April 18, 2014

avatar

Anonymization FAIL! Privacy Law FAIL!

I have uploaded my latest draft article entitled, Broken Promises of Privacy: Responding to the Surprising Failure of Anonymization to SSRN (look carefully for the download button, just above the title; it’s a little buried). According to my abstract:

Computer scientists have recently undermined our faith in the privacy-protecting power of anonymization, the name for techniques for protecting the privacy of individuals in large databases by deleting information like names and social security numbers. These scientists have demonstrated they can often “reidentify” or “deanonymize” individuals hidden in anonymized data with astonishing ease. By understanding this research, we will realize we have made a mistake, labored beneath a fundamental misunderstanding, which has assured us much less privacy than we have assumed. This mistake pervades nearly every information privacy law, regulation, and debate, yet regulators and legal scholars have paid it scant attention. We must respond to the surprising failure of anonymization, and this Article provides the tools to do so.

I have labored over this article for a long time, and I am very happy to finally share it publicly. Over the next week, or so, I will write a few blog posts here, summarizing the article’s high points and perhaps expanding on what I couldn’t get to in a mere 28,000 words.

Thanks to Ed, David, and everybody else at Princeton’s CITP for helping me develop this article during my visit earlier this year.

Please let me know what you think, either in these comments or by .

Comments

  1. paul says:

    I couldn’t download the article from my ubuntu box–the download button didn’t even appear. SSRN is a royal pain. Please try downloading from SSRN first, but if you can’t, email me and I will send you the article.

  2. Jay Levitt says:

    So my question is: The term of art in privacy policies seems to be “personally identifying information”. What does that mean, legally? If it means “information that could uniquely identify you”, then a great deal of collected data – even anonymized – is personally identifying information.

    • paul says:

      In my paper, I argue that advances in reidentification and the failure of anonymization have rendered the phrase “personally identifiable information” meaningless. Everything is PII. The problem is, as you point out, PII is everywhere, not only in privacy policies, but also in law and regulation, the focus of my paper.

  3. Mike Zara says:

    The abstract and TOC are intriguing – and a bit scary. No problems downloading from SSRN, BTW, although NoScript has to be off for the down link to work.

  4. Jay Levitt says:

    Well, if we’re not anonymous anymore, at least there’s nobody tracking our every movement, correlating that with our social graph, and selling the data.

    …what’s that?…

    Sorry, I’ve just been informed that there are companies who are tracking our every movement, correlating that with our social graph, and selling the data. We call them cell providers:

    Jeff Jonas – Your Movements Speak for Themselves