Aldous Huxley argued that society can lose its freedom not through oppression alone, but just as easily through comfort. Most people, he wrote, have an almost infinite capacity for taking things for granted. Privacy turns out to be one of those things. We have been giving it away in small increments for years, and the arrival of AI has accelerated that process faster than most people have noticed.

It’s only natural that we’re becoming increasingly reliant on the convenience it offers. You can generate code in seconds, draft emails, try a new haircut, automate workflows, or even have an AI agent send that happy birthday message to your mom before you forget – though we would probably advise against automating that one.

It all sounds futuristic, but in reality, technology is already taking care of more than we realize. Just pick an LLM of your liking, and with the right tools, you can set up your very own personal assistant for any area of your life.

But then again, what’s the price of all that comfort? Not in environmental terms this time, but in terms of privacy and autonomy.

Something about this brings Brave New World to mind. In his book, Huxley argues that society can lose its freedom not only through oppression, but just as easily through comfort. He notes that most people have an “almost infinite capacity for taking things for granted.” Privacy, it turns out, is one of those things, and we’ve been giving it away in small increments for years. 

Every technological leap brings new vulnerabilities. We’ve covered how data gets siphoned through innocuous-looking permission prompts and the countless ways your devices profile you in the background. For years, smarter technology came with an implicit trade-off, meaning that to receive convenience, you must give away something about yourself. You wanted a better recommendation? Hand over your behavior. A faster login? Your face. Personalized anything? Your everything. Add AI integration to that equation, and the scale of what’s collected becomes difficult to comprehend.

But each technological wave eventually creates its counter-wave. And in 2026, some of the most important work happening in tech is pointed toward privacy protection. A cluster of privacy-enhancing tech (PETs) – zero-knowledge proofs, fully homomorphic encryption, secure multiparty computation, confidential computing, decentralized identity, and other concepts that take some untangling – are all trying to answer the same fundamental question:

Can we let technology into our lives without it needing to see everything first?

Why The Urgency Now

Privacy-enhancing technologies aren’t new. Cryptographers have been working on homomorphic encryption since the 1970s. Zero-knowledge proofs date to an MIT paper from 1985. Since then, researchers and engineers have spent decades trying to turn these ideas into practical privacy infrastructure. This work has become especially urgent in 2026. 

Regulators are watching

The EU AI Act brings major obligations for high-risk AI systems into force in August 2026, with penalties for the most serious violations reaching up to €35 million or 7% of global annual turnover. The regulation puts pressure on companies to prove that the data behind their models is handled responsibly.

Meanwhile, the eIDAS 2.0 regulation requires all EU member states to offer a digital identity wallet to citizens by the end of this year, meaning that 450 million people will soon have a government-issued credential on their phone.

The US is moving in the same direction, but through the states rather than one federal framework. Colorado’s AI Act targets high-risk AI systems used in areas like hiring, housing, healthcare, education, and finance. California’s Delete Act gives residents a centralized way to request deletion from data brokers. And in 2026, a growing number of state privacy laws will require companies to manage rights like deletion, opt-outs, and sensitive-data controls.

Performance is catching up

For years, the biggest knock on technologies like fully homomorphic encryption, FHE, (we will explain this later on) was that they were computationally prohibitive. The amount of computation power it needed was simply too slow and too expensive. However, improvements in hardware are reducing the overhead of encrypted computation. 

Microsoft reports that Azure Intel TDX Confidential Virtual Machines with NVMe can deliver nearly 5 times more throughput and lower latency compared with the previous SCSI generation. Zama’s Concrete framework is also designed to make FHE easier to use in real applications, while research on Intel GPUs has shown nearly 10 times acceleration for key homomorphic-encryption operations. 

AI raised the stakes dramatically

The scale of what’s being collected has expanded far beyond what most people intuit. People are asking AI systems for relationship advice, therapy-style support, financial planning, or medical guidance, uploading personal information without a second thought. Meanwhile, developers are openly asking on public forums how to use sensitive customer records with AI models without triggering compliance issues. The risk profile of a potential breach has completely changed.

IBM’s 2025 Cost of a Data Breach Report found that customer personally identifiable information was the most frequently compromised data type, involved in 53% of breaches. The average cost of a single breach was $4.44 million, and 1 in 6 breaches involved AI-assisted methods, most commonly phishing and deepfake impersonation.

Six Technologies to Watch 

For anyone watching where capital and talent are concentrating, the signal is already clear.

