One key method for ensuring privacy while processing large amounts of data is de-identification. De-identified data refers to data through which a link to a particular individual cannot be established. This often involves “scrubbing” the identifiable elements of personal data, making it “safe” in privacy terms while attempting to retain its commercial and scientific value.
In the era of big data, the debate over the definition of personal information, de-identification and re-identification has never been more important. Privacy regimes often rely on data being considered Personal in order to require the application of privacy rights and protections. Data that is anonymous is considered free of privacy risk and available for public use.
Yet much data that is collected and used exists somewhere on a spectrum between these stages. FPF’s De-ID Project has examined practical frameworks for applying privacy restrictions to data based on the nature of data that is collected, the risks of de-identification, and the additional legal and administrative protections that may be applied.
Essays on Big Data and Privacy
A collection of essays by leading scholars and privacy advocates on the legal, technological, social, and policy implications of Big Data, emerging out of our 2013 Big Data and Privacy…
Comments to the FCC About "Anonymized" and "Deidentification"
Yesterday, the Federal Communications Commission posted FPF’s comments about “anonymization” and “deidentification.” The comments come in response to a request from Public Knowledge that the FCC clarify whether “anonymized” or “deidentified” but non-aggregate call records constitute individually identifiable “customer proprietary network information” under Section 222 of the Communications Act. FPF submitted comments to address the argument that […]
New Study Shows Need for De-identification Best Practices
Publically releasing sensitive information is risky. In 1997, Latanya Sweeney used full date of birth, 5 digit ZIP code, and gender to show that seemingly anonymous medical data could be linked to an actual person when she uncovered the health information of William Weld, the former governor of Massachusetts. Sweeney in a new study analyzes […]
EU Roundtable Discussion & White Paper launch
The Future of Privacy Forum (FPF) is engaged in the discussion on the draft European General Data Protection Regulation. In particular, we are publishing white papers addressing three issues raised by the new legislation: De-identification and the definition of personal data Jurisdiction and applicable law Consent You and your colleagues are warmly invited to attend […]