Securely fusing multi-source sensitive citizen data (e.g., healthcare, social welfare, financial) across public-sector entities under a hybrid threat model—semi-honest data providers and malicious independent collectors—while enabling privacy-preserving data mining applications (e.g., fraud detection, policy formulation, public health analytics). Method: We propose the first enhanced Delegated Private Set Intersection (D-PSI) protocol supporting composable output functions. Built on standard cryptographic assumptions, it enables encrypted payload transmission and pseudonymous identifier generation, balancing strong security guarantees with practical deployability. Contribution/Results: Our work is the first to unify composability, functional extensibility, and government-grade operational requirements within a D-PSI framework. The protocol achieves provable security in the semi-honest/malicious hybrid model and has been validated in real-world cross-departmental deployments. It provides both theoretical foundations and engineering infrastructure for privacy-preserving, inter-agency data analytics in the public sector.

Sensitive citizen data, such as social, medical, and fiscal data, is heavily fragmented across public bodies and the private domain. Mining the combined data sets allows for new insights that otherwise remain hidden. Examples are improved healthcare, fraud detection, and evidence-based policy making. (Multi-party) delegated private set intersection (D-PSI) is a privacy-enhancing technology to link data across multiple data providers using a data collector. However, before it can be deployed in these use cases, it needs to be enhanced with additional functions, e.g., securely delivering payload only for elements in the intersection. Although there has been recent progress in the communication and computation requirements of D-PSI, these practical obstacles have not yet been addressed. This paper is the result of a collaboration with a governmental organization responsible for collecting, linking, and pseudonymizing data. Based on their requirements, we design a new D-PSI protocol with composable output functions, including encrypted payload and pseudonymized identifiers. We show that our protocol is secure in the standard model against colluding semi-honest data providers and against a non-colluding, possibly malicious independent party, the data collector. It, hence, allows to privately link and collect data from multiple data providers suitable for deployment in these use cases in the public sector.