The technology disclosed herein enables a computing device to use a trusted execution environment in an untrusted device to distribute protected content to a set of one or more computing devices. An example method may include: transmitting, by a processor of a data distribution device, attestation data to a first computing device; establishing a trusted execution environment in the data distribution device, wherein the trusted execution environment comprises an encrypted storage area; loading data of the first computing device into the trusted execution environment in the data distribution device, wherein the data comprises protected content and comprises executable code to control access to the protected content; receiving, by the data distribution device, data of a second computing device; and causing the executable code to execute in the trusted execution environment to analyze the data of the second computing device and to provide the second computing device access to protected content.