De-anonymising data should be a criminal offence, says MPs report A Parliamentary report has called on the government to make the identifying of individuals by de-anonymising data a criminal offence. The House of Commons Science and Technology Select Committee today urged the government to allay the legitimate privacy concerns around sharing information in its Big Data Dilemma report. …
IMHO it should, because that too is abuse of personal information.
I would like to note that making data truly anonymous has been proven to be seriously hard to do, not in the least because there is also the problem of accidentally generating information about new identities which creates all sorts of fun problems on its own - people just seem unable to recognise the word "sample" and "test"..
The databases containing the data in question are created for various purposes, nearly all perfectly legitimate. The typical scary example is medical condition and treatment data, which researchers want available for, well, research that might be useful in advancing the overall state of medical knowledge and perhaps suggesting new treatments (or invalidating existing ones). The data are anonymised because personal identity is not thought to be meaningful to the questions asked.
Various studies have shown that real anonymisation is quite difficult in many practical cases, especially where it can be associated with other publicly available data. Targeting deanonymisation probably is a better compromise between making data available for legitimate purposes and discouraging its misuse.
@Old Handle
As an AC mentioned further up, anonymisation is hard. I just saw a paper review (Narayanan, Shmatikov. De-anonymizing social networks) on how network analysis can reveal 30% of anonymous social media accounts. Recently at my work we were peripherally involved in a case where a researcher put enough data in a paper to identify individual patients by analysing geographic data and public records.
A determined attacker can correlate data you would never think of, or sometimes start with a single item of data (a Facebook post about a hospital visit -> name, date and hospital) to find key information in "anonymised" research data.
So, shall we prohibit teaching Probability and Stats too? After all, most De-anonymization methodologies are nothing but applying the same Bayes algos used in genetics. You throw the data into the cruncher and some confidence levels come on the other side. The more data the merrier.
The horse has bolted, it is pointless to try to lock the door afterwards.
You have to rebuild the barn starting with a complete and unconditional prohibition of "anonymized" data set sale for "marketing research" purposes. Criminalize that for starters.
I was thinking this too. How much of this is probability based on anonymized data, and how much is some actually reconstructing someone profile based on the data, The former is just maths, the later sounds like it was Annoymized to being which maybe that should be a crime?
"a complete and unconditional prohibition of anonymized data set sale for marketing research purposes"
If anonymised datasets make it into the public domain then it will always be easy to find a foreign country where de-anonymising the data isn't illegal. We must assume, then, that any sufficiently interesting dataset will eventually be available to interested parties in the UK simply by firing up a web browser. (That is, it will be no easier to police than foreign porn, which no government has had any success, ever.)
To be secure, anonymous datasets need to be under NDA to specific customers, who will be legally liable if the data ever appears elsewhere, and the data itself needs to be fiddled so that it can be tracked back to whoever it was released to. Yes, that will mean introducing deliberate errors and so researchers will have to accept that, but to be honest the original data is probably chock full of errors anyway.
To be secure, anonymous datasets need to be under NDA to specific customers
Not good enough.
The only thing which is good enough is that anonymous data is treated the _SAME_ as non-anonymous for purposes of enforcing all current contractual, financial and data protection regulations.
So, sure, data can be sold. Just the buyer takes every single data protection obligation as if it was not anonymous. After that it also complies with relevant financial ones if the data has financial relevance - same - as if it was not anonymous.
NDA does not cut it here, you need to re-set the legal reqs on data sales making anonymous and non-anonymous equivalent.
If you do that don't you risk removing the incentive to anonymise the data in the first place? Anonymising data is surprisingly hard to do well as the original implies, so if there's little incentive to do so the temptation will always be to use the full data set and not risk running into all the data integrity problems anonymising can bring you.
easy solution if they don't want a second failure. Don't try to re-launch the scheme. PROBLEM SOLVED.
Its a Govt IT project If you relaunch it, it WILL Fail. or it will work so badly as to not be fit for purpose and in this case all our medical records will all appear in Google search results.
only because there is no "none of the above" candidate.
If "none of the above" wins, we should discard the candidates and start with a new list.
Perhaps political parties would start to take the process seriously, rather than promoting candidates whose only skill seems to be being electable.
P.
But I just, did not, get a spam e-mail from someone offering me my medication at lower than the pre-paid prescription price along with what looks like a good deal on Viagra. They also suggested that, based on snouting about in my medical records as held by my Doctor, that there were better treatments available for my bowel cancer than my Doctor was presenting to me because they had not told my Doctor about them and, given their additional research into my insurance policies, I would be able to have that and the prostrate thing sorted out almost immediately along with an even better deal on Viagra.
Have your doctors told you about your sex-change operation and post-op treatment? I think they should.
Well, assuming... My GP, after some discussion, signed me up for the sex change so I turned up on the prescribed day and had my knob turned into a fanny. Unfortunately,
https://nodpi.org/forum/index.php/topic,6879
http://www.theguardian.com/society/2015/jan/22/nhs-disregards-patients-requests-sharing-medical-records
http://www.telegraph.co.uk/news/health/11790711/Boots-Tesco-and-Superdrug-to-get-access-to-NHS-medical-records.html
I had requested that my medical records about my new cunt should not be shared and Mr Manning, not Bradley, suggests that the request has been ignored.
Still, I suppose if my Gold Orifice goes wrong you can still slide your Silver Badge up my Brown hole or perhaps someone from Tesco will contact myself directly to offer a better treatment outside of the NHS for the puss[y] problem... having being given access to my GP's 'hard one' without my permission,
Did I mention Rape?
and not telling my GP about the possibility of such treatment.
Of course, as before, no doubt that assumes my Insurance Policy checks out under a cross check such that Tesco and Asda can bid to fix stuff for me.
Oh, and don't worry your pretty little penis. I'm a Lesbian.
Isn't any processing of data likely to reduce it's entropy? If it doesn't then there's little point in doing it. And as other commentards have mentioned in relation to medical records, cross referencing with other data can quite easily lead to unique identification.
But more to the point, isn't it just as much of a potential offence when a villain collects personal details by subterfuge or misappropriation as when they do this by de-anonymisation?
" isn't it just as much of a potential offence when a villain collects personal details by subterfuge or misappropriation as when they do this by de-anonymisation"
My view, fwiw, is that you should replace the word villain with the phrase "anyone, especially in any part of government" and add "or scope creep" after misappropriation. ........
Rules, rules, rules... The problem with a lot of those rules is that they also harm innocent people who don't abuse whatever they're doing. Take a look at the definition: de-anonymising data; if I host a webserver and then check my visitor amounts and also check from which country each visitor originates then I'm more or less doing the same thing. After all: instead of working with a boring IP number I can now establish than the IP address represents someone from a specific country.
So it has become less anonymous. What was once an IP address is now a Brit, Dutchman or German.
I know I'm playing the devils advocate here, but when it comes to law enforcement then the law is taken to the letter of the word, not its intent. If de-anonymising becomes an offense then the same can be said about using log analyzers.
Or what about allowing someone to log on, and provide a way to place a cookie so that the next time they visit they can simply continue their session? That would also fall under this category.
What I'm saying here is: instead of trying to come up with dozens of new rules why don't we enforce the rules we already have instead? If someone abuses data which they obtained from the Net and intrude on peoples privacy then act on it. Surely the current laws allow for that already? You can't just invade someones personal life you know.
I think the real culprit here is effort. Its much easier to deny the whole thing, then simply don't act on those who aren't abusing it (even though they technically violate the rules) and act on those who do. But all that does is create a double standard. It might be easier on the government, but its also much less fair on the people who are affected by it.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
