Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...
By Jimmy H. Koo
Oct. 29 — The National Institute of Standards and Technology recently released the final draft of its report, De-Identification of Personal Information, summarizing two decades of de-identification research and discussing current practices.
The report, however, didn't make recommendations regarding the “appropriateness of de-identification” or specific algorithms.
“De-identification techniques are intended to remove identifying information from a dataset while retaining some utility in the remaining data,” the report said. De-identification isn't a single technique, but a collection of approaches, tools and algorithms. “In general,” it said, “privacy protection improves as more aggressive de-identification techniques are employed, but less utility remains in the resulting dataset.”
Being able to effectively de-identity personally identifying information is a central requirement for the protection of privacy when utilizing big data analytics.
The report warned that a variety of problems can result from distribution or use of de-identified data, including re-identifying the de-identified data. However, risks to individuals exist in de-identified data, the NIST report said. Some of the risks include inferences about individuals in the data without re-identification.
Concluding that there's “comparatively little known” about de-identification, the report said there's a need for “standards and assessment techniques that can measurably address the breadth of data and risks.”
To contact the reporter on this story: Jimmy H. Koo in Washington at email@example.com
To contact the editor responsible for this story: Donald G. Aplin at firstname.lastname@example.org
Notify me when updates are available (No standing order will be created).
Put me on standing order
Notify me when new releases are available (no standing order will be created)