Technical Controls That Protect Data When in Use and Prevent Misuse
Global data processing flowing across geographic borders and increasing risks of external data breach and misuse beyond lawful purposes requires careful evaluation of technical controls that prevent privacy violations before they occur. This paper details the special requirements for, and certain benefits from, implementing technical controls satisfying the heightened requirements for statutory pseudonymisation as defined in the General Data Protection Regulation (GDPR) in the context of (i) surveillance-proof processing, (ii) lawfulness of processing, (iii) more secure processing and (iv) data supply chain defensibility. The interconnectedness of these issues is presented within the confluence of conflicting interests among four different groups: governments, courts, enforcement agencies and non-governmental organisations (NGOs).