Why PETs are so important

Privacy Enhancing Technology (PET) helps us to preserve the underlying system functionality while preventing privacy violations. In short, PET provides technical solutions for achieving data privacy goals.

How can data privacy be violated?

You’re asked to share personal information or data about yourself every day—whether on the web to access a news article or at a county fair to be entered into a prize raffle. Your privacy can be violated when your personal data is collected, processed or passed around in a harmful way. It can also be violated when your personal data is used to discriminate against you or used against you in any negative way.

 A privacy violation can occur in more than one area:

 ·       Data collection: A violation can occur when a person or organization asks you for more personal data than is needed. 

·       Data processing: A violation can occur when your data is used for a purpose for which it wasn’t originally intended (secondary use of data), e.g. when the US government used census data, originally collected to balance Congressional districts, to intern Japanese-Americans during WWII. 

·       Data dissemination: A violation can occur when a person’s sexual preference is unintentionally revealed because an application’s settings were misleading or confusing.

 A closer look at privacy

Why is a technology solution imperative? Because many people have been living in an illusion. We’ve been taught to think, “Oh, just remove my name and unique identifiers—like my Social Security, passport and Driver’s License numbers—and voila, my data has been de-identified!” Think again. These types of personal data elements are called direct identifiers, they immediately and easily point back to a particular individual.

However, back in 2002, a researcher named Latanya A. Sweeney determined, based on the 1990 US Census summary data, that 87% of the population could be uniquely identified based on just three indirect identifiers: zip code, date of birth, and gender!

These indirect identifiers help fit random pieces of personal data back together so that individuals can be identified. Furthermore, in certain populations, some people are much easier to identify because there are fewer such individuals within a given population with these indirect identifiers. Consider, for example, ethnic people in a predominantly white population or women in a predominantly male-dominated technical field. We’ve all taken “anonymous” employee surveys knowing that our answers were not really ‘anonymous’.

As more personal data is collected, it becomes extremely essential for company leaders to employ technology to help protect the public’s personal data.  Big companies have the money, power, and resources to make this happen plus with new regulations they are being held accountable for doing it.

 What can you do?

Discover ways to ensure personal data stays private. Use Privacy Design Strategies which are general technical approaches that ask good questions around data collection, processing, and dissemination. Privacy Design Strategies can be grouped into two categories:

1.     Data-oriented Strategies are more technical in nature and are used to manipulate data to protect privacy.

2.     Process-oriented Strategies use a traditional notice, consent and audit process to ensure privacy.

 Data-oriented strategies

Let’s explore data-oriented strategies because they give organizations more power to control data privacy solutions. Some excellent strategies are:

1.  Minimize the data collected. Don’t collect more data than you need: Be very selective about the data that you do collect. Destroy data when it is no longer needed or strip out what you don’t need and only store what is required.

2. Separate the data. Either distribute the personal data across different systems or processes so that no single system has a complete picture of a person, or isolate the personal data and ensure that it is protected.

3. Hide the data. Prevent unauthorized access to personal data by restricting it. Obscure it with hashing and encryption or completely remove the correlation between data subjects and their personal data with dissociation. 

4. Abstract the data. Consider carefully: How will you use the data? Determine how precise or accurate the data needs to be based on that usage. Group the data in a pivot table or sum up the data by making the record less specific, i.e. use age ranges instead of date of birth, or salary bands instead of precise earnings. Add noise to the data or approximate the real values of the data elements before processing or storing it. 

Reduce risk, advocate for change and prioritize protection

Companies are responsible for the personal data they collect. Proactive organizational leaders must ensure that they reduce personal data risk for their customers as well as their employees.

 We all need to continue to learn new approaches to protecting personal data and train those in our circle of influence to think beyond, ‘we’ve always done it this way.’ Only then will we arrive at a place where personal data protection is the priority.

Want to learn more? The Future of Privacy Forum (FPF) put together 10 privacy risks and 10 PETs to watch in 2020. Check out the article here.