Analytics and Search

Privacy-Preserving Data Collaboration with AWS Clean Rooms

Run joint analysis across multiple companies without sharing or copying data. Learn about aggregation rules for preventing individual identification and Cryptographic Computing for encrypted analysis.

約 3 分で読めます

Clean Rooms Overview and Use Cases

Clean Rooms is a service that enables multiple companies to jointly run analyses without sharing or copying data between each other. As GDPR and personal data protection laws become stricter, making data sharing between companies more difficult, Clean Rooms provides a means to extract value from data while preserving privacy. Representative use cases include advertising effectiveness measurement (matching advertiser and publisher data to analyze conversions), healthcare research (anonymizing patient data from multiple medical institutions for joint research), and financial risk analysis (aggregating transaction data from multiple financial institutions to build risk models).

Collaborations and Analysis Rules

A collaboration consists of participating members (companies) and their roles (data provider, analysis executor). Each member registers their data on S3 as a Glue Data Catalog table and associates it with the collaboration. Analysis rules control the types of queries allowed. Aggregation rules permit only aggregate functions such as COUNT, SUM, and AVG, prohibiting individual record output. Setting a minimum aggregation threshold (e.g., 100 or more records, configurable up to 500) eliminates the risk of identifying individuals from small record sets. List rules allow output of record lists matching specific conditions, but the output columns can be restricted.

Cryptographic Computing

Clean Rooms ML's Cryptographic Computing is a feature that runs analysis on encrypted data. Data providers register data in an encrypted state with Clean Rooms, and analysis executors run queries against the encrypted data. Only the analysis results are decrypted and returned, with raw data never exposed. This technology enables joint analysis while mathematically guaranteeing data confidentiality. Cryptographic Computing currently supports similarity matching (identifying common records between two datasets) and can be used for advertising audience matching and customer list reconciliation. To broaden your knowledge of data analytics, specialized books on Amazon can also be useful.

Clean Rooms Pricing

Clean Rooms pricing is based on query processing volume. SQL queries are billed based on the amount of data processed, at approximately $5.00 per TB. Cryptographic Computing incurs additional charges based on the volume of encrypted matching processing. There are no additional charges for creating collaborations or managing members. Restricting the types of queries allowed through analysis rules prevents unintended large-scale scans and helps manage costs. For joint analysis with partner companies, it is important to agree on cost-sharing arrangements in advance.

Summary

Clean Rooms is a privacy-preserving service that enables joint analysis without sharing data. It controls allowed queries through analysis rules and enables analysis of encrypted data through Cryptographic Computing. As privacy regulations continue to strengthen, it is becoming the new standard for data collaboration between companies.

Related Services

AWS Clean RoomsA privacy-preserving data collaboration service that enables multiple organizations to jointly analyze data without sharing itAmazon S3A scalable object storage serviceAWS GlueA serverless ETL service that automates data extraction, transformation, and loading

Related Articles

Building a Cloud Data Warehouse with Amazon Redshift - Choosing Between Serverless and RA3Learn the criteria for choosing between Serverless and RA3 provisioned clusters, and how to prevent data silos using data sharing and Spectrum for data lake integration.Privacy-Preserving ML with AWS Clean Rooms ML - Build Models Without Sharing DataLearn how to build lookalike models with Clean Rooms ML, apply differential privacy, and leverage the results for ad targeting.Record Matching with AWS Entity Resolution - Customer Data Deduplication and IntegrationLearn about record matching across multiple data sources with Entity Resolution and how to design matching workflows.

More on This Topic

Practical Use Cases for Amazon Quick - Department-Specific Scenarios and Workflow Automation Design PatternsExplore concrete use cases for sales, IT, and finance departments, along with design patterns for notifications, approvals, and multi-step workflows using Quick Flows.BI Dashboard Visualization - Building a Data-Driven Decision Platform with Amazon QuickSightExplains how to build interactive BI dashboards with Amazon QuickSight and a serverless data analytics platform with Athena integration. Covers high-speed visualization with the SPICE engine and practical methods for sharing insights across the organization.Building Blockchain Networks - Leveraging Distributed Ledgers with Amazon Managed Blockchain and QLDBExplains how to build blockchain networks with Amazon Managed Blockchain and use Amazon QLDB as a verifiable ledger database. Covers practical use cases such as supply chain management and ensuring transparency in financial transactions.Customer Identity Unification - Resolving Scattered Customer Data with AWS Entity ResolutionLearn how to perform entity resolution (record matching) on customer data using AWS Entity Resolution. This article covers ML-based matching, rule-based matching, privacy protection, and integration with Clean Rooms.Leveraging Third-Party Data with AWS Data Exchange - Data Procurement and Subscription ManagementProcure third-party data products via Marketplace and build automated delivery pipelines to S3. This article also covers how to productize and monetize your own data.Building a Data Lake with Amazon S3 and Lake Formation - Design Patterns and GovernanceExplore data lake design patterns using S3 as the storage foundation and Lake Formation for fine-grained access control. This article also covers ETL pipelines and cost optimization.Data Lake Governance - Centralized Access Control with AWS Lake FormationLearn about building, access control, and governance for data lakes using AWS Lake Formation. This article covers fine-grained column-level and row-level permission management for S3-based data lakes, along with Glue and Athena integration.Leveraging the Data Marketplace - Efficient Third-Party Data Acquisition and Utilization with AWS Data ExchangeLearn how to acquire and utilize third-party data with AWS Data Exchange. This article covers building data pipelines with S3 integration and publishing data as a data provider.

Similar Articles and Services

Privacy-Enhanced Data Analytics - Secure Data Collaboration with AWS Clean RoomsLearn about privacy-enhanced data analytics with AWS Clean Rooms. Explore multi-organization data collaboration, access control through analysis rules, and differential privacy.AWS Clean RoomsA service that enables multiple organizations to perform joint analysis without exposing each other's raw data, balancing privacy protection with analyticsAWS Clean Rooms MLA service for building ML models within Clean Rooms while preserving privacyPrivacy-Preserving ML with AWS Clean Rooms ML - Build Models Without Sharing DataLearn how to build lookalike models with Clean Rooms ML, apply differential privacy, and leverage the results for ad targeting.