Quiz Entry - updated: 2026.07.05
Privacy by Design is a legal obligation. But what technologies actually make it work at a technical level?
Privacy by Design rests on three technical pillars: anonymity technologies, privacy-preserving computations, and privacy policy enforcement.
* Tor onion routing, an anonymity PET. — Tga.D, CC BY-SA 4.0, via Wikimedia Commons. *
Anonymity technologies:
- TOR for anonymous browsing through onion routing.
- Zero-knowledge proofs, where you prove something is true without revealing the underlying data. For example, proving you're over 18 without revealing your birth date.
- k-anonymity, ensuring each record in a dataset is indistinguishable from at least k minus 1 other records.
- l-diversity, extending k-anonymity by requiring that sensitive attributes have diverse values within each group, preventing inference attacks.
Privacy-preserving computations:
- Searching over encrypted data without decrypting it first.
- Homomorphic encryption, performing calculations on encrypted data and getting encrypted results. The server never sees the plaintext.
- Secure multi-party computation, where multiple parties jointly compute a result without any party revealing their individual input.
Privacy policy enforcement:
- Private Information Retrieval, querying a database without the server knowing what you asked for.
- Differential privacy, adding mathematical noise to protect individuals in aggregate datasets.
- Policy-based access control systems that automatically enforce data handling rules.
Go deeper:
k-anonymity (Wikipedia) — the indistinguishable-records model, with l-diversity context.
Homomorphic encryption (Wikipedia) — computing on ciphertext without decrypting.
ENISA — Data Protection Engineering — practical guidance mapping PETs to principles.