April 6, 2017 |
Anonymisation of data is a real challenge for both those wishing to use data for research and those who control it. Data is anonymised to allow it to be used in more ways than it could be in its original state. Often it is not necessary to have personal identifiers in the research. There is a school of thought that holds that it is impossible to anonymise data. That technology, in particular the use of algorithms and big data make it impossible not to reconstruct data. That has not been tested with any certitude. The usual problem with anonymisation is the crudity of the methodology generally and sometimes the sheer incompetence.
It is a key issue in cyber security and compliance with privacy obligations.
The Singapore Privacy watchdog has released guidance on anonymisation. Under the guidelines there are five factors organisations when considering the risk of re-identification:
- how data will be used and the extent of disclosure,
- how other information could be combined with the data to enable re-identification,
- how multiple datasets could be combined to re-identify individuals,
- the data recipient’s ability and motivation to re-identify, and
- how a changing environment, such as new technologies, will affect anonymisation.
In terms of practice that means practical controls to lower the risk of re-identification, including:
- limiting the number of recipients to whom the data is disclosed and the number of people who can access it;
- imposing restrictions on the recipient in how they can use and disclose the data;
- requiring the data recipient to implement processes governing use of the data; and
- requiring further processes for destruction of the data as soon as it no longer serves any business or legal purpose.
A welcome and useful contribution.