Privacy-enhancing technologies

Privacy enhancing technologies (PET) is a general term for a set of computer tools, applications and mechanisms which - when integrated in online services or applications, or when used in conjunction with such services or applications - allow online users to protect the privacy of their personally identifiable information (PII) provided to and handled by such services or applications.

Privacy enhancing technologies can also be defined as:

Privacy-Enhancing Technologies is a system of ICT measures protecting informational privacy by eliminating or minimising personal data thereby preventing unnecessary or unwanted processing of personal data, without the loss of the functionality of the information system.
(van Blarkom, Borking & Olk 2003)

Goals of PETs

PETs aim at allowing users to take one or more of the following actions related to their personal data sent to, and used by, online service providers, merchants or other users:

Existing PETs

Examples of existing privacy enhancing technologies are:

Future PETs

Examples of privacy enhancing technologies that are being researched or developed are:[3]

With this data, the car rental agency is in possession of all the data it needs to rent the car, it can thus, as an example, provide the unlocking code to the customer with which he/she can unlock the closet where the car key is kept.
Similar scenarios are buying wine at an Internet wine store or renting a movie at an online movie rental store.

The business case for PETs

Companies will usually only invest in technologies enhancing the privacy of their customers if they see a financial benefit, i.e. if they anticipate a positive business case. (The other main reason being to comply with legal requirements (which could be considered as coming down to a 'financial benefit' as well; the benefit of avoiding a fine for non-compliance with the law.)) The anticipated financial benefit is the anticipated increase of income due to privacy enhancing technologies, minus the anticipated increased cost of implementing and running privacy enhanced technologies in their infrastructure. This anticipated comparison is usually done over a couple of years, whereby the income and cost of every year is cumulated.

In other words, if the anticipated additional income cumulated over a couple of years is larger than the anticipated additional cost cumulated over the same number of years, then there is a positive business case and it makes sense for the company to consider implementing and deploying the privacy enhanced technologies in question.

Note that the business case outlined here is a 'differential business case', assuming that privacy functions are added to an existing service and taking into account the additional benefits and costs caused by this added functionality.

For example, it would be wrong to account all operational costs, including those that were there before the privacy enhancing functions were added. Instead, only the additional costs incurring when operating the infrastructure with implemented privacy enhancements must be counted in. If, however, the service in consideration is a pure privacy enhancing service, i.e. if the privacy enhancement is not part of or added to the service but instead is the only component of the service, then the business cost and benefit factors below become absolute (delete "additional" and "increased" in all benefits and cost components).

Cost components

The anticipated additional cost components for an online service due to enhancing it with privacy protecting technologies are:

Benefit components

The anticipated additional income for an online service due to enhancing it with privacy protecting technologies divide up into the following components:

See also

References

Notes

External links

PETs in general:

Anonymous credentials:

Privacy policy negotiation:

This article is issued from Wikipedia - version of the Sunday, February 14, 2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.