Hope for Justice is a global non-profit organization which aims to bring an end to modern slavery. Occurring globally, modern slavery manifests in various forms, trapping victims in exploitative situations through threats, violence, coercion, or deception. Human trafficking, a facet of this slavery, utilizes digital technology, proliferating its impact with approximately 50 million victims and generating $236 billion in profits annually. Hope for Justice fights this by preventing exploitation, rescuing victims, advocating on their behalf, restoring lives, training frontline professionals, and reforming society.
In their efforts to combat modern slavery, Hope for Justice and other anti-trafficking agencies gather, analyze, and store sensitive data, including personally identifiable information (PII) and even victims’ individual stories. This information often serves as crucial evidence in the prevention of exploitation, the identification of victims, the provision of support for survivors, and evidence in legal proceedings against perpetrators. However, due to the fragmented nature of the data, sharing it between agencies proves challenging, hindering investigations and support services. For this reason, Hope for Justice decided to develop a secure platform to facilitate exchanging intelligence, tracking potential trafficking victims, and consolidating data across agencies, all while ensuring privacy and confidentiality.
To handle the complex challenge of maintaining data privacy in anti-trafficking work, Hope for Justice turned to confidential-computing technology, collaborating with Intel and Edgeless Systems. With confidential computing, data can stay encrypted at any given moment, even during processing, keeping it inaccessible even to privileged admins and software.
Combining the domain expertise of Hope for Justice, Intel’s SGX enclave technology, and the open-source software EGo, Edgeless Systems implemented the “Private Data Exchange”, a multi-party computing solution designed to facilitate data sharing and pooling. Whenever victims are rescued, their information, such as address, ID, and similar details are recorded and encrypted to be stored securely. The platform works by finding and listing potential matches between organizations in order of probability, detecting correlations in e.g. ‘Passport', 'Exploitation type’, and ‘Location’, and consequently alerting different parties of the potential match, whilst not sharing any raw data, which is always kept encrypted and only selectively shared.
Below, you can get a first look at the platform's Proof of Concept, from the perspective of a fictional anti-slavery organization, "Ochrony".
The heart of the platform is running in an SGX enclave with an encrypted SQL DB whose key is sealed. The sealing ensures that the encryption key can only be read by the same enclave and CPU. The enclave stores the organization data in the database and matches the case records against other entries to alert the user about matches. It’s important to note that the match information only includes information on the matched organization, the record ID and matching fields, to keep the organization data private.
To make the platform easy to use while ensuring the highest security, the client connects to the enclave through a Docker container, which serves the local web app. During communication, the system then verifies the enclave’s security through aTLS, which involves remote attestation, to confirm that the enclave is running the expected code securely.
“
As security technology creators, we have both the responsibility and the opportunity to help protect every person’s data and privacy. We’re seeing this occur through confidential computing advancements – the innovations we are bringing forward today will help us facilitate change and soon become the standards for how we operate tomorrow.
”
Paul O’Neill, Senior Director, Confidential Computing at Intel
By using Intel SGX and working with the team at Edgeless Systems, Hope for Justice was able to get their Private Data Exchange ready for testing within a few weeks. The underlying confidential-computing module for secure multi-party collaboration was made available as open-source by Edgeless Systems. You can find more information about how the platform handles trusted ownership, encryption, authentication, and secure connections in the GitHub repository. For additional information, we recommend that you watch the Hope For Justice presentation at OC3 2024.
“
By utilizing the multi-party computing framework provided by Edgeless Systems as open source (…) we are now proud to present the “Private Data Exchange”, a confidential-computing platform designed to enhance global efforts to detect and respond to human trafficking. (…) The potential application of confidential computing is mind-blowing. If you were to imagine most, if not all, antitrafficking agencies across the world signed up to a confidential-computing platform like this, and securely collaborating with one another, we could have thousands of individuals identified as victims of modern slavery, that would have otherwise flown under the radar.
”
Callum Harvie, Operations & Risk Manager at Hope for Justice
Please fill out the form to schedule a call with our experts.
