New technologies give rise to innovative business models and products by simplifying the mechanics of data-sharing across and between organisations—all while preserving the veil of privacy.
Thanks to advances in data-sharing technologies, you can buy and sell potentially valuable information assets in highly efficient, cloud-based marketplaces. Combine this data with a new array of privacy-preserving technologies, such as fully homomorphic encryption (FHE) and differential privacy, and you can now share encrypted data and perform computations on it without having to decrypt it first. This provides the best of all potential worlds: sharing data while preserving security and privacy.
All of this has fueled a promising new trend. Stores of sensitive data lying fallow in servers around the globe due to privacy or regulatory concerns are starting to generate value across enterprises in the form of new business models and opportunities. During the next 18 to 24 months, we expect to see more organisations explore opportunities to create seamless, secure data-sharing capabilities that can help them monetise their own information assets and accomplish business goals using other people’s data.
Though currently in an early stage, this data-sharing trend is picking up steam. In a recent survey, Forrester Research found that more than 70% of global data and analytics decision-makers are expanding their ability to use external data, and another 17% plan to do so within the next 12 months.1
Moreover, the global FHE market alone is growing at an annual rate of 7.5% and is expected to reach US$437 million in value by 2028. Currently, the healthcare and finance sectors are leading most FHE explorations.2
What accounts for this growth? Simply put, data gains value when it is shared. Gartner™ predicts that by 2023, organisations that promote data-sharing will outperform their peers in most business metrics.3
Consider the following examples of data-sharing in action:
Opportunities like these to monetise data through sharing and pooling can offer a competitive advantage for first movers—a motivating concern these days across markets. It is not uncommon for new participants in data-sharing ecosystems to experience what has been described as an “oh, sweet Lord moment” upon realising that their competitors operating on the same platform are doing much more with data assets. In this moment, many resolve to become the best AI- and data-driven organisation possible.
As the lifeblood of digital transformation, data looms large in Deloitte’s Tech Trends reports. In Tech Trends 2021, for example, we discussed how in order to realize their MLOps ambitions, companies must manage their data very differently.4 Today, the data-sharing revolution is making it possible for organisations to access more data, more securely within their own ecosystem and across other organisations. But, once again, reaching this potential requires managing data differently—this time adding innovative technologies and techniques that free information assets from traditional privacy and security restrictions.
This year’s data trend comprises three major dimensions: opportunity, ease of use, and privacy.
Shared data can create shared opportunities and new business models. As the data-sharing trend advances, we expect more organisations to engage in “data collaboration” to tackle common challenges and pursue mutually beneficial revenue, operational, and research opportunities. Moreover, the ability to share data safely with external data management service providers can help organisations streamline data management processes and lower related costs. Consider the following opportunities data-sharing can drive:
Cloud-based data-sharing platforms are helping organisations seamlessly share, buy, and sell data. These heavily virtualised, high-performance data marketplaces are typically structured in a data-sharing-as-a-service model in which, for a fee, service subscribers can manage, curate, and tailor data. They can also secure their data to a degree by using platform-provided “clean rooms,” safe spaces with defined guidelines where organisations can pool their data assets for analysis. Finally, subscribers can aggregate and sell access to their data to other subscribers. Data buyers get à la carte or custom views into different aspects of markets, products, or research.
The fundamental business strategy underpinning this “sharing-as-a-service” model has already demonstrated its effectiveness in other high-profile information and content-sharing arenas such as music file-sharing and social media. In these, a vendor provides an easy-to-use data-sharing platform, and customers provide the content (data).5
The data marketplace sector is currently in an early gold rush phase, with startups such as Databricks, Datarade, Dawex, and Snowflake, and hyperscale cloud providers such as AWS, Azure, Google, and Salesforce racing to stake their claims in this promising market. And promising it is: The nexus of data growth and democratisation, along with digital transformation, is helping create a revolution in which demand for external data is skyrocketing.6 No longer merely a tool for informing executive decision-making, data is now a business-critical asset to be sold, bought, traded, and shared. And the platform that facilitates this exchange most easily and effectively could eventually become the standard for data-sharing in industry data verticals or even across entire markets.