 Investors put $18 billion into seed-through-growth-stage companies in Crunchbase’s security and privacy categories in 2025, up about 26% from 2024 and the third-highest annual total in a decade. Cybersecurity companies also raised at least seven rounds of $400 million or more that year, showing that capital is concentrating around the infrastructure needed to secure the AI era.

We have found that six technologies are doing the heavy lifting:

1. Fully Homomorphic Encryption: The First Unicorn

Here is the concept: you encrypt your data, send it to a server, and have that server compute on it. You can analyze it, run AI models on it, etc., but without ever decrypting it. This is great, as the server processes everything while seeing nothing. For most of its history, FHE was brilliant in theory, but computationally just too expensive to be sustainable.

We finally see FHE crossing from academic settings into investable technology. In June 2025, the French cryptography company Zama raised a $57 million Series B, co-led by Blockchange Ventures and Pantera Capital, bringing its total funding to more than $150 million and its valuation above $1 billion. That made Zama the world’s first FHE unicorn.

Zama’s pitch is that FHE can redefine confidentiality in cloud computing. But this isn’t just for blockchain (which is their current focus). The tech is just as useful for healthcare, finance, defense, and any sector that processes sensitive data in the cloud.

“This is our third and largest investment in Zama. Not since I first saw Ethereum in 2014, have I seen a company commercializing an entirely new technology that could be as foundational to our global technology infrastructure.”

– Ken Seiff, Co-Managing Partner of Blockchange Ventures –

Between 2020 and 2025, the total investment in FHE startups exceeded $380 million, and that number is only accelerating.

2. Confidential Computing: Big Tech’s Quiet Bet

Think of this as the hardware layer of privacy. Chips from Intel, AMD, and ARM can now create isolated “enclaves”. These are basically secure zones where data is processed and protected even from the operating system or cloud provider running the machine. You may think of it like a locked room inside someone else’s building. Although someone else owns the building, they can’t see what’s happening inside the room.

The confidential computing market was worth $9.31 billion in 2025 and is projected to reach $15.15 billion in 2026, growing at a 62.74% CAGR through 2031. This is largely fueled by Microsoft, Google, Amazon, and Intel, which are all productizing these capabilities across their cloud platforms, making confidential computing the default infrastructure.

Google Cloud positions confidential computing as part of secure AI and federated learning infrastructure, including use cases where sensitive data stays localized while models are trained or aggregated. AWS Nitro Enclaves similarly let organizations isolate highly sensitive workloads inside protected compute environments. 

The enterprise opportunity here lies in what gets built on top of the enclave technology itself, with interesting opportunities in secure data collaboration platforms, privacy-preserving analytics tools, and compliance infrastructure for regulated industries.

3. Zero-Knowledge Proofs: Moving Beyond Cryptocurrency

The idea here is to prove that a claim is true without revealing the underlying data. For example, a bank can confirm you earn above a loan threshold without seeing your salary. ZKPs got their mainstream moment through blockchain, but are currently moving outside of web3.

Blockchain gave ZKPs their most visible commercial use case, but the idea is moving into more ordinary privacy problems. In Europe, digital identity and open banking are creating pressure for systems that can verify credentials without oversharing personal data. PSD2-style open banking requires banks to give regulated third parties access to account data with user consent, while GDPR pushes companies to collect only what is necessary. ZKPs are one of the few architectures that can satisfy both rules simultaneously.

The same logic applies in healthcare and enterprise compliance. A clinical-trial system could verify that a patient meets eligibility criteria without exposing the full medical record. A company could prove to an auditor or regulator that it followed a required process without handing over every proprietary file behind that proof.

4. Decentralized Identity: The Infrastructure Moment

Right now, your identity online is owned by platforms. Each holds a fragment of your digital self, and you control none of it. With decentralized identity, you get to hold your own verifiable credentials in a digital wallet and choose what to share with whom. This way, your data stays with you.

The eIDAS 2.0 regulation is now forcing this into production. Spain’s digital ID, launched via the MiDNI app in April 2026, is now accepted by banks, hotels, public administrations, and businesses using a dynamic QR code replacing the physical card. The EU has set an 80% adoption target across member states by 2030.

The privacy stakes are high. To reduce oversharing, digital wallets need to be designed well. If they are designed badly, they could become a new target for identity tracking. 

5. Federated Learning: The AI Privacy Bridge

AI models typically learn by ingesting centralized datasets. Federated learning means that models are trained locally on each user’s or organization’s device, and only the learned updates, and not the raw data, are shared back to improve the model. For example, if your phone trains on your behavior, your collected data does not leave your phone. 

