efficiency. Frank also leads Deloitte’s alliance with Snowflake, an enterprise focused on cloud data platform technology. Frank is a founding partner of the global Deloitte Digital practice. He led Deloitte’s assets and solutions business and Deloitte Digital Asia-Pacific. In these roles, he was responsible for the strategic direction and business performance of two of the fastest-growing business areas in Deloitte.
Nitin Mittal: Principal | Deloitte AI
Nitin Mittal is a principal with Deloitte Consulting LLP. He currently serves as the US Artificial Intelligence (AI) Strategic Growth Offering Consulting Leader. He is the 2019 recipient of the AI Innovator of the Year award at the AI Summit New York. He specializes in advising clients to achieve competitive advantage through data and cognitive powered transformations that promote amplified intelligence and enable our clients to make strategic choices and transform ahead of disruption. Throughout his career, Nitin has served as a trusted advisor to global clients and has worked across a number of industry sectors. His primary focus has been working with Life Sciences and Health Care clients, implementing large scale data programs that promote organizational intelligence, and the use of advanced analytics and AI to drive insights and business strategy.
Chandra Narra: Managing Director, Deloitte Consulting
Chandra Narra is a managing director with Deloitte Consulting. He has more than 18 years of extensive global consulting and technology experience. He is a certified data scientist and subject matter expert in AI and advanced data management technologies. He delivers advanced analytics solutions to help organizations unlock and monetize the full potential of their data through innovation and exponential technologies.
Juan Tello: Principal | Deloitte Consulting LLP
Juan is a principal in Deloitte Consulting LLP’s Strategy & Analytics offering and is also the Chief Data Officer for Deloitte Consulting. Juan works with organizations to innovate and transform them into Insight Driven Organizations. He focuses on providing a data advantage from strategy to execution and improving business outcomes.
Eli M. Dow: Leader, Analytics and Cognitive Practice
Eli Dow is an analytics and cognitive leader with more than 20 years of experience in enterprise software production. As a Deloitte Technology Fellow, he is a technical executive and a catalyst for high-impact AI engagement strategy and implementation. He is a passionate technologist, technical leader, futurist, an innovator. He is a published author and one of the world’s most prolific inventors.