We’re seeing data-sharing use cases—and in some areas, success stories—proliferate as more organisations begin pursuing opportunities to monetise and expand their data assets. For example:
It remains to be seen how certain aspects of the data-sharing platform market will evolve. While there will eventually be some consolidation and standardisation, multiple platform markets could also take root. For example, there could be systems of partners in private data marketplaces, or perhaps public marketplaces targeting unique needs will spring up organically. Whatever shape data marketplaces eventually take, we anticipate that the gold rush will continue to pick up steam, particularly as vendors develop ironclad security and more organisations sign up for these platforms, thus expanding the volume of external data available for consumption.
Data gains value when we share it. Yet data privacy policies and competitive secrecy demands have historically placed a damper on our ability to realise this value. Today, a new class of computational approaches collectively known as privacy-preserving computing (or confidential computing) is poised to liberate organisations and their data from privacy’s shackles. Approaches such as FHE, differential privacy, and functional encryption make it possible for organisations to reap the benefits of data-sharing without sacrificing privacy (figure 1).
Privacy-preserving techniques can also enable collaboration among competitors. Consider multiple financial institutions that compete head-on in distinct areas of financial services. Even though they compete for clients, collectively they may wish to collaborate to achieve common goals such as detecting overconcentration risk, sophisticated fraud patterns, or financial crimes.
In another example, consider organisations that do not compete but belong to complementary companies within an industry sector such as travel. There are beneficial data-sharing use cases in which companies contribute information to co-marketing and discount campaigns across airlines, hotels, and rental car agencies. Each participating company would like to know about the client behavior and activity of the others so they can provide their end consumer with greater value and a more enjoyable customer experience. Yet each has a duty to protect client information. Privacy-preserving computing may be the breakthrough catalyst that allows these companies to interact and collaborate more deeply.
Currently, four challenges are slowing progress in the field of privacy-preserving computing:
Yet work is underway on all these fronts, and it is not unreasonable to say that within the next 18 to 24 months, privacy-preserving computing will offer a broad range of use cases and opportunities.
Though privacy-sharing computing and advanced data-sharing technologies are already helping organisations positioned at the vanguard of this trend extract more value from data, they are not a panacea for all data management requirements and challenges. You will continue to need strong data governance; tagging and metadata are still necessary.
What’s more, the new tools and approaches do not change longstanding company data culture overnight. For example, established companies often have entrenched processes and standards for managing and using data, whereas startups and digital natives may take more relaxed approaches. Or, due to the very personal relationships that inform decision-making and strategy, family-owned businesses are typically more hesitant to share data—however anonymised—beyond enterprise walls.
We anticipate that these and similar issues are just bumps on the road to a fundamentally new era of transformative data-sharing. You have an untapped asset sitting in your servers. What are you waiting for?
With nearly 10,000 stores across the United States and proven success in annually administering flu and other vaccines, CVS Health (CVSH) was well positioned to make a significant contribution to the historic COVID-19 vaccine rollout. Still, when vaccines became widely available in the spring of 2021, the pharmacy and retail giant needed analytics immediately to understand when and where immunisations were needed most. Karthik Kirubakaran, senior director of retail data engineering, says the organisation’s data management processes and technology met the challenge: “Because we had an effective data strategy in place, we were able to extend our capabilities and roll out a new system in weeks instead of months.”10
Kirubakaran and his team gathered external data from vaccine suppliers and the Centers for Disease Control and Prevention (CDC) to forecast supply and demand. They then fed this information into internal systems that enabled patients to schedule appointments, partners to set up clinics, and analysts to measure campaign effectiveness. The team also shared data externally with research agencies and universities to help gauge vaccination rates in the population. All of this was done at an unprecedented pace during the pandemic. Fortunately, CVSH's data organisation capabilities enabled it to rapidly make sense of incoming data, while data-sharing tools provided secure, near–real time exchange. “We were able to move quickly by creating a data mesh across multiple platforms, instead of consolidating to any single technology,” says Kirubakaran.
The team established governance immediately to prioritise data protection and compliance with privacy and data security laws. It also identified clear owners and stewards and created different layers of security for data in transit and at rest. For example, it leveraged third-party clean-room technologies to anonymise data for analysts, who then measured the rollout programme based on demographic segments instead of individual identities.
CVSH faced new challenges as the vaccine rollout continued. Before each successive distribution of doses to retail stores, Kirubakaran’s team huddled in a virtual war room to pore over demographic and demand data to identify underserved areas. “It was critical for us to create forecasts that were as accurate as possible and facilitated access to vaccines where they were needed,” says Kirubakaran. His team then updated its predictions based on supply information from each store, and even analysed internet searches for COVID-19 vaccine availability to know where demand was high.
