What are PETs?
Privacy-Enhancing Technologies (PETs) are methods to protect the privacy of individuals while still allowing their data to be used for analytic and other purposes. Though many security technologies (encryption for example) also protect privacy, the term refers to technologies specifically designed to allow individuals to control the transmission and use of their private information. They’ve been discussed as a concept since the late 1990s (when the EU Data Protection Directive came into effect), but the GDPR’s mandate to use “technical and organizational measures” to protect personal data brought them to the forefront when it took effect in 2018.
This is embodied in the concept of “Privacy by Design,” called “Data Protection by Design” in the GDPR, which requires that privacy safeguards be embedded in an organization’s systems, infrastructure, and business operations. Post-GDPR privacy laws, which tend to be at least partially modeled on the GDPR, often include language about safeguards – including California’s newly-passed CPRA. PETs aren’t explicitly called out as such in any of these regulations, but they can help you meet the requirements.
It’s also worth mentioning that a core Privacy by Design principle behind the development of PETs is “Positive Sum,” meaning that the ideal is an environment in which the individual’s privacy is protected, but in such a way that no party loses value from the transaction. PETs that permit legitimate analytic/marketing use of data while still protecting individual privacy embody this value and can provide positive benefits to your business.
Why are PETs important?
First off, if you handle identifiable information about individuals and are subject to the GDPR (or will be subject to the CPRA, or several other regulations) you are required to use appropriate safeguards to protect personal information. You will want to know about and evaluate, the available types of PET to see whether you should use some of them as safeguards in your environment from a compliance perspective. If you don’t have appropriate safeguards in place and something goes wrong, you may be fined or face other regulatory consequences.
Second, on a practical level, you want to avoid breaches of personal information and the damage they can do to your business, and PETs can be an effective part of your arsenal for data protection. Loss of unprotected data can lead to not only regulatory action, but also civil suits, loss of business, brand damage from adverse publicity, and a host of other expensive consequences. Appropriately protected data, if it accidentally gets out, may not even count as a breach of personal information.
Finally, there’s a big upside to implementing the right PETs: they allow you to do things with your data while still protecting the identities of the people the data is about, which gives you more freedom to use that data in ways that help your business. For example, the GDPR allows more use of pseudonymous data than data that is fully identifiable. And it doesn’t regulate the use of anonymous data – a higher standard – at all. Need to give your data to third parties to run analytics? Much easier to do if it’s no longer individually identifiable.
Some commenters divide PET’s into “Hard” and “Soft,” where Soft PETs require the trust of the organization holding the data, and Hard PETs do not. A number of the PETs which are discussed on the Internet are not widely available yet, and some are completely theoretical at this point. Below are some which are in use and available today and may help your organization in meeting its privacy needs. (This is not a comprehensive list, as this is a rapidly-evolving area.)
Examples of PETs that are in use today.
- Communication Anonymizers are proxy servers that act as an intermediary between a user and the internet, hiding the actual identifying information about the user and their computer. Some work with specific communications protocols, while others operate more broadly; you can even chain multiple anonymizers for additional protection.
- Differential Privacy is a method of responding to queries against a database in such a way that, even with multiple queries, the person viewing information from the database will not be able to determine whether a given individual is included in the database or not. In its simplest form, this is accomplished by adding random noise to the data.
- Differential privacy is most effective in larger databases because any one individual is less significant.
- Format-Preserving Encryption (FPE) replaces a string with an encrypted version of itself while maintaining length and format. This allows the encryption of identifiers without having to recode the software handling the data.
- Homomorphic Encryption encrypts numerical data so that it is possible to perform calculations on encrypted data, and obtain accurate answers, with the data remaining encrypted throughout the process. This allows analytics to be performed using individual-level data but without exposing the actual unencrypted values.
- Pseudonymization is the replacement of personal identifiers in a data set with synthetically generated values that, on their own, cannot be used to identify the person. This provides a certain amount of protection, and allows increased use of the data, though pseudonymized data remains personal data under the GDPR, for example. The main weakness of pseudonymization is the risk that the remaining fields, by themselves or in combination with other available data, could still be used to identify the individual.
- Secure Multi-Party Computing is a methodology that shares a data set in encrypted form among multiple parties for computation, ensuring that no party has enough of the data to identify individuals within it.
- Synthetic Data Sets are completely fake data sets, which include no actual data about individuals, but mimic the characteristics of the population they are based on well enough to be analytically valid. They can thus be used for population-based analytics without posing a risk to individual privacy.
- Zero-Knowledge Proof is a cryptographic methodology that allows one party to prove to another party that they know a specific item of information without having to reveal that information or reveal any information other than the fact that they know it.
Whether companies are seeking to gain competitive advantages, or they are simply looking to minimize the risk of a costly regulation fine; many around the world are choosing to deploy a variety of PETs to enable more privacy-optimized operations. The long list of PETs we cover will continue to expand as we highlight the technologies that offer the most protection along with the most flexibility to market, advertise, and operate with higher degrees of private data security.
As a foundational PET designed to control integrated 3rd-party applications, Lokker will help you stay on top of the latest advances in the PET sector so that you can stay up to date with the most innovative products in the industry and meet all of your company’s privacy goals.