While there are growing concerns about how to manage citizen privacy, currently there are no established technology solutions that meet the privacy needs required in some cases by legislation. In this paper we examine the prospect of adapting systems developed for Digital Rights Management to meet the challenges of Privacy Rights Management. In particular, the goal of this work is the adaptation of DRM technology to produce a privacy management architecture that reflects the requirements of Directive 95/46/ECfor the protection of personal data. This paper first outlines the requirements for management of the personal data of citizens of the European Community. It then describes the changes that would be required to transform a digital rights management system into a system to manage the handling of personal data. The paper concludes with a thorough discussion of the issues and potential of this approach.