![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
defrogITEM: In 1997, a a Carnegie Mellon University computer science professor showed that you could unearth the identity of an anonymous person with little more than their, gender, date of birth and zip code. A new paper by Professor Paul Ohm shows that anonymity is even harder to preserve in the Web Age, where the line between "personally-identifiable information" and "non-personally-identifiable information" is getting blurrier.
The reason this matters is because privacy laws define what information about you is protected by law based on the degree to which any given piece of information can be tied to yr identity. And technology, as always, is evolving faster than the laws.
The EFF has a good summary of the paper here.
Also recommended: Bruce Schneier’s recent essay on a related issue – the amount of control you have over yr data, yr ability to delete it, and the ability of third parties to delete data without yr consent (see: Amazon’s deletion of “illegal” Orwell books on the Kindle e-book reader), and how Vanish, a research project by Roxana Geambasu and colleagues at the University of Washington, could help.
Peekaboo,
This is dF
Apart from combinations of demographic data, some of the sorts of things that may well uniquely identify you include your search terms; your purchase habits; your preferences or opinions about music, books, or movies; and even the structure of your social networks -- in a purely abstract sense, even when shorn of the identities of your friends and contacts.
Deanonymization is effective, and it's dramatically easier than our intuitions suggest. Given the number of variables that potentially distinguish us, we are much more different from each other than we expect, and there are more sources of data than we realize that may be used to narrow down exactly who a particular record refers to.
Deanonymization is effective, and it's dramatically easier than our intuitions suggest. Given the number of variables that potentially distinguish us, we are much more different from each other than we expect, and there are more sources of data than we realize that may be used to narrow down exactly who a particular record refers to.
The reason this matters is because privacy laws define what information about you is protected by law based on the degree to which any given piece of information can be tied to yr identity. And technology, as always, is evolving faster than the laws.
The EFF has a good summary of the paper here.
Also recommended: Bruce Schneier’s recent essay on a related issue – the amount of control you have over yr data, yr ability to delete it, and the ability of third parties to delete data without yr consent (see: Amazon’s deletion of “illegal” Orwell books on the Kindle e-book reader), and how Vanish, a research project by Roxana Geambasu and colleagues at the University of Washington, could help.
Peekaboo,
This is dF
