Data privacy is one of the major societal concerns surrounding Information Technology. Most countries have introduced, in the last several years, data privacy laws. The HIPAA act and the PIPEDA (Privacy Information Protection in Electronic Documents Act) law in Canada are examples of such legislations. Legal remedies, however, only intervene after privacy of individuals has been breached, and never prevent it. Only technical solutions can stop disclosures of private data when it happens. As email is the main tool of many intra- and inter-organizational communications, it also becomes an instrument of privacy violations.

In this talk, we will discuss some of the technical solutions developed for privacy compliance in email and their effectiveness. We'll present a novel approach we developed as part of an ongoing Privacy Enforcement in Email Project (PEEP). Finally, we'll conclude with the results of a privacy compliance system we developed in an academic setting.