Anonymization of data as the future for data privacy?

There is significant debate going on concerning the use of personal data outside of that which it was collected for in the EU data protection reforms. This follows on from my previous post on the future of data protection. One of the ways seen as mitigating the risks is by anonymization of personal data. So you remove all PII, and make it anonymous so it can be used for whatever purpose. Sounds easy, but it’s not. Other data in public domain could be what was anonymised data invalid. There have been many cases of so called anonymous data becoming de-anonmynised. May Yee posted something in May 2010 on Virtual Shadows.

Clearly the anonymisation of data has enormous value in medical research for example, as it saves lives. However, when it comes to collecting personal information to be anonymised and used for making money, i.e. marketing, I’m a little less enthusiastic. If my personal data is to be used for purposes outside of what it was collected for, anonymised or not, I want to be informed of this, and be given the option to opt-in, not opt-out. It is up to the marketeer to sell to me the value in opting in.

Deletion of DNAs of those who are innocent in UK

Come on now, innocent is innocent. These DNA profiles should be deleted, nothing less!
And anonymity does not guarantee that the DNA profiles cannot be linked back to the original person. There is some more posting on this somewhere on virtual shadows. Examples of how easy it can be.

What am raving on about here? Read more at guardian government computing.

Who watches the watchmen?

So this news about an engineer at Google who allegedly got fired for using his high-level access to stalk teenagers…

It’s nothing new to point out the risks with all the massive data mining that Google and others do through their services. It has been done before. What surprises me is that there seems to be such small reactions to when this data is clearly abused. People usually responds to surveilance that they have nothing to hide. Only criminals have somethin to hide. But is this really true? What if someone right now had access to all the emails you ever read, or written, all web pages you have visited, all search queries you’ve ever done, chat trancripts etc.? I have nothing to hide does not equal that I want to show you everything. Google insist that it’s doing good. I would say that that is a necessary tag line for a company that collects all the personal data on everybody they can reach on the internet. The problem is that Google is a company, full of people who might have their own definition of “doing good”.

Google CEO’s latest privacy statement

I was reading the web article Google CEO Schmidt: No Anonymity Is The Future Of Web this morning where Eric Schmidt is quoted as saying:

Privacy is incredibly important. Privacy is not the same thing as anonymity. It’s very important that Google and everyone else respects people’s privacy. People have a right to privacy; it’s natural; it’s normal. It’s the right way to do things. But if you are trying to commit a terrible, evil crime, it’s not obvious that you should be able to do so with complete anonymity. There are no systems in our society which allow you to do that. Judges insist on unmasking who the perpetrator was. So absolute anonymity could lead to some very difficult decisions for our governments and our society as a whole.

Some espouse that the loss of anonymity will endanger privacy. I can see both sides of the argument and again, as I stated in my post on March 2nd – Do I want to be anonymous? Yes! Do I want to be authenticated? Yes! that it is all about balance. Can I, or should I, be anonymous when I want to perform on-line banking? No. Is it anyone’s business what I look at, or when, or why, when I surf the net? No.

So again, it’s not either-or, but a balance. Sometimes anonymity is desired, and sometime non-repudiation.

More CCTV to come for Sweden

The Swedish Minister of Justice, Beatrice Ask, announced this Monday that she was positive to changing the legislation regarding CCTV in public areas. Unfortunately, she wants to make it easier to set up cameras. Also, she proposes that store owners should not need to get permission beforehand. Instead, it should be enough to notify some time after the camera has been installed.

In brief, she is for making it easier for business owners and municipalities to install CCTV. She also want’s the governing of CCVT to be handled by the The Swedish Data Inspection Board (it was previously handled by the different county administrations). So one bad and one good then. But this statement made by Beatrice is a bit worrying:

“- It is about specific, defined areas where camera surveillance is very important as a preventive measure especially in the case of theft and burglary”. Sounds good, but this statement is not backed up by any proof. I’ve mentioned this in a previous post.

Even more worrying is that the opposing parties only object to that it has taken her so long to propose this change. One can only hope that this is all to get voters for the upcoming election this September.

China to ban internet anonymity

Currently in China, those who cannot afford their own computers and reliant on webcafes, must link every instance of computer usage at a specific computer to either their ID card or their passport. This is very annoying for me, as the only time I go to internet cafes these days is when I have lost my keys, and so invariably also do not have my passport.

The Government also has a very tight relationship with the Internet Service Providers. Whilst researching the practicalities of internet anonymity through TOR on my home computer, my internet access was cut a few times, and eventually my route to all publicly broadcasted TOR entry nodes blocked.

As China is on route to turning its internet black list into an internet white list, it is eagerly looking at the further step of forcing users in all instances of internet participation, online forums for example, to display their real name; and of course for that real name to be linked to their ID card number, and other identifiable information.

More can be read here

It looks like being barred from facebook, twitter, blogspot, youtube and wordpress will be the least of worries for those with a social or political conscience.

Agreement on CCTV surveillance

The Swedish Data Inspection Board has agreed to new industry regulations regarding CCTV surveillance in apartment buildings (link in Swedish).

The board had previously declared that CCTV surveillance was not allowed in public areas of apartment buildings. This because of the possibility to monitor habits and daily life of the tenants and their acquaintances. This in turn led to the new regulations now published.

The regulations only allow CCTV monitoring the public areas of a building, not the apartments themselves. It also states that areas that are necessary to pass to get in and out of the apartments are not to be monitored except in very special cases. Examples of such case is if an area has been the haunt of persons which frequently act violent and threatening, or are stealing or causing severe damage to the property.

CCTV in areas not frequently accessed, such as storage areas or similar, are not to be considered a violation of the personal integrity. Therefore it will be easier to get a permit for CCTV surveillance for these.

It is stated that the time for surveillance shall be kept to a minimum in all cases. This means for instance that if vandalism occurs during a specific period of time, the monitoring shall be limited to that time period.

It is an pretty well formulated directive regarding CCTV in public places. But of course we will have to wait and see how it will be used in practice. Also, there is no direct proof regarding CCTV will stop crime. The proof that exists actually rather point to the CCTV not adding any security at all. I’ll link to Bruce Schneiers lates post on this, since it contains several good links and is an excellent read on the subject.

The new industry regulations regarding CCTV surveillance of apartment buildings are available (in Swedish only) as a pdf download here.

Anonymous Data?

In this article, it was been reported that computer scientists were able to de-anonymize supposedly anonymous data and re-identify individuals. This, however, is not entirely new. De-anonymisation has been conducted successfully in 2006 when AOL released the search logs of over a half million of their users (here) and in 2009 by researchers in social networks (here). Stripping personal identifiable information such as usernames from data sets is an insufficient step in the anonymizing process.

Shedding Your Identity in the Digital Age

is the title of a new article in the December 2009 issue of Wired Magazine. For one month, Evan Ratliff shed his digital identity and tried to disappear. Wired offered $5000 to the first person who could locate him, say the password “fluke” and take his picture within the one month contest period. The premise of the contest was simple: “how hard is it to vanish in the digital age? The article chronicles his adventures on the run, and the phenomena it created on Twitter. Using the hashtag #vanish, contest participants were “tweeting” up to 600 tweets a day as they shared clues and personal information about Evan Ratliff (such as his middle name, a common question of private investigators).

I recommended you pick up the print edition of the article while still available, as it is better than the online version. Otherwise, check out the online version here.