Achieving “Computable but Not Identifiable”: Balancing Personal Data Protection and Industry Development with Trusted Computing

After the enactment of China’s Personal Information Protection Law, enterprises must adopt technical measures to meet legal privacy requirements. The 2021 7th China Internet Law Conference highlighted this issue, and Ant Group’s Vice President Wei Tao introduced the novel concept of “computable but not identifiable” as a key balance between personal privacy and data‑driven industry growth.

The law builds a new “authorization wall” with 27 consent mechanisms, strengthening privacy guarantees but also posing technical challenges for data‑element usage, especially in artificial‑intelligence scenarios where unbiased training data are essential.

According to the law, anonymized information is excluded from the definition of personal data; therefore, achieving a balance requires that data remain unidentifiable while still being usable for computation. This “computable but not identifiable” principle differs from other notions such as “usable but not visible” or “raw data not leaving the domain,” focusing specifically on protecting personal information when data are processed without explicit authorization.

Practical applications include machine‑learning model training, rule‑based data processing, and large‑scale analytics, all of which must ensure that individual identities cannot be re‑identified. Historical failures of anonymization—such as the AOL search‑record de‑identification case and the Netflix prize dataset re‑identification—illustrate the limits of absolute anonymity in open, high‑dimensional data spaces.

Industry consensus now favors “relative anonymization,” which relies on a secure, controlled environment that enforces strict access control, auditability, and traceability. Techniques such as differential privacy, data generalization, and full‑chain encryption are essential, as is the use of trusted‑computing technologies (TPM/TCM) that provide hardware‑rooted attestation, isolation, and remote verification.

Trusted computing, originally promoted by the Trusted Computing Group, offers a foundational layer for privacy‑preserving computation. It enables secure boot, hardware‑based measurement, and remote attestation, supporting both centralized and distributed deployments while ensuring that data processing and output remain compliant with privacy regulations.

In conclusion, the authors argue that trusted‑computing technologies can create the secure, controllable environments needed to implement the “computable but not identifiable” model, thereby allowing the industry to advance data‑driven applications without compromising personal privacy.