Hard privacy technologies are methods of protecting data. Hard privacy technologies and soft privacy technologies both fall under the category of privacy enchancing technologies. Hard privacy technologies allow online users to protect their privacy through different services and applications without the trust of the third-parties.[1] The data protection goal is data minimization and reduction of the trust in third-parties and the freedom (and techniques) to conceal information or to communicate.
Applications of hard privacy technologies include onion routing, VPNs and the secret ballot[2] used for democratic elections.[3]
Mix networks use both cryptography and permutations to provide anonymity in communications.[4] The combination makes monitoring end-to-end communications more challenging for eavesdroppers, since it breaks the link between the sender and recipients.[5]
See also: Dining cryptographers. DC-net is a protocol for communication that enables secure, uninterrupted communication.[6] Its round-based protocol enables participants to publish one bit message per round unobservably.[7]
ISDN is based on a digital telecommunications network, i.e. a digital 64 kbit/s channel network. ISDN is primarily used for the swapping of networks; therefore it offers effective service for communication.[8]
In order to cope with attacks on anonymity systems, the traffic analysis would trace information such as who is talking with whom, extract profiles and so on. The traffic analysis is used against vanilla or hardened systems.
Onion routing is an internet-based encrypted technique to prevent eavesdropping, traffic analysis attacks and so on. Messages in an onion network are embedded in the encryption layers. The destination in each layer will be encrypted. For each router, the message is decrypted by its private key and unveiled like a 'onion' and then the message transmitted to the next router.[9]
Tor is a free-to-use anonymity service that depends on the concept of onion routing. Among all the PETs, tor has one of the highest user bases.[10]
A virtual private network (VPN) is one of the most important ways to protect personal information. A VPN connects a private network to a public network, which helps users share information through public networks by extending them to their computer devices. Thus, VPNs users may benefit from more security.[11]
The future of hard privacy technology include limited disclosure technology and data protection on US disclosure legislation.[12]
Limited disclosure technology offers a mechanism to preserve individuals' privacy by encouraging them to provide information only a little that is just sufficient to complete an interactionor purchase with service providers. This technology is to restrict the data sharing between consumers and other third parties.[13]
Data protection on US disclosure legislation.[14] Although the United States does not have a general federal legislation on data privacy policy, a range of federal data protection laws are sector-related or focus specific data forms.[15] For example, the Children online privacy protection Act (COPPA) (15 U.S. Code Section 6501) which forbids the collection of any information from a child under the age of 13 years old by internet or by digitally linked devices.[16] The Video Privacy Protection Act (18 U.S. code § 2710 et seq.) restricts the release of video rental or sale records, including online streaming.[17] At last, the Cable Communications Policy Act of 1984 (47 US Code § 551) protects the subscribers' information privacy.[18]
LINDDUN is short for its seven categories of privacy threats including linkability, recognition, non-repudiation, sensitivity, leakage of details, unconscionability and non-compliance. It is used as a privacy threat modeling methodology that supports analysts in systematically eliciting and mitigating privacy threats in software architectures.[19] Its main strength is its combination of methodological guidance and privacy knowledge support.[20]