ABSTRACT
Privacy enhancing technologies (PETs) have long been discussed as a valuable tool to protect personal data. Apart from some examples at the Member State level (such as Germany), however, there is still a lack of legal instruments and requirements concerning these technical instruments. Without mandatory requirements and legal incentives, there is the risk that developers and controllers will not provide PETs to their respective customers. As European data protection law will undergo substantial changes in the coming years, there is now an opportunity to implement at least basic legal instruments to supplement and foster the development and implementation of PETs. This opportunity must not be missed: given the long reform cycles of European data protection law, any regulation that does not end up being part of the current reform may have to wait for another 15–20 years for the next opportunity.
