![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
defrogITEM: In 1997, a a Carnegie Mellon University computer science professor showed that you could unearth the identity of an anonymous person with little more than their, gender, date of birth and zip code. A new paper by Professor Paul Ohm shows that anonymity is even harder to preserve in the Web Age, where the line between "personally-identifiable information" and "non-personally-identifiable information" is getting blurrier.
The reason this matters is because privacy laws define what information about you is protected by law based on the degree to which any given piece of information can be tied to yr identity. And technology, as always, is evolving faster than the laws.
The EFF has a good summary of the paper here.
Also recommended: Bruce Schneier’s recent essay on a related issue – the amount of control you have over yr data, yr ability to delete it, and the ability of third parties to delete data without yr consent (see: Amazon’s deletion of “illegal” Orwell books on the Kindle e-book reader), and how Vanish, a research project by Roxana Geambasu and colleagues at the University of Washington, could help.
Peekaboo,
This is dF
Apart from combinations of demographic data, some of the sorts of things that may well uniquely identify you include your search terms; your purchase habits; your preferences or opinions about music, books, or movies; and even the structure of your social networks -- in a purely abstract sense, even when shorn of the identities of your friends and contacts.
Deanonymization is effective, and it's dramatically easier than our intuitions suggest. Given the number of variables that potentially distinguish us, we are much more different from each other than we expect, and there are more sources of data than we realize that may be used to narrow down exactly who a particular record refers to.
Deanonymization is effective, and it's dramatically easier than our intuitions suggest. Given the number of variables that potentially distinguish us, we are much more different from each other than we expect, and there are more sources of data than we realize that may be used to narrow down exactly who a particular record refers to.
The reason this matters is because privacy laws define what information about you is protected by law based on the degree to which any given piece of information can be tied to yr identity. And technology, as always, is evolving faster than the laws.
The EFF has a good summary of the paper here.
Also recommended: Bruce Schneier’s recent essay on a related issue – the amount of control you have over yr data, yr ability to delete it, and the ability of third parties to delete data without yr consent (see: Amazon’s deletion of “illegal” Orwell books on the Kindle e-book reader), and how Vanish, a research project by Roxana Geambasu and colleagues at the University of Washington, could help.
Peekaboo,
This is dF
![[identity profile]](https://www.dreamwidth.org/img/silk/identity/openid.png){kind=small}
no subject
on 2009-09-15 11:15 am (UTC):D
no subject
on 2009-09-15 12:58 pm (UTC)no subject
on 2009-09-15 02:15 pm (UTC)no subject
on 2009-09-15 12:00 pm (UTC)If you don't want people to know who you are, stay off the freaking internet...
Freedom of information works both ways and we are all going to have to learn to live with that.
Our government, for years, wanted to create an Australia Card to aggregate all data about a given individual onto a single key. IT was voted down a number of times, but... the whole exercise was pretty pointless anyway. The kind of data mining technology needed to pull all of the databses together has existed since well before social networking, google, online shopping or internet porn.
Controlling--I don't just mean legislating, I mean securing, for real--just who does and does not have access to this kind of information is the only possible solution, and it's a partial and unlikely one at best. Laws can't keep pace with technology and security is almost always reactive--there is always some hacker who will find and exploit holes in any defense, and there will always be holes.
-- JF
-- JF
no subject
on 2009-09-15 01:06 pm (UTC)no subject
on 2009-09-15 10:40 pm (UTC)