In today’s world of digital services, social networking and Internet of Things we are experiencing an unpreceded large scale collection and further processing of personal data. This new data-driven society introduces some serious privacy concerns, including the extended possibilities of electronic surveillance, profiling, and disclosure of private information.
The General Data Protection Regulation (GDPR), which will soon come into force, aims at addressing these risks by reinforcing individuals’ rights in the digital era and enabling them to better control their personal data online. At the same time modernised and unified rules will allow businesses to make the most of the opportunities of the Digital Single Market (DSM) also benefiting from increased consumer trust.
Still, regulation alone cannot guarantee protection in the evolving big data processing landscape, if it is not properly implemented, monitored and enforced. This is where technology can play a crucial role by offering practical privacy protection tools and support the application of legal provisions.
ENISA is working exactly on this line of technology for privacy in the online and mobile world.
To this end, we focus especially on the concept of Privacy by design as fundamental principle of embedding data protection safeguards at the heart of new electronic products and services. In this context, we also study Privacy enhancing technologies (PETs) that can support privacy integration in systems and services.
Moreover, we analyse and propose Security measures for the protection of personal data, following a risk based approach. Particular emphasis has been given to Cryptographic protocols and tools and their possible implementation in real life applications.
Personal data breaches is another area of focus, addressing especially breach reporting and management methods and tools.
Last, we study possible mechanisms for Online and mobile data protection, including transparency and control tools, accountability mechanisms, data erasure and portability techniques, online seals, as well as reputation systems.