  |
|
|
||||
|
||||
Broken Promises of Privacy: Responding to the Surprising Failure of Anonymization
Paul Ohm University of Colorado Law School August 13, 2009 University of Colorado Law Legal Studies Research Paper No. 09-12 Abstract: Computer scientists have recently undermined our faith in the privacy-protecting power of anonymization, the name for techniques for protecting the privacy of individuals in large databases by deleting information like names and social security numbers. These scientists have demonstrated they can often 'reidentify' or 'deanonymize' individuals hidden in anonymized data with astonishing ease. By understanding this research, we will realize we have made a mistake, labored beneath a fundamental misunderstanding, which has assured us much less privacy than we have assumed. This mistake pervades nearly every information privacy law, regulation, and debate, yet regulators and legal scholars have paid it scant attention. We must respond to the surprising failure of anonymization, and this Article provides the tools to do so.
Keywords: privacy, information privacy, anonymization, reidentification, deidentification, HIPAA, Data Protection Directive JEL Classifications: K1, K1, K13, K2, K23 Working Paper SeriesDate posted: August 17, 2009 ; Last revised: September 10, 2009Suggested CitationContact Information
|
|
||||||||||||
© 2009 Social Science Electronic Publishing, Inc. All Rights Reserved. Terms of Use Privacy Policy
This page was served by apollo2 in 0.078 seconds.
Download
Facebook
Twitter
Digg
Del.icio.us
CiteULike
