HKU Bulletin | Nov 2025 Cover Story 4 5 Moving in the right direction The third approach for protecting privacy is differential privacy. This is for situations when people want to ask specific questions of raw data, rather than share. Protection can come from tracking and controlling the questions to protect privacy. For instance, a person investigating lung cancer in Hong Kong might ask the database for rates among HKU employees and then among employees in computer science and so on, in a way that narrows down an individual’s identity. Differential privacy adds ‘noise’, or a layer of cybersecurity, to prevent that from happening. Despite the limitations of these technical solutions, Professor Yiu is optimistic they are advancing in the right direction to protect privacy and enable greater data sharing, particularly as encryption technology is more widely used. But he is concerned that the law still lags behind. For instance, privacy law is vague on whether data encrypted through homomorphic encryption can be sent abroad. “If data is encrypted, then the data is protected. But can I still send it out? The privacy law in Hong Kong does not talk about this very clearly,” he said. Professor Yiu has been advising Hong Kong’s Office of the Privacy Commissioner for Personal Data, the Hong Kong Police Force of the Government of the Hong Kong Special Administrative Region of the People’s Republic of China and many others on the societal benefits of allowing datasharing technologies to be used more widely. “The technology can help resolve a lot of things, but we cannot achieve the benefits of these solutions if the laws and regulations do not allow us to use it. We also need more education so that everybody can accept it,” he said. Professor Yiu Siu-ming Balancing privacy with research and community development has become a very big challenge. But I believe that technology and the law, together, can resolve the problem. Rapid progress in data technology, including AI, means more personal data than ever is being collected – whether it be DNA, facial recognition or any human identifier or activity. For individuals, that raises obvious privacy concerns. But Professor Yiu Siu-ming of the School of Computing and Data Science is not so easily discouraged. Professor Yiu has studied data protection and privacy for years. He believes the risks are surmountable with the right tools and support and an appreciation of the value of data collection to society, which can be used to develop new health treatments, improve national security and facilitate business management, among many other things. “The whole world is increasingly concerned about privacy. Balancing privacy with research and community development has become a very big challenge,” he said. “But I believe that technology and the law, together, can resolve the problem.” On the technology side, he has been working on three methods to transfer data without disclosing the data source and thus protecting privacy. While not yet perfect, they offer different kinds of data protection under different circumstances. The data goldrush is putting pressure on personal privacy, as everyone from businesses to universities to governments seeks to mine and share data on individuals for profit, research or policy development. But those privacy concerns may be hindering non-intrusive solutions that could help advance research and benefit society, says computer scientist Professor Yiu Siu-ming. Keeping Data under Wraps Options for protection One method is homomorphic encryption, which encrypts data before it is sent to another party, allowing access to the overall results but not the raw data. For instance, if a company wants to survey students about their preferred model and colour of phone, it could collect the data and then share or sell the overall statistics, not the individual data points. However, this does not work when trying to export data to another country. Many countries have restrictions on data sharing, even when it is encrypted, which creates problems for multinational companies, academic researchers, or governments. For instance, if a firm has branches in Beijing, London and Hong Kong, it cannot easily share customer information. Moreover, there is always the risk that in 10 or 20 years, the encryption code will be broken. Professor Yiu and others in the field have been working on a workaround, which is federated learning. The raw data is processed in a model located close to the source and that model – not the data – is combined with models from other centres to give a close approximation of the overall results (Professor Edith CH Ngai is also working in this area, see page 10). Federated learning works well with non-sensitive uses such as marketing or promotions, but the technique is still imperfect. “It is more feasible because the data never goes out, but it may not be 100 per cent accurate,” Professor Yiu said. “It may also be possible to deduce the source of some of the data. For instance, if a company only has customers of a certain type in one country, and that group is included in their overall model, then that group becomes revealed.” Moreover, the user may need to recruit a third party to help develop a final global model, and there may be difficulties if too many different models need to be incorporated. A firm with dozens of branches across various countries will likely find the system too slow in combining input, versus a firm with only three branches.
RkJQdWJsaXNoZXIy ODI4MTQ=