The world today highly depends on technologies and internet. This leads to the increase in the risk of data breaches and also consumers concerns on data privacy. In order to maintain security and data privacy, organisations are forced to seek for solution where the responsibility fell on Privacy Enhancing Technologies (PETs). PETs refers to software and hardware solutions (technologies) as well as methods or knowledge to protect against risks of privacy. This post explains the types of Privacy Enhancing Technologies and their examples that contribute to privacy and data protection.
The types of PETs can be divided into three categories (Kaitlin Asrow & Spiro Samonas, 2021);
(a) Altering data
In this category, PETs act as tools that alter data itself where data is disrupted or broken its connection from the associated individuals. The examples include pseudonymisation and differential privacy.
- Pseudonymisation refers to de-identification and data management method. It applies replacement to identifier that contains specific information of individuals with a non-sensitive equivalent or artificial identifiers.
- Differential privacy is a method where additional and enough random data are added to the real data to create noise as a means to hide the real information.
(b) Shielding data
PETs that belong in this category focuses on hiding data instead of alteration. Encryption and Homomorphic encryption are among the examples of this shielding data PETs.
- Encryption is a technique that converts data to an unintelligible form known as ciphertext in order to secure data at-rest or in-transit. This technique only allow access to authorised user using a key conversion.
- Homomorphic encryption is a more advance technique than the traditional encryption as it is able to shield data in-use. It also involves the use of key; usually asymmetric to decrypt the data where the data remains shielded during processing.
(c) Systems plus architecture
Certain PETs are systems and data architecture designed for computation and storage or provides management layers that functions to track and audit the flow and purpose of information. For instance, data dispersion and management interfaces.
- Data dispersion uses software to breakdown data into smaller pieces and then maintained across a distributed storage infrastructure which normally spans multiple geographic locations. This technique makes it difficult for hackers to manipulate data as it is not completely accessed.
- Management interfaces are software systems within databases and the employees or entities that access those databases. The software systems have various functions that helps maintains privacy and confidentiality such as creating manual and automated access controls for databases and performing security checks.
The impact of data breaches is destructive. Without proper plan in mitigating the risk and defends against the attack, organisations or individuals may experience financial loss, loss of sensitive data and even reputational damage. With various types of PETs that keep evolving with the advancement of technology, organisations may be able to set up better data protection plan for themselves as well as their consumers.
E-SPIN Group in the enterprise ICT solutions supply, consulting, project management, training and maintenance for multinational corporations and government agencies across the region E-SPIN do business. Feel free to contact E-SPIN for your enterprise digital transformation initiative, project requirement and inquiry.