This is a two-birds-one-stone solution, as federated learning allows AI systems to keep improving from distributed real-world data while reducing the need to centralize sensitive information, making it compatible with current and upcoming privacy regulations.

The implementations are already happening, with Google using federated learning in Gboard to improve keyboard predictions without exporting sensitive typing data. In healthcare, federated learning is being tested for medical imaging tasks such as brain tumour segmentation without centralizing patient data. 

The market is still early but keeps growing. Grand View Research estimated the global federated learning market at $138.6 million in 2024 and projected it to reach $297.5 million by 2030, growing at a 14.4% CAGR.

6. Secure Multiparty Computation: The Collaboration Protocol

Secure multiparty computation, or MPC, allows several parties to compute a shared result without revealing their raw inputs to one another. Imagine three competing banks that want to improve a fraud detection model across a wider transaction network. Each bank contributes useful data, but none of them exposes customer records to its competitors.

MPC is especially relevant for sectors like finance, healthcare, and government, where collaboration is of high importance, but data-sharing is legally and commercially sensitive.

Several companies are already building commercial infrastructure around MPC and privacy-preserving computation. Duality Technologies focuses on privacy-enhanced data collaboration for regulated sectors and, in 2025, partnered with Oracle to deliver privacy-first AI for government and defense customers. Roseman Labs uses MPC for secure data collaboration, enabling organizations to analyze combined datasets without exposing the underlying input data.

Meanwhile, in digital assets, Fireblocks provides MPC-based wallet infrastructure and states that thousands of organizations, including Worldpay, BNY, Galaxy, and Revolut, use its platform.

Where Privacy Enhancing Technologies Go Next

So what’s next? 

Privacy-enhancing technologies (PETs) are genuinely promising, but promising and deployed are not the same thing.

The first challenge is adoption. These technologies are technically sophisticated, and integrating them into existing infrastructure requires expertise that is still scarce and expensive. Cryptographers and privacy engineers command significant premiums, and most organizations do not yet have the internal capacity to evaluate, procure, and deploy PETs without external support.

The second challenge is verification. As with every category that attracts venture capital, the terminology is being stretched. “Privacy-preserving” is quickly becoming a marketing label, but not every product using that language has undergone the rigorous cryptographic validation the term implies. Scrutiny is warranted, and technical due diligence matters more here than in most software categories.

The third challenge is governance. The same tools that protect good actors can also protect bad ones. Zero-knowledge proofs can let a citizen verify their identity without exposing sensitive documents, but similar architectures can also make it harder to trace malicious activity. Regulators are aware of this, and how they resolve it will shape which PET applications are allowed in which jurisdictions.

For now, most of this market remains B2B. The global PET market was valued at around $2.8 billion in 2025, but could exceed $25 billion by 2030. However, the growth is not being driven by everyday consumer demand. Most consumers do not know what a trusted execution environment or an FHE library is, nor is there much reason for them to. The near-term buyers are likely going to be enterprises and governments, especially in healthcare, finance, and the public sector, where privacy is a compliance requirement. Consumer-facing privacy applications may come later, but for now they remain largely aspirational.

None of this makes the technology less significant. If anything, it shows that a new space is opening up between cryptographic research and real-world use. The companies that win here will be the ones that make PETs both usable and easy to integrate.

Privacy Should Be the Default 

Coming back to Huxley for a moment, the point is not that comfort is bad. Comfort is great, but it can easily make us let small trade-offs slide. Most people will not give up the tools that make life easier. At the same time, privacy should also not depend on everyone becoming a digital security expert.

Luckily, there is probably more focus on privacy protection now than ever before, and that is exciting. Most of it is still happening behind the scenes, but the direction is right, and the momentum is real. What technology needs now is for privacy to become part of the default architecture. I.e., to avoid making people choose between convenience and privacy every time they use a product.

Huxley wrote that “Technological progress has merely provided us with more efficient means for going backwards.”

We believe that the work happening in this space is the argument that it doesn’t have to.

Continue the Conversation

The privacy tech space is moving fast, with new raises, new regulations, and new infrastructure. If you want to stay close to what’s happening, come talk about it with us on a podcast or panel.

At Arcanum Ventures, we advise founders and teams operating in technically complex, high-stakes environments. Deep tech, data infrastructure, fintech… if it’s hard to build and harder to get right, that is what we work on.

Building something in this space? We’d love to take a look.