This Mobey Forum report on Confidential Computing is created by joint efforts of Decentriq, Intel and UBS, and is part five in the mini-report series on emerging Privacy Enhancing Technologies (PETs).

Confidential Computing technology protects data and applications in use by running them within hardware-based Trusted Execution Environments. This technology is behind truly secure and compliant data clean rooms.
The immediate business benefit of employing Confidential Computing data clean rooms is achieving compliance with localizations laws while reducing operational costs by adopting cloud economics.

Encryption is often seen as the answer to achieve this level of trust. This is commonly known as encryption of “data in transit” and “data at rest”, but it doesn’t include “data in use” case - while data is processed on that server, and can be visible and extractable for anyone who manages that given server.

Confidential Computing guards against this threat model by using Trusted Execution Environments (TEEs) to protect the data. All data in a TEE is hidden from everyone (including the system administrator), and is encrypted in use – hence resulting in full confidentiality and integrity of sensitive data.

When coupled with other PETs such as Differential Privacy or Synthetic Data, data clean rooms powered by Confidential Computing are already used in a variety of business use cases, ranging from patient data collaborations, pooling transaction data for Anti Money Laundering Machine Learning, to the creation of a new, more private way to identify, expand, and activate advertising audiences.