1 minute read
What are privacy-enhancing technologies (PETs)?
How can PETs help with data protection compliance?
At a glance
Advertisement
• PETs can help you demonstrate a ‘data protection by design and by default’ approach to your processing. • PETs can help you to comply with the data minimisation principle by ensuring you only process the data you need for your purposes, and provide an appropriate level of security for your processing. • You can use PETs to give access to datasets which would otherwise be too sensitive to share, while ensuring individuals’ data is protected. • However, you should not regard PETs as a “silver bullet” for data protection compliance. Your processing still needs to be lawful, fair and transparent. • You should perform a case-by-case assessment (eg, through a data protection impact assessment (DPIA)) to determine if PETs are appropriate for your aims.
In detail
• What are privacy-enhancing technologies (PETs)? • How do PETs relate to data protection law? • What are the benefits of PETs? • What are the risks of using PETs? • What are the different types of PETs? • Are PETs anonymisation techniques? • When should we consider using PETs? • How should we decide whether or not to use PETs? • How do we determine the maturity of a PET?
What are privacy-enhancing technologies (PETs)?
PETs are technologies that embody fundamental data protection principles by minimising personal data use, maximising data security, and/or empowering individuals. Data protection law does not define PETs. The concept covers many different technologies and techniques. The European Union Agency for Cybersecurity (ENISA) refers to PETs as:
