Cookies on Pinsent Masons website

This website uses cookies to allow us to see how the site is used. The cookies cannot identify you. If you continue to use this site we will assume that you are happy with this

If you want to use the sites without cookies or would like to know more, you can do that here.

Guidance on privacy tools from Britain's privacy chief

The Information Commissioner’s Office (ICO) has issued brief guidance to bring to a wider audience the use of privacy enhancing technologies, or PETs, to help protect people’s personal information.28 Apr 2006

PETs have traditionally been considered to be software and other systems which allow individuals to withhold their true identity when using electronic systems, such as anonymous web browsers, specialist email services, and digital cash.

However, the ICO considers them to include any technology which exists to protect or enhance an individual’s privacy. So a system that allowed a doctor to see all the details of a medical record but only allowed the receptionist to see the contact and administrative information would be using a privacy enhancing approach.

Deputy Information Commissioner David Smith believes the technologies can be "a winning strategy" for the businesses which install them. "They help reduce the risks of privacy breaches and the significant costs associated with them at the same time as building trust among customers and clients," he said.

The ICO’s note provides some examples of the use of PETs, including:

  • Encrypted biometric access systems that allow the use of a fingerprint to authenticate an individual’s identity without retaining the actual fingerprint;
  • Secure online access for individuals to their own personal data to check its accuracy and make amendments;
  • Software that allows browsers to automatically detect the privacy policy of websites and compares it to the preferences expressed by the user and alerting the user to any clashes, known as P3P; and
  • ‘Sticky’ electronic privacy policies that are attached to the information itself preventing it being used in any way that is not compatible with that policy.

The guidance does not go into any detail on these PETs.