In general, when visiting sites on the Internet providing various services, you expect that the proper treatment of your privacy and your personal data depends on the good will of the service provider (e.g. the owner of the website).


1::Antivirus software
3::Data Protection by Design
2::Cryptography

Unfortunately this answer is not correct. An antivirus is software that protects your computer from malicious software. While is some cases an antivirus can protect you from malicious code that may affect your privacy (e.g. spyware), this is not an embedding privacy decision in the technology. The approach to bring privacy in technology is called Data Protection by Design, which means that data protection safeguards (such as minimising the processing of personal data, pseudonymising personal data as soon as possible etc.) are being built into products and services from the earliest stage of development of a software. The need for Data Protection by Design (note that the term Privacy by Design can be also met in several texts) is also addressed in the General Data Protection Regulation 2016/679 (the Regulation entered into force on 24 May 2016, and shall apply from 25 May 2018). See for more information the ENISA report Privacy and Data Protection by Design: https://www.enisa.europa.eu/activities/identity-and-trust/library/deliverables/privacy-and-data-protection-by-design

 

Indeed this is the correct answer. Data Protection by Design is an approach that promotes privacy by ensuring that data protection safeguards (such as minimising the processing of personal data, pseudonymising personal data as soon as possible etc.) are being built into products and services from the earliest stage of development of a software. The need for Data Protection by Design (note that the term Privacy by Design can be also met in several texts) is also addressed in the General Data Protection Regulation 2016/679 (the Regulation entered into force on 24 May 2016, and shall apply from 25 May 2018). See for more information the ENISA report Privacy and Data Protection by Design: https://www.enisa.europa.eu/activities/identity-and-trust/library/deliverables/privacy-and-data-protection-by-design

 

Unfortunately this is not correct, although cryptography can be embedded in a technology as a privacy decision. Cryptographic techniques can be considered as a form of a Privacy Enhancing Technology (PET), in the sense that they provide data confidentiality; however cryptography is just one example of technical measure that can promote privacy. The correct answer is Data Protection by Design, which is an approach that promotes privacy by ensuring that data protection safeguards (such as minimising the processing of personal data, pseudonymising personal data as soon as possible etc.) are being built into products and services from the earliest stage of development of a software. The need for Data Protection by Design (note that the term Privacy by Design can be also met in several texts) is also addressed in the General Data Protection Regulation 2016/679 (the Regulation entered into force on 24 May 2016, and shall apply from 25 May 2018). See for more information the ENISA report Privacy and Data Protection by Design: https://www.enisa.europa.eu/activities/identity-and-trust/library/deliverables/privacy-and-data-protection-by-design


A better way to ensure your privacy would be that service providers embed privacy decisions directly in the technology itself rather than only stating their general obligations in legal documents.

Embedding privacy decisions in technology goes by the name of….