> For the complete documentation index, see [llms.txt](https://docs.fishnet.tech/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.fishnet.tech/technical-overview/data-privacy.md).

# Data Privacy

Fishnet deals directly with the needs of owners of time series data ("Signals"). This allows the protocol to use specific privacy techniques related to this type of data.

## Compute-over-Data (CoD)

Fishnet uses a Compute-over-Data (CoD) approach to enable data owners to retain control of their data while **allowing specific computations** to be performed on it.

[Executor VMs](/technical-overview/nodes.md#executors) perform computation on data where it is stored, rather than moving the data to a separate computing platform for processing. This approach reduces the amount of data movement required, **improves the efficiency and speed** of data processing, and **increases data security**.

Fishnet uses a distributed architecture, where **Executors** are linked to a [Fishnet API](/technical-overview/nodes.md#fishnet-api) (or a Consensus Set thereof) and they **receive slices of data that are included in their assigned time window**. This is part of the *undersaturated distributed storage* scheme to protect the IP of data owners. By processing data where it is stored, Fishnet aims to provide a more efficient, secure, and cost-effective way of computing over sensitive data.

## Horizontal vs Vertical Privacy

**Horizontal privacy** focuses on protecting the **privacy of individual records or rows** in a database, typically in cases where each row represents a distinct individual or entity, such as patients in a healthcare database. This type of privacy protection would involve ensuring that sensitive personal information related to each individual or entity is kept secure and confidential, and cannot be accessed or used without the appropriate permissions.

**Vertical privacy**, on the other hand, focuses on protecting the **privacy of a specific data provider or signal** within a database. This is often the case with **time series data**, where the data provider has collected a continuous signal over a period of time and wishes to **protect the intellectual property and commercial value** of that signal. This type of privacy protection would involve measures to ensure that the signal data is kept confidential and **cannot be accessed or used without permission**, as well as regulations or agreements around how the data can be used and shared in order to protect the provider's interests.

<figure><img src="/files/A3bFDhizA5mTY5CJdHHC" alt=""><figcaption><p>Horizontal and Vertial Privacy visualized.</p></figcaption></figure>

### Why is this important?

As Fishnet is hosted on a decentralized network, *we need to be wary of malicious actors partaking in the hosting of nodes on the network*.

Slicing your precious timeseries dataset and storing it in shards across nodes protects it from being present, in full, to any node hoster. The more nodes the network has, the more slices there are and the harder it is to retrieve major parts of the dataset.

<figure><img src="/files/l4ntQTKvGy4MbgRi3imo" alt=""><figcaption><p>The above image shows black slices of a time series dataset as the slices which are currently assigned to a node. Grey ones were slices assigned to a node in the past. Early experiments in distributing time series in contiguous slices show that naive distribution schemes suffer from "privacy drift". Once exposed data must be assumed to be retained by the receiver.</p></figcaption></figure>

## Trusted Execution Environments (TEEs)

Another aspect of protecting your intellectual property is making it even harder for unauthorized entities to access it. One such solution is to use **extensive encryption of stored data**, not only in the cloud and on the hard drive, but **also in memory**.

**AMD SEV (Secure Encrypted Virtualization)** is a hardware-based security feature that provides an additional layer of protection for virtual machines running on AMD EPYC processors. It allows the **encryption of the memory contents of a virtual machine**, which helps to protect the virtual machine's data even if the host system or hypervisor is compromised.

Aleph.im's Confidential VMs are based on AMD SEV as employed on Zen 4 processors and **will be released in the course of Q2-Q3**, after which it will become a staple for all VMs running parts of the Fishnet Protocol.


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.fishnet.tech/technical-overview/data-privacy.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.