CVSH plans to leverage its data-sharing know-how for other use cases as the vaccine rollout slows down. For instance, Kirubakaran’s team is working to use real-time data to understand a customer’s basket in the retail store and match it to past purchase behaviour for more accurate coupons at checkout. He’s guided by a CVSH leadership directive asking all CVSH employees to treat customers as someone they can serve instead of someone they can sell to. Says Kirubakaran, “The idea is to serve the community, to do it in a way that is seamless to the customer, and only tap into the data that they allow us to access.”
European automakers are members of a mature industry; their manufacturing practices are fine-tuned, meticulously planned, and just-in-time, which doesn’t leave much room for the unpredictability of the past year. Facing the dual crises of COVID-19 supply delays and semiconductor shortages, the European automotive industry needed to react quickly, but information across the entire automotive value chain, from suppliers to customers to recyclers, was sparse. Several key manufacturers, suppliers, and tech companies, including BMW and Siemens, joined forces to devise a new way of working.
Twenty-eight partners launched “Catena-X,” a data exchange ecosystem that enables organisations to share information on their own terms, with privacy and security guaranteed. “We needed a collaboration platform to work with value chain partners, one that opened up a new playing field,” says Oliver Ganser, head of the Catena-X consortium.11
Catena-X, which is Latin for “chain,” launched in August 2021 as one of the first major use cases of the European Union’s federated and secure data-sharing standard, known as GAIA-X.12 This decentralised approach comprises a multitude of individual platforms, all following a common EU standard. Organisations using GAIA-X can exchange data and collaborate across sectors while retaining data sovereignty. “Instead of companies developing trust in each other individually, we can all trust our data to the GAIA-X framework,” says Ganser.
While GAIA-X provided the standards needed, small and large players ultimately decided to join Catena-X to address their supply chain issues. In one instance, an auto manufacturer found a quality issue that potentially affected tens of thousands of its vehicles. It would normally conduct a major recall and levy millions in penalties to suppliers, but by collaborating with suppliers to share data, the manufacturer was able to pinpoint the quality issue and reduce the number of vehicles that needed a recall by more than 80%.13
In the near future, Catena-X will provide a user-friendly system environment that can integrate with enterprise resource planning to transfer data, as well as a software-as-a-service–like portal where smaller suppliers can directly upload data. As new companies join and partners are connected from different areas of the value chain, the consortium anticipates creating new business models. For example, partners may pay incentive fees for sharing data with certain parameters, and sustainability and circular economy is another major use case. “The biggest reason for organisations to join is to solve complex business problems with shared data. Monetising the data is not our priority,” says Ganser.
The Catena-X board is cognizant that change can be hard for a storied industry like German manufacturing. “This is not just technology; this is a transformation of the automotive industry,” says Claus Cremers, a Catena-X board member and director at Siemens.14 The board is dedicated to rethinking the value chain and encouraging its members to adopt a startup mentality. Eventually, its goal is to expand out of Europe into global collaboration and acceptance. “We will always produce cars, but we can re-invent ways to run our overall business instead of relying on past methods,” says Ganser.
The Defense Advanced Research Projects Agency (DARPA) has a history of shaping emerging technologies. The agency—which is part of the US Department of Defense—sponsored research that helped create everything from the internet and the personal computer to drones, GPS, and much more. Currently, DARPA is responding to the expansion of cloud computing and other virtual networks by researching new methods for sharing data while lowering privacy and security risk. Dr. Tom Rondeau, programme manager at DARPA, believes building trust through privacy-preserving techniques is key to democratic values. “Being able to share information in a way that preserves privacy and security is foundational to democracy,” says Rondeau.15
Rondeau leads the Data Protection in Virtual Environments (DPRIVE) programme, which funds startups and incumbents to create hardware that can enable advanced encryption techniques. Standard encryption techniques keep data safe in transit or in storage, but require users to decrypt data for computational use, which exposes it to cyberthreats. In contrast, DPRIVE is focused on enabling fully homomorphic encryption (FHE), a technique that keeps data protected even during computation. Until now, it could take months of computation time to apply the FHE technique to sensitive data stores. DARPA aims to cut down that time drastically by creating specialised chips and coprocessors. Once this privacy-preserving tech is available and it’s embedded into phones and tablets, data can be captured and stored securely on every consumer device, with only encrypted data sent elsewhere for analysis. “If we can accelerate FHE execution, the technique can become a fundamental part of our data-processing approach to almost every application,” says Rondeau.
