One key method for ensuring privacy while processing large amounts of data is de-identification. De-identified data refers to data through which a link to a particular individual cannot be established. This often involves “scrubbing” the identifiable elements of personal data, making it “safe” in privacy terms while attempting to retain its commercial and scientific value.
In the era of big data, the debate over the definition of personal information, de-identification and re-identification has never been more important. Privacy regimes often rely on data being considered Personal in order to require the application of privacy rights and protections. Data that is anonymous is considered free of privacy risk and available for public use.
Yet much data that is collected and used exists somewhere on a spectrum between these stages. FPF’s De-ID Project has examined practical frameworks for applying privacy restrictions to data based on the nature of data that is collected, the risks of de-identification, and the additional legal and administrative protections that may be applied.
Controlling the Future of Privacy
Last week, I was fortunate enough to see several cool new applications of location technology and social data at two conferences which bookended my week. Privacy issues were addressed at the end of each conference, which I understand: a lecture about privacy is the last thing entrepreneurs and researchers want to hear. Unfortunately, privacy can […]
Student Data and De-Identification
Today, FPF has released its newest paper, Student Data and De-Identification: Understanding De-Identification of Education Records and Related Requirements of FERPA. Prepared in partnership with Reg Leichty of Foresight Law + Policy, this paper provides an overview of the different tools used to de-identify data to various degrees, based on the type of information involved, […]
Practical De-Identification Workshop
“Practical De-Identification” was held on July 9, 2015. The event was attended by industry and policy leaders from a range of sectors, who joined in a lively and in-depth discussion about what it means …
Comments to NTIA on Big Data and Privacy
Today, FPF submitted comments to the NTIA as it begins its exploration of how big data impact the Consumer Privacy Bill of Rights. While the NTIA sought comment on over a dozen key questions, our filing focus largely on four issues: (1) the need for additional clarity surrounding the flexible application of the Consumer Privacy […]
De-Identification: A Critical Debate
Ann Cavoukian and Dan Castro recently published a report titled Big Data and Innovation, Setting the Record Straight: De-Identification Does Work. Arvind Narayanan and Edward Felten wrote a critique of this report, which they highlighted on Freedom to Tinker. Today Khaled El Emam and Luk Arbuckle respond on the FPF blog with this guest post. […]
Making Perfect De-Identification the Enemy of Good De-Identification
This week, Ann Cavoukian and Dan Castro waded into the de-identification debate with a new whitepaper, arguing that the risk of re-identification has been greatly exaggerated and that de-identification will play a central role in the age of big data. FPF has repeatedly called for the need for informed conversations about what practical de-identification requires, […]
FPF Statement on White House Big Data Report
Today, the White House released its report on big data and the future of privacy. The Future of Privacy Forum (FPF), a DC-based think tank advocating responsible privacy and data practices, has closely followed the work of the Review Group. “Today’s White House report on Big Data carefully identifies most of the key issues in this […]
Comments for the White House "Big Data Review"
This afternoon, FPF submitted comments to help inform the White House Office of Science and Technology Policy’s “Big Data Review.” Announced in January, the White House Big Data Review has been a helpful exercise in scoping out how big data is changing our society. Through public workshops at MIT, NYU, and Berkeley, the review has […]
MAC Addresses and De-Identification
Location analytics companies log the hashed MAC address of mobile devices in range of their sensors at airports, malls, retail locations, stadiums and other venues. They do so primarily in order to create statistical reports that provide useful aggregated information such as average wait times on line, store “hot spots,” and the percentage of devices […]
White House/MIT Big Data Privacy Workshop Recap
Speaking for everyone snowed-in in DC, White House Counselor John Podesta remarked that “big snow trumped big data,” while on the phone to open the first of the Obama Administration’s three big data and privacy workshops. This first workshop focused on advancing the “start of the art” in technology and practice. While these workshops are ultimately the […]