Activities per year
Abstract
Anonymisation of personal data has a long history stemming from the expansion of the types of data products routinely provided by National Statistical Institutes. Variants on anonymisation have received serious criticism reinforced by much-publicised apparent failures. We argue that both the operators of such schemes and their critics have become confused by being overly focused on the properties of the data themselves. We claim that, far from being able to determine whether data are anonymous (and therefore non-personal) by looking at the data alone, any anonymisation technique worthy of the name must take account of not only the data but also their environment.
This paper proposes an alternative formulation called functional anonymisation that focuses on the relationship between the data and the environment within which the data exist (their data environment). We provide a formulation for describing the relationship between the data and their environment that links the legal notion of personal data with the statistical notion of disclosure control. Anonymisation, properly conceived and effectively conducted, can be a critical part of the toolkit of the privacy-respecting data controller and the wider remit of providing accurate and usable data.
This paper proposes an alternative formulation called functional anonymisation that focuses on the relationship between the data and the environment within which the data exist (their data environment). We provide a formulation for describing the relationship between the data and their environment that links the legal notion of personal data with the statistical notion of disclosure control. Anonymisation, properly conceived and effectively conducted, can be a critical part of the toolkit of the privacy-respecting data controller and the wider remit of providing accurate and usable data.
Original language | English |
---|---|
Pages (from-to) | 204-221 |
Number of pages | 18 |
Journal | Computer Law & Security Review |
Volume | 34 |
Issue number | 2 |
Early online date | 28 Feb 2018 |
DOIs | |
Publication status | Published - Apr 2018 |
Keywords
- anonymisation
- deidentification
- deanonymisation
- statistical disclosure control
- data environment
- ADF
- DDF
- functional anonymisation
- release-and-forget
- obscurity
Profiles
-
Karen Mc Cullagh
- School of Law - Associate Professor
- Media, Information Technology and Intellectual Property Law - Member
Person: Research Group Member, Academic, Teaching & Research
Activities
- 1 Public lecture/debate/seminar
-
Webinar on “How to use PETs for anonymization under GDPR - where law meets technology."
Karen Mc Cullagh (Speaker)
2 Oct 2023Activity: Participating in or organising an event › Public lecture/debate/seminar