Privacy-Enhancing Technologies—approaches and development Vanja Senic ˇar, Borka Jerman-Blaz ˇic ˇ * , Tomaz ˇ Klobuc ˇar Laboratory for Open Systems and Networks, Jozef Stefan Institute, Jamova 39, 1000 Ljubljana, Slovenia Received 25 May 2002; received in revised form 20 December 2002; accepted 8 January 2003 Abstract In this paper, we discuss privacy threats on the Internet and possible solutions to this problem. Examples of privacy threats in the communication networks are identity disclosure, linking data traffic with identity, location disclosure in connection with data content transfer, user profile disclosure or data disclosure itself. Identifying the threats and the technology that may be used for protection can provide satisfactory protection of privacy over general networks that are building today the information infrastructure. In general, these technologies are known as Privacy-Enhancing Technologies (PETs). This article analyses some of the key Privacy-Enhancing Technologies and provides view in the on-going projects developing these technologies. D 2003 Elsevier Science B.V. All rights reserved. Keywords: Privacy; Data protection; Privacy-enhancing technologies 1. Introduction In today’s society, computers have penetrated almost in all parts of our lives. Nearly every daily routine is carried out either through or with the help of the computers. Everywhere we use information services, we leave traces making it possible for anybody interested enough to collect, organise and analyse our personal data. The nature of on-line business and e-commerce led over the Web, where personal information is transferred in digital form, has led to situation privacy to be threatened every day. The lack of privacy on the Web makes us susceptible to a number of abuses, which are now starting to be better understood and well publicised. There are many good reasons to be concerned about privacy on the Web and on the communication networks. Possibilities range from distaste for tar- geted, junk e-mail to the desire for search of certain topics in private. For example, we may have a health condition that we do not wish to share with others, and there may be a wealth of information available on the Web left after a search of data related to particular health condition. In this article, we take a look at several ap- proaches, all with technological background and supported by legislation, that are aimed towards creation of safe services regarding privacy protec- tion. The review is based on the on-going work in the field of privacy-enhancing technology develop- ment. The focus of the article is oriented towards last developments and implementation of technical tools and methods being developed, as we are aware, that 0920-5489/03/$ - see front matter D 2003 Elsevier Science B.V. All rights reserved. doi:10.1016/S0920-5489(03)00003-5 * Corresponding author. Tel.: +386-1-4773-408; fax: +386-1- 423-2118. E-mail addresses: vanja@e5.ijs.si (V. Senic ˇar), borka@e5.ijs.si (B. Jerman-Blaz ˇic ˇ), tomaz@e5.ijs.si (T. Klobuc ˇar). www.elsevier.com/locate/csi Computer Standards & Interfaces 25 (2003) 147 – 158