With FHE, the DPRIVE team is creating standards of security by rigour, meaning computational difficulty, so users know just how secure their data is. Understanding levels of security should be like buying a safe, according to Rondeau. Safes are rated by how long it takes for a skilled burglar to break through. Their security rating helps buyers make better decisions around safeguarding valuables. Similarly, if data management teams know how long it takes to hack into different kinds of encryption, they can determine which information requires the most security, and how often encryption codes should be changed to prevent hacking. “We should be able to prove exactly how secure something is, not just for consumers to feel protected when using their devices, but also for better measuring our national security,” says Rondeau.
DPRIVE offers a key use case for securely sharing data on national security threats with other governments. “FHE could become a way of sharing intelligence data from the field while protecting our sources and techniques for gathering intelligence,” says Rondeau. Similarly, in the case of financial crime analysis, law enforcement agencies need data to analyse crimes, while banks are mandated to protect their consumer data. Rondeau believes advanced encryption techniques could make it possible for both parties to share and analyse the data needed to identify money laundering without compromising privacy.
Today, FHE computation is very computationally intensive and too slow for many use cases. Though DARPA is working with partners to solve this technical problem through better hardware, scaling up the solution is the organisation’s end goal. Rondeau and his team believe that once privacy-preserving tech, techniques, and standards are commonplace, they can improve everyone’s privacy over time. Says Rondeau, “This is a technology that can support and export our democratic principles on the security and privacy of information. It can do a lot of good.”
As the vast majority of enterprise computing moves to hyperscalers, the world’s data is consolidating via cloud providers into a handful of physical data centers. This transition alone, though, doesn’t make the data any easier to access and unlock for monetization across organisations. At Snowflake, we recognised a decade ago that to share and utilise data effectively, organisations need to be part of a network with built-in trust and governance, underpinned by a technology that eliminates data silos.
Snowflake has always enabled organisations to store and analyse their data in the cloud. As customers realised massive performance and concurrency gains, their appetite to leverage even more data, including data owned by other organisations, has increased. Last year, we unveiled our foundational technology that creates a single network which every customer can connect to, akin to one massive relational database, or a sort of social network for data. This made it possible for organisations to share data with others in real time, if they choose, by simply granting access within the platform. We’ve watched the number of inter-organisational connections grow rapidly.
By sharing or combining data with others, organisations are now developing a variety of innovative products and services. For example, a company that gathers location analytics can distribute data at the click of a button to rideshare companies that want to know where drivers are most needed. Media publishers can combine their customer data with data from retailers to create a new dataset that allows both organisations to better target their ads and products. Going forward, data networks can grow like social networks: Exponential adoption will drive value creation in new and unexpected ways.
Across the industry, the methods of sharing data are evolving. In the past, organisations would have to find secure ways to gather data, copy and upload it to their own servers, ensure their data collection was compliant with policies, and more. As marketplaces for live data continue to grow, organisations can buy or sell data as a service without the costs of ingestion, maintenance, and compliance. With less friction in the way, organisations are free to become more creative. Data that was traditionally siloed within just one company will now be unlocked for the benefit of the many, and we’re yet to see what novel, lucrative uses will result.
Of course, organisations cannot share most data without privacy measures in place. Data networks like ours require strong governance to facilitate trust and willingness to share. Clean rooms bring data together from multiple companies for joint analysis under guidelines that keep the data secure. Restricted queries can prevent drill-down into sensitive data such as PII while allowing analysts to gather anonymised records to feed into their models.
Eventually, the ability to run analyses or create models using data from outside the enterprise will become commonplace. Our customers are increasingly telling us where to go next as they explore different ways of collaborating on data. The change we’re seeing now is similar to how the internet unlocked and democratised access to information: The ability to collaborate and operate in a safe, compliant, trusted way with data is going to open up radical new possibilities for business.
Download the trend to explore more insights, including the “Executive perspectives” that illuminate the strategy, finance, and risk implications of each trend. And check out these links for related content:
Today, business and technology are inextricably linked. And keeping pace with the emerging technology landscape can be difficult for even the most tech-savvy leaders. Deloitte can help. Our technology professionals have deep experience applying technologies to help you achieve your business goals.