Privacy for Personal Neuroinformatics

TL;DR

This paper presents a privacy-preserving system for sharing EEG data by extracting lower-dimensional features, enabling research and medical use without exposing sensitive raw signals.

Contribution

It introduces an integrated neuroinformatics and privacy framework that allows raw EEG data to be processed on mobile devices and shared via extracted features, protecting participant privacy.

Findings

Raw EEG signals can be securely processed on mobile devices.

Extracted features retain utility while safeguarding raw data.

The system mitigates privacy risks associated with raw EEG sharing.

Abstract

Human brain activity collected in the form of Electroencephalography (EEG), even with low number of sensors, is an extremely rich signal. Traces collected from multiple channels and with high sampling rates capture many important aspects of participants' brain activity and can be used as a unique personal identifier. The motivation for sharing EEG signals is significant, as a mean to understand the relation between brain activity and well-being, or for communication with medical services. As the equipment for such data collection becomes more available and widely used, the opportunities for using the data are growing; at the same time however inherent privacy risks are mounting. The same raw EEG signal can be used for example to diagnose mental diseases, find traces of epilepsy, and decode personality traits. The current practice of the informed consent of the participants for the use of the data either prevents reuse of the raw signal or does not truly respect participants' right to privacy by reusing the same raw data for purposes much different than originally consented to. Here we propose an integration of a personal neuroinformatics system, Smartphone Brain Scanner, with a general privacy framework openPDS. We show how raw high-dimensionality data can be collected on a mobile device, uploaded to a server, and subsequently operated on and accessed by applications or researchers, without disclosing the raw signal. Those extracted features of the raw signal, called answers, are of significantly lower-dimensionality, and provide the full utility of the data in given context, without the risk of disclosing sensitive raw signal. Such architecture significantly mitigates a very serious privacy risk related to raw EEG recordings floating around and being used and reused for various purposes.