How privacy-enhancing technologies are transforming privacy by design and default: Perspectives for today and tomorrow

This paper explains how privacy-enhancing technologies (PETs) fit into the overall European Union privacy legal framework, providing numerous examples of different types of PETs and their applicability. Given the close interaction between technology and legal aspects, this paper seeks to provide a broad legal and technological perspective for understanding how businesses can leverage PETs. The paper begins with a refresher of the legal framework of privacy by design and by default, with special attention provided to the sanctioning regime. The authors then provide a review of how PETs fit into privacy by design and by default, with a sampling of the more interesting tools that allow organisations to address issues, such as data subject consent and control over personal data, not to mention transparency and data minimisation. The paper concludes with a word of prudence, noting some of the pitfalls to avoid.