Abstract-Organizations use security policies to regulate how they share and exchange information, e.g., under what conditions data can be exchanged, what protocols are to be used, who is granted access, etc. Agreement on specific policies is achieved though policy reconciliation, where multiple parties, with possibly different policies, exchange their security policies, resolve differences, and reach a consensus. Current solutions for policy reconciliation do not take into account the privacy concerns of reconciliating parties. This paper addresses the problem of preserving privacy during security policy reconciliation. We introduce new protocols that meet the privacy requirements of the organizations and allow parties to find a common policy rule which maximizes their individual preferences.