Show/Hide Tags

Understanding Privacy-Enhancing Technologies (PETs)'s Tags

Tags related to this article

Understanding Privacy-Enhancing Technologies (PETs)

Published 14 November 2022

Privacy-Enhancing Technologies or PETs are technologies that minimise data usage and maximise data security to preserve an individual’s privacy. PETs can help organisations ensure data protection by design – this is an approach enshrined in Article 25(1) of the UK GDPR which sets out that organisations must consider privacy and data protection issues at the design phase of any system, service, product or process and throughout the lifecycle of the same.

PETs are continually developing and have the potential to help capture the true value of data, while ensuring the privacy of individuals is upheld. This session will cover a high-level overview of PETs, including how they fit within the wider data protection regime, and their relationship with anonymisation.

The Information Commissioner’s Office (ICO) classifies PETs into three categories:

Those that reduce or remove the identifiability of individuals, which aim to weaken or break the connection between an individual in the original personal data and the derived data – for example, synthetic data and differential privacy;
Those that hide or shield data, aiming to protect individuals’ privacy while not affecting the utility and accuracy of the data, for example via encryption techniques such as zero-knowledge proofs and homomorphic encryption; and
Those that split datasets or control access to certain parts of the data, e.g. by providing dedicated hardware to prevent the operating system or other application from accessing the personal data, such as trusted execution environments, secure multi-party computation and federated learning.

Out of the above examples, our session will take a closer look at synthetic data, zero-knowledge proofs and trusted execution environments, discussing the advantages and disadvantages of each, how they can be used and what organisations should be aware of when utilising PETs, including the measures of a PET’s maturity. We will also highlight some example use cases for PETs, particularly in the financial services and insurance industries.

Authors

Rebecca Morgan

Manchester

+44(0)161 934 3792

rebeccataylor@dacbeachcroft.com

Johanna Lipponen

London - Walbrook

+44(0)20 7894 6970

jlipponen@dacbeachcroft.com

Understanding Privacy-Enhancing Technologies (PETs)

Authors

Rebecca Morgan

Johanna Lipponen

ICO decisions demonstrate willingness to issue reprimands to organisations of all sizes

Securing Tomorrow: Why Latin America should top Global Cyber Insurers' Lists

FCA heralds growth in cyber but raises concerns

ICO and NCSC Memorandum of Understanding: the practical implications for corporate victims of cyber-attacks

First GDPR Appeal to reach Upper Tribunal dismissed: Civil standard of proof applies to ICO monetary penalty notices

Cyber Criminals Continue Phishing for Trouble

Cyber cover for professional advisers and the collateral damage writeback

AI investigations and claims gather pace in the United States

Amazon: One of the first tests of NYC's Biometric Statute voluntarily dismissed

Brazil: Sensitive personal data and the application of the LGPD

The Austrian Post decision on non-material damage – a decision of clarity or ambiguity?

End of the road for data privacy representative actions? Prismall v Google and DeepMind [2023]

Connected products: Publication of draft PSTI regulations raise questions around future European standards

Merck prevails on war clause appeal

AI Friends or Foes? The Privacy Risks for Children with Open AI, ChatGPT and Replika

Data breach claims and fixed recoverable costs reforms

War exclusions in cyber policies: an overview

Cybercriminals vs law enforcement. Who is winning?

The UK’s Online Safety Bill: What’s next?

Look smart: Preventing cyber security risks in a clean energy future