Drop the disguise: your metadata still gives you away. Four pieces of information is all that's needed to match individuals to their anonymised credit card records.
The findings suggest that tougher measures must be put in place to protect users' privacy, because real identities may be too tied in to the rich metadata, such as GPS coordinates, collected by modern devices.
The findings suggest that tougher measures must be put in place to protect users' privacy, because real identities may be too tied in to the rich metadata, such as GPS coordinates, collected by modern devices.
Identity by numbers
"We're building this body of evidence showing how hard it actually is to anonymise large sets of data like credit cards, mobile phones, and browsing information," says de Montjoye. "We really need to think about what it means to be make data truly anonymous and whether it's even possible."
The results align with similar experiments performed on supposedly anonymised data. In 2013, de Montjoye's team successfully identified 95 per cent of people from their mobile phone records. Another study, published on Tuesday by researchers at the University of Birmingham in the UK, replicated the results with GPS data collected by phones in New Hampshire and taxi cabs in San Francisco (arxiv.org/abs/1501.06814 ).
Altogether, the research highlights how hard it is to make data anonymous, even for well-intentioned organisations that take steps to strip the data of personal information. Some have suggested using new tools – like de Montjoye's openPDS and the European Union's di.me project – that allow users to control how much of their data third parties can see.
No comments:
Post a Comment