A system for implementing search- and retrieval-compatible data obfuscation includes an annotator that annotates data, metadata, and relationships thereof that are privacy sensitive according to privacy policies. The system also includes an indexing server that indexes the annotated data according to the policies that specify rules for controlling access to the data. The system also includes an obfuscation server for serving user requests for data search and retrieval, and specifies data entitlement and access rights for the users by applying the privacy policies to user profiles. In response to receiving a search request from a user, the obfuscation server forwards the search terms in the request, along with a privacy level determined from a corresponding user profile and the policies, to a search engine that searches indices of a database having the privacy level in the request, and returning to the user only the results which match the search terms and the privacy level. In response to receiving a data retrieval request, the obfuscation server retrieves the requested data with annotations from the database, applies the obfuscation scheme to the annotated data according to the privacy policies and the user profile, and returns to the user the obfuscated data in compliance with the privacy policies.