Forgot your password?
typodupeerror
Data Storage Privacy Your Rights Online

Why Anonymized Data Isn't 280

Posted by kdawson
from the can't-keep-good-PII-down dept.
Ars has a review of recent research, and a summary of the history, in the field of reidentification — identifying people from anonymized data. Paul Ohm's recent paper is an elaboration of what Ohm terms a central reality of data collection: "Data can either be useful or perfectly anonymous but never both." "...in 2000, [researcher Latanya Sweeney] showed that 87 percent of all Americans could be uniquely identified using only three bits of information: ZIP code, birthdate, and sex. ... For almost every person on earth, there is at least one fact about them stored in a computer database that an adversary could use to blackmail, discriminate against, harass, or steal the identity of him or her. I mean more than mere embarrassment or inconvenience; I mean legally cognizable harm. ... Reidentification science disrupts the privacy policy landscape by undermining the faith that we have placed in anonymization."
This discussion has been archived. No new comments can be posted.

Why Anonymized Data Isn't

Comments Filter:
  • by Anonymous Coward on Tuesday September 08, 2009 @02:37PM (#29355537)

    Mission Impossible

    You're thinking of the wrong Cruise flick.
    Take all that tracking information then add a few heuristics and you've got Minority Report.

  • by Anonymous Coward on Tuesday September 08, 2009 @02:37PM (#29355545)

    How is a business supposed to entrust me with thousands of dollars in credit if they don't know who I am?

    They entrust the credit card company with credit. The credit card company entrusts you with credit, or in the case of prepaid credit cards, the credit card company takes your money and you trust them to relay it to the companies that you do businesses with. Only the credit card company needs to know your name and only if you don't give them the money up front.

    "My G1 was on a Starbucks Wifi at the time of the crime. I used my CC to purchase the drink. I received a text from a nearby tower. I posted a comment on breaking news story that is written in my style of writing. I was seen on 8 security cameras walking to the starbucks from my car. I used an automatic toll card 5 miles away from the coffee shop...." Good luck coming up with a large mountain of evidence to put me somewhere else.

    That is all volatile information in computer databases, which are unlikely to be cryptographically secured or in any other way tamper-proof. The same databases which put you where you really were can put you near a crime scene and all the traces you mentioned would not be any more trustworthy than the false data.

  • by blahplusplus (757119) on Tuesday September 08, 2009 @02:42PM (#29355647)

    "Private should mean no disclosure, not anonymized disclosure, not aggregate disclosure, just plain no disclosure period."

    The profit motive and privacy are at odds, trying to make the most money and sell the most stuff means you want to know everything about everyone so that you can one up you competitors, it's a race to the bottom. Ideals in the real world always submit to the pragmatic concerns of making money in a capitalist society.

  • by causality (777677) on Tuesday September 08, 2009 @04:06PM (#29357111)

    How is this any different than articles about rockets and space travel (after all, most of us will never travel into space, or work for NASA)? Or any other in a myriad of technical subjects that most of us are not, and will not be directly involved in or use directly.

    That's not really a valid question and I'll explain why. The difference is that rockets and space travel are about the actual technology. If the entertainment industry operated that way, then all of the discussion would be about photography/camera work, lighting, audio recording, film editing, and other such techniques. That information is useful to anyone who wonders how these things are done, or who wants to do such things themselves. That's why your question is like comparing an apple to an orange.

    For a real comparison you would have to ask why we don't have paparazzi following scientists around and invading their privacy and digging up dirt on them for public consumption. You'd have to ask why we talk about Firefox the browser and its features instead of the personal lives of the programmers who created it.

    People are curious. They are curious about everything. It's an exercise in futility to pick and chose useful information over non-useful information since none of us knows what tomorrow holds. If someone want's to read celebratory gossip more power to them. In truth, the gossip is more likely to be both true and useful than news about an new process that may produce titanium at half the cost or an article about NASA's next big toy. We on slashdot find the technical news more interesting, normal people who are interested in interpersonal relationships find the gossip more interesting. It's two sides of the same coin.

    Most of the time that you point out that something makes no sense whatsoever, some (possibly well-meaning) apologist will come out of the woodwork and respond with an attempt to portray all possible choices as equally viable. That way everything is just a personal preference with no objective criteria whatsoever. There needs to be something like "Godwin's law" for this. It's often an effective way to halt all useful discussion, and I'm not buying it. It's fine when you are talking about what kind of music you listen to or what kind of food you like to eat. However, it doesn't apply here.

    Knowing that a scientist named John Doe just married his third wife doesn't do a damned thing for anybody. It's useless trivia. No one can take that information and produce a useful product from it. No one can grow as a person or improve their quality of life by learning this. However, knowing that a scientist named John Doe has invented and published a big improvement on how we produce titanium benefits everyone who produces titanium and everyone who purchases products containing it (anything from white paint to rockets). It is not useless trivia. The two types of information are therefore not on equal footing -- one is objectively useful, while the other is not. Ergo, this is not a mere preference or matter of taste, and it's intellectually dishonest to pretend like it is.

    It's just that when someone can sing or dance or act, we pretend like this trivia is somehow profound or meaningful or useful. There's a certain desperation behind that if you look deeply into it. The people who do it don't want to so much as they need to. They have to have some kind of excitement, to make a big deal out of something, because otherwise they must address the emptiness of their own lives. There's nothing wrong with finding interpersonal relationships interesting, because interpersonal relationships are a big and important part of the whole life experience. However, there is something deeply wrong with such a strong interest in interpersonal relationships that don't involve you and in which you cannot participate, particularly when they involve some of the most immature, unenlightened, and superficial people that our society has to offer (i.e Paris Hilton, Brittney Spears).

  • Re:Duh. (Score:3, Interesting)

    by Jah-Wren Ryel (80510) on Tuesday September 08, 2009 @05:07PM (#29358249)

    An out-of-state fake ID will not necessarily work. There are interstate standards for the content of mag stripes and 2-D barcodes, for example.

    But no where near all states follow those standards. All you gotta do is make a fake-id for one of those states. Even if the state does follow those standards, if you pick a state far enough way you can make up pretty much anything, call it an id card (rather than a driver's license) and the person using the machine will have to make the human decision to accept the id anyway or not. As someone who made such a fake-id for a girl who wanted to appear younger than she was (got tired of the bouncers at the clubs loudly exclaiming "you lookin gooooood for XX years old" and thus informing everyone she was with of her true age) I can say that the card always failed to scan because it was 100% bogus, but the people running the machines always accepted it anyway.

  • by andy_t_roo (912592) on Tuesday September 08, 2009 @08:21PM (#29360407)
    i think i found a new sig (a bit too long for /. unfortunately):
      "why is it "marketing" when a company helps itself to my information against my will and "piracy" or "industrial espionage" if I helped myself to THEIR zeroes and ones against their will?"

Top Ten Things Overheard At The ANSI C Draft Committee Meetings: (2) Thank you for your generous donation, Mr. Wirth.

Working...