Broken Promises of Privacy: Responding to the Surprising Failure of Anonymization

77 Pages Posted: 13 Jul 2012 Last revised: 22 Feb 2015

See all articles by Paul Ohm

Paul Ohm

Georgetown University Law Center

Date Written: August 13, 2009


Computer scientists have recently undermined our faith in the privacy-protecting power of anonymization, the name for techniques for protecting the privacy of individuals in large databases by deleting information like names and social security numbers. These scientists have demonstrated they can often 'reidentify' or 'deanonymize' individuals hidden in anonymized data with astonishing ease. By understanding this research, we will realize we have made a mistake, labored beneath a fundamental misunderstanding, which has assured us much less privacy than we have assumed. This mistake pervades nearly every information privacy law, regulation, and debate, yet regulators and legal scholars have paid it scant attention. We must respond to the surprising failure of anonymization, and this Article provides the tools to do so.

Keywords: privacy, information privacy, anonymization, reidentification, deidentification, HIPAA, Data Protection Directive

JEL Classification: K1, K1, K13, K2, K23

Suggested Citation

Ohm, Paul, Broken Promises of Privacy: Responding to the Surprising Failure of Anonymization (August 13, 2009). UCLA Law Review, Vol. 57, p. 1701, 2010, U of Colorado Law Legal Studies Research Paper No. 9-12, Available at SSRN:

Paul Ohm (Contact Author)

Georgetown University Law Center ( email )

600 New Jersey Avenue, NW
Washington, DC 20001
United States
202-662-9685 (Phone)

Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Abstract Views
PlumX Metrics