Title
Understanding the Role of Privacy-Enhancing Technologies in the Process of Data Privacy Compliance
Abstract
The importance of data privacy continues to increase at a rapid pace, particularly at a time where data processing has reached an unprecedented level. In response to concerns regarding the prevalence of such data processing, a sharp rise in data privacy regulations can be observed, spearheaded by the seminal example of the General Data Protection Regulation (GDPR).
At the forefront of such sweeping regulations comes the mandate to implement “appropriate” technical measures to ensure privacy compliant technical systems, especially those in which (sensitive) data is handled. In parallel, the development of so-called Privacy-Enhancing Technologies (PETs) has become of particular interest to the academic sphere. These technologies, while promising, still without a doubt exist in an adolescent stage, where ongoing research continues to search for applicable use cases.
The core unifying characteristic of PETs essentially concerns protecting the privacy of the individual, or rather the individual’s data. In reality, though, many of what are considered to fall under the umbrella of PETs are rather complex to understand; furthermore, they are not readily available to implement in practice.
As such, it becomes the question of how exactly Privacy-Enhancing Technologies fit into the landscape of data privacy compliance. Particularly, how can one reconcile the call for technical measures with the intended goals of PETs? Finding this alignment, and to what degree such an understanding indeed exists, is the core aim of this thesis.
In order to accomplish this goal, three research questions are defined:
What is the definition of PETs?
What are the core requirements set forward by modern privacy regulations in regards to technical measures for compliance?
How can PETs be reconciled with current regulations?
With these questions in mind, this thesis will first require the pursuit of grounded knowledge in modern privacy regulations, as well as currently available PETs. Obtaining this information will be supplemented by consultations from legal experts working at the intersection of law and technology. This knowledge will then be synthesized to formulate an operative definition of PETs, which must then be mapped to the core requirements of prevailing regulations. Producing such a mapping will be the primary artefact and output of the thesis.
Application
If you are interested in pursuing this topic for a Master Thesis, please send your CV and Transcript of Records to alexandra.klymenko@tum.de and stephen.meisenbacher@tum.de.
There are no subpages or files.