Steve Wood writes about the value and risks of anonymization on the Information Commissioner’s Office blog. He writes, in part:
Whilst the ICO supports the use of anonymisation techniques organisations must not be complacent. It may be simple to aggregate and anonymise some datasets but it is often not as easy as one might expect. For example while a piece of information may appear to be anonymised when looked at in isolation, this may not necessarily be the case when you look at this information in context with the other information already available in the public arena. With ever increasing amounts of data in the public domain this can be challenging. This is why it is so important that anonymisation is carried out correctly.
There have been some high profile examples of anonymised datasets being “broken” in the US. We believe these were examples of poor and complacent anonymisation. It is simply unrealistic, as some commentators have called for, to stop using anonymisation techniques because of the risks. It is a call to ensure anonymisation techniques are more effective and that organisations deploy the right expertise. The demands for open data, big data and information sharing in our information society will not disappear – there are often strong arguments on their favour. What we must do is address the privacy risks with the best privacy enhancing techniques available and make judgments on a case by case basis whether data can be disclosed publicly.
The ICO also stands by to take swift enforcement action against those who negligently or complacently place individuals’ privacy at risk through poor standards of anonymisation.
Read more on the ICO’s Blog.