[syats]

I'll tell you about International Data Spaces Assocation, just for the sake of completeness, and because others have mentioned some sort of certification of apps, etc. Finding a general solution to the problem posed by OP is quite difficult, as it requires a lot of extra infrastructure, technical and non-technical.

One idea would be:

1. distribute to the data owners a base system (something that can "run" stuff on their premises). People here have mentioned browsers, but for a more intensive processing this might not be enough.. so think of a docker daemon, keys for some docker registries, etc.

2. have a trusted "app store" (e.g. a docker registry where images are built in a reproducible manner from code which is inspected and certified, and then are cryptographically signed)

3. make a well described interface to the apps to consume the data (thinking of the general use case here.. if you just want to analyze fb info then you can make an adhoc parser...)

4. Have the data owner download, check the signature of, configure and run the app on their premises.

Things get even more interesting when the analytics need data from different non-trusting partners, so that Homeomorphic Encryption becomes necessary.

There is at least one specification that aims at supporting all of this: https://www.internationaldataspaces.org/wp-content/uploads/2... although implementation is, so far, lagging behind.