Privacy by Design and Anonymisation Techniques in Action: Case Study of Ma3tch Technology
Balboni, P. & Macenaite, M. (2013) Privacy by design and anonymisation techniques in action: case study of Ma3tch technology, Computer Law & Security Review: The International Journal of Technology Law and Practice 29 (2013), pp. 330-340
Posted: 17 Jul 2014
Date Written: August 1, 2013
Abstract
Privacy by Design is now enjoying widespread acceptance. The EU has recently expressly included it as one of the key principles in the revised data protection legal framework. But how does Privacy by design and data anonymisation work in practise? In this article the authors address this question from a practical point of view by analysing a case study on EU Financial Intelligence Units (“FIUs”) using the Ma3tch technology as additional feature to the existing exchange of information via FIU.NET decentralised computer network. They present, analyse, and evaluate Ma3tch technology from the perspective of personal data protection. The authors conclude that Ma3tch technology can be seen as a valuable example of Privacy by Design. It achieves data anonymisation and enhances data minimisation and data security, which are the fundamental elements of Privacy by Design. Therefore, it not only improves the exchange of information among FIUs and allows for the data processing to be in line with applicable data protection requirements, but it also substantially contributes to the protection of privacy of related data subjects. At the same time, the case study clearly shows that Privacy by Design needs to be supported and complemented by appropriate organisational and technical procedures to assure that the technology solutions devised to protect privacy would in fact do so.
Keywords: anonymisation, Financial Intelligence Units, privacy
JEL Classification: K10, K19, K39, O38, O39, L59
Suggested Citation: Suggested Citation