PETs: Beyond privacy-enhancing

Privacy-enhancing technologies are regularly used — unsurprisingly — in products and services where some form of privacy-preserving or privacy-enhancing ability is needed. For organizations, the integration of PETs is commonly thought about in the context of risk and compliance. For example, trusted execution environments, a type of PET, are used by banking and finance companies for transaction verification and digital signing. This helps reduce the likelihood of fraud, data breaches and other attempts by malicious actors to compromise their systems. 

In this way, the use of TEEs can be seen as a risk reduction measure. Indeed, American Express' 2024 10-K filing includes "transaction processing [and] authentication technologies and digital identification" as technologies in which they need to continue to invest in, lest their "revenue and profitability" becomes "materially adversely affected."

However, PETs are not just a compliance and risk-mitigation measure. In short, they do more than enhance privacy. Increasingly, their use provides actual utility to organizations when it comes to data-driven innovation. This is particularly notable given organizational, economic and policy focus on AI: 54% of respondents identified the potential adverse outcomes of AI technologies as one of their top digital risks in the IAPP's Navigate: Digital Risk Index 2025 report. 

Organizations are having to contend with the fact that data-gathering and sharing provides innovative value yet also causes risk and compliance conundrums. Refusing to participate in the ever-growing data economy likely means being left behind, so organizations are increasingly turning to PETs for assistance. The IAPP will examine specific use cases for PETs in the future. Below is an overview of these technologies that covers their progressively larger role as innovation enablers.

Case studies