PETs are becoming more and more popular with European companies. No, we are not talking about furry animals though that’s the case as well. PET is a shorthand for ‘privacy enhancing technologies’. The term was first mentioned by the Information and Privacy Commissioner of Ontario and linked with privacy by design.
The EU institutions have adopted the term as well. It has gained prominence especially with the adoption of the General Data Protection Regulation. The integration of PETs into the GDPR should come to no surprise. They are an integral part of ensuring a sound data security policy.
The GDPR introduces privacy by design as one of its core tenets, and PETs are precisely what companies should employ in order to achieve it.
The definition of a PET is twofold. It may be used as an umbrella term to encompass all sorts of technologies that enhance privacy, like ad-blockers. It can also refer only to those technical measures used by companies to ensure legal compliance. In this article, we will focus on the latter. The use of PETs for personal use is covered in one of our other articles.
Encryption is the key step towards data safety. There is hardly a more effective PET to adopt thanks to its simplicity and (for now) airtight security. Encryption has been explicitly mentioned in the GDPR as the best data security practice.
Encryption is a handy tool since only those with the correct keys can view the encrypted files. The keys are small in size and easy to store. Data can also easily be destroyed simply by deleting the encryption keys.
Cheap and Effective
You should adopt encryption every step of the way, not only for data storage. Your websites could use SSL or TLS for registration and sign-up, for example. You can enact encryption policies in a proportional manner, by encrypting only more sensitive data.
This is usually not necessary since encryption is low-cost and usually very fast on modern CPUs without significant performance penalties. The most commonly used encryption method for bulk data is AES. Encrypted data does not take up more space than its non-encrypted counterparts. Make sure to compress it before encryption, though.
Data tagging is an effective way of marking sensitive data. Software you run should make use of these tags and process tagged data in a different manner.
Tagging can further be enhanced in sort of a ‘DRM’ for personal data. These models allow users to tag various permissions for their data. Your further processing operations can then automatically proceed based on those tags.
The possibility of employee mistakes is markedly reduced in those cases. You can also automatically tag data based on consent you receive. Implementing several ‘tiers’ of consent should then be possible, if required.
Identity verification has become commonplace in the online world. Plenty of services require us to verify our identity. This is useful in most cases. Our social accounts, e-mails and health records are better protected against unauthorised access. In banking, it can also prevent fraud and theft.
However, giving all these services access to our personal ID data is unwise. It transfers most of the risk onto the users of those services. A single breach is enough to potentially cause great financial and emotional costs. Such pervasive identification is often not necessary. Pseudonymous identification can be enough for certain online web-sites.
That’s why an ID repository is a good choice to implement. A trusted third party serves as an escrow that verifies the identity of the individual and redirects them to the desired website. These third parties (or you) can also set up anti-phishing mechanisms.
Single Point of Failure
Note that in the above case the recipient web site does not have the exact credentials of the individual; only the fact that their identity has been confirmed. This creates only a single point of failure, instead of potentially many. Companies are also safer since they do not have the individual’s personal ID in possession.
The governments in a few European countries have stepped in as trusted ID repositories. They have issued IDs with biometric data that can be then used for identification with special tokens.
Payment processors and single-sign-on systems are also among the most prominent examples of this practice. Large IT companies have started pushing for the Open Identity Exchange, which should speed up the adoption of secure digital identities.
Clear and legible user interfaces are a requirement under the GDPR. This comes into play when obtaining consent. You are required to present the privacy information in a clear and legible manner.
Ensure the users understand the implications and consequences of their decisions. They must understand their rights and ways to exercise them. This is a hard requirement and there is no way to tiptoe around it. Therefore, pay attention to the entire experience of the user interface. Are the fonts legible enough? Are the important parts well-accented? Is there a way for a user to misunderstand the message you are communicating?
These are all important points. Security begins at the point of collection of data. If the user is aware that the data they are providing is sensitive, they will act like it. Your transparency will bring about great security benefits. Remember, transparency is also a valuable PET.
The users’ consent will also make sense then. You will thus be able to rely on tagging without further input.
Any company with significant amounts of personal data will seek to systematise it. Databases will be the most likely and a logical choice. Yet, they can be a huge security liability if not managed correctly.
Random data perturbation can be used to introduce noise into statistical databases. It still makes them statistically correct, but individual data is impossible to recover. Such sanitised databases can be publicly disclosed without fear of accidental private data leaks.
In order to prevent leaks from employees, databases can be protected by limiting the depth of searches. A separate, limited set of queries can also be introduced. Some parts of a database can be made password-protected as well.
Such mechanisms employ cryptography as a way of ensuring only select queries are allowed. These provably prevent data harvesting, while allowing single, well-meaning queries to return a valid result.
Well-structured databases will plug plenty of potential leaks and reduce your risk of data breaches.
The PETs Are Already Here
When properly selected and applied, these tools might not even reduce the usability of data. Unfortunately, there were no real economic benefits to adopt PETs, but this could change soon. The GDPR introduces direct punishments for the violators that can go up to EUR 20 million. Companies should adopt such technologies to avoid paying huge fines. Users have become more privacy conscious and could seek out services that employ PETs.