Sixth-generation (6G) networks are expected to provide ubiquitous connectivity, AI-native orchestration, and seamless integration across terrestrial and non-terrestrial infrastructures. However, these capabilities introduce new privacy challenges related to the classification and protection of personal, quasi-personal, and non-personal data in complex data-driven environments. This paper presents a systematic review of 78 peer-reviewed studies published between 2019 and 2025. Following a PRISMA-based methodology, this review analyzes privacy-enhancing technologies (PETs), regulatory compliance frameworks, and architectural patterns for privacy preservation in 6G networks. The findings show that differential privacy (DP) and federated learning (FL) dominate current research, accounting for nearly 52% of the reviewed studies. Blockchain auditing and zero-knowledge proofs (ZKPs) collectively represent approximately 30%, while the remaining mechanisms, including physical-layer security (PLS), trusted execution environments (TEEs), homomorphic encryption (HE), secure multi-party computation (SMPC), and anonymization, account for roughly 18%. These mechanisms exhibit varying levels of privacy strength, utility preservation, latency, and energy cost. At the same time, evolving regulatory frameworks, including GDPR, PDPL, CCPA/CPRA, LGPD, and PIPL, increasingly extend privacy obligations to quasi-personal and aggregated data. Building on these findings, this paper proposes a unified taxonomy that clarifies the boundary between personal and non-personal data. It also provides a cross-layer mapping between PETs and compliance requirements across the Core/SBA, RAN, Edge/MEC, and NTN layers. Finally, this paper presents a forward-looking roadmap for 2025–2030, highlighting hybrid PET pipelines, post-quantum auditability, and AI-driven compliance automation as key directions for privacy-preserving 6G standardization.
Almarwani et al. (Thu,) studied this question.