Skip to content

Industry Pain Points

Industry PET failures are rarely about theory alone. They come from procurement, unclear claims, infrastructure gaps, cost surprises, and outputs that still leak.

Procurement-Ready Privacy Claims

Field Card
Problem How can PET vendors and builders make privacy claims that procurement teams can evaluate?
The itch Buyers receive claims like "data stays private" without threat models, assumptions, failure modes, or evidence.
Why it matters Procurement, legal, and security teams either block useful tools or approve tools they do not understand.
Current workaround Long questionnaires, one-off security calls, and contract language.
Why the workaround is insufficient It does not produce comparable evidence across PETs.
What good progress would look like A claim register format for PET products: protected assets, adversaries, guarantees, evidence, limitations, and required customer controls.
Difficulty Medium
Good for Privacy engineer, policy researcher, technical writer
Related PETs All PETs
Possible first contribution Draft a one-page procurement evidence form and test it against three PET product claims.

Operational Readiness For PET Deployments

Field Card
Problem What operational checks should happen before a PET deployment goes live?
The itch PET projects often prove the privacy mechanism but under-specify keys, logs, monitoring, incident response, upgrades, and rollback.
Why it matters Production failures can invalidate the privacy story even when the PET is technically sound.
Current workaround Borrow generic security launch checklists.
Why the workaround is insufficient Generic checklists rarely ask about privacy units, output review, collusion assumptions, attestation, or DP accounting.
What good progress would look like A PET-specific production readiness review with controls mapped to PET families.
Difficulty Medium
Good for Privacy engineer, systems builder, security engineer
Related PETs FL, DP, MPC, HE, TEEs, synthetic data
Possible first contribution Write a readiness checklist for one private inference deployment and include rollback triggers.

Total Cost Of PET Ownership

Field Card
Problem How can teams estimate total cost before choosing a PET?
The itch PET decisions often compare privacy properties but omit engineering effort, participant support, latency, cloud spend, audits, and user education.
Why it matters Good ideas stall when cost appears after architecture commitment.
Current workaround Prototype one candidate and extrapolate.
Why the workaround is insufficient It misses rejected alternatives and operational costs.
What good progress would look like A cost worksheet that covers build, operate, monitor, audit, scale, and explainability costs for each PET option.
Difficulty Good first research problem
Good for Systems builder, benchmark maintainer, privacy engineer
Related PETs All PETs
Possible first contribution Compare total cost drivers for HE inference, TEE inference, and client-side inference for one model provider scenario.

When Governance Beats Cryptography

Field Card
Problem How can teams tell when the real problem is governance rather than needing a PET?
The itch Organizations sometimes choose FL, MPC, or clean rooms to avoid hard conversations about purpose, authority, liability, and acceptable use.
Why it matters A PET can add complexity without solving the actual blocker.
Current workaround Let legal and technical teams negotiate separately.
Why the workaround is insufficient The final design may satisfy neither privacy goals nor business needs.
What good progress would look like A decision checklist that separates data-movement constraints from governance, incentive, and accountability constraints.
Difficulty Good first research problem
Good for Policy researcher, privacy engineer, product/security leader
Related PETs FL, MPC, clean rooms, TEEs
Possible first contribution Analyze three proposed PET use cases and identify which constraints are technical versus governance-driven.