Abstract
The need for clear guidance on anonymization is becoming increasingly pressing for the research community given the move toward open research data as common practice. Most research funders take the view that publicly funded research data are a public good which should be shared as widely as possible. Thus researchers are commonly required to detail data sharing intentions at the grant application stage. What this means in practice is that researchers need to understand the data they collect and hold and under what circumstances, if at all, they can share data; anonymization is a process critical to this, but it is complex and not well understood. This chapter provides an introduction to the topic of anonymization, defining key terminology and setting out perspectives on the assessment and management of reidentification risk and on the role of anonymization in data protection. Next, the chapter outlines a principled and holistic approach to doing well-thought-out anonymization: the Anonymisation Decision-making Framework (ADF). The framework unifies the technical, legal, ethical, and policy aspects of anonymization.
References
Arrington M (2006) AOL proudly releases massive amounts of user search data. TechCrunch. http://tinyurl.com/AOL-SEARCH-BREACH. Accessed 30 May 2016
Atokar (2014) Riding with the stars: passenger privacy in the NYC taxicab dataset. http://tinyurl.com/NYC-TAXI-BREACH. Accessed 30 May 2016
Barth-Jones D (2012) The identification of Governor William Weld’s medical information: a critical re-examination of health data identification risks and privacy protections, then and now. https://fpf.org/wp-content/uploads/The-Re-identification-of-Governor-Welds-Medical-Information-Daniel-Barth-Jones.pdf
Barth-Jones D (2015) How anonymous is anonymity? Open data releases and re-identification. Data & Society. https://datasociety.net/pubs/db/Barth-Jones_slides_043015.pdf
Barth-Jones D (2016) why a systems-science perspective is needed to better inform data privacy public policy, regulation and law. Brussels privacy symposium, November 2016
CNN Money (2010) 5 data breaches: from embarrassing to deadly. http://tinyurl.com/CNN-BREACHES/. Accessed 30 May 2016]
Concordat on Open Research Data (2016). https://www.ukri.org/files/legacy/documents/concordatonopenresearchdata-pdf/
Dibben C, Elliot M, Gowans, H, Lightfoot D, Data Linkage Centres (2015) The data linkage environment. In: Harron K, Goldstein H, Dibben K (ed) Methodological Developments in Data Linkage, First Edition. Edited by Katie Harron, Harvey Goldstein and Chris Dibben. © 2016 John Wiley & Sons, Ltd. Published 2016 by John Wiley & Sons, Ltd
Duncan GT, Elliot MJ, Salazae-Gonzalez JJ (2011) Statistical confidentiality. Springer, New York
Elliot M, Mackey E (2014) The social data environment. In: O’Hara K, David SL, de Roure D, Nguyen CM-H (eds) Digital enlightenment yearbook. IOS Press, Amsterdam
Elliot M, Lomax S, Mackey E, Purdam K (2010) Data environment analysis and the key variable mapping system. In: Domingo-Ferrer J, Magkos E (eds) Privacy in statistical databases. Springer, Berlin
Elliot M, Smith D, Mackey E, Purdam K (2011a) Key variable mapping system II. In: Proceedings of UNECE worksession on statistical confidentiality, Tarragona, Oct 2011
Elliot MJ, Mackey E, Purdam K (2011b) Formalizing the selection of key variables in disclosure risk assessment. In: 58th congress of the International Statistical Institute, Aug 2011, Dublin
Elliot M, Mackey E, O’Hara K, Tudor C (2016) The anonymisation decision-making framework. UKAN Publication, Manchester, United Kingdom
Elliot M, O’Hara K, Raab C, O’Keefe C, Mackey E, Dibben C, Gowans H, Purdam K, McCullagh K (2018) Functional anonymisation: personal data and the data environment. Comput Law Secur Rev 34(2):204–221
ESSNet (2007) Guidelines for the checking of output based on microdata research, Workpackage 11. Data without Borders. Project N°: 262608. Authors: Steve Bond (ONS), Maurice Brandt (Destatis), Peter-Paul de Wolf (CBS). Online at https://ec.europa.eu/eurostat/cros/content/guidelines-output-checking_en
Fienburg SE, Makov UE, Sanil A (1997) A Bayesian approach to data disclosure: optimal intruder behaviour for continuous data. J Off Stat 13(1):75–89
Gymrek M, McGuire AL, Golan D, Halperin E, Erlich Y (2013) Identifying personal genomes by surname inference. Science 339(6117):321–324. https://doi.org/10.1126/science.1229566. [PubMed]
Hundepool A, Domingo-Ferrer J, Franconi L, Giessing S, Nordholt ES, Spicer K, DE Wolf PP (2012) Statistical disclosure control. Wiley, London
ICO Anonymisation: managing data protection risk code of practice 2012. https://ico.org.uk/media/1061/anonymisation-code.pdf
Mackey E (2009) A framework for understanding statistical disclosure control processes. PhD thesis, The University of Manchester, Manchester
Mackey E, Elliot M (2011) End game: can game theory help us explain how a statistical disclosure might occur and play out? CCSR working paper 2011–02
Mackey E, Elliot M (2013) Understanding the data environment. XRDS 20(1):37–39
Mackey E, Thomas I (2019) Data protection impact assessment: guidance on identification, assessment and mitigation of high risk for linked administrative data. Report for the Administrative Data Research Partnership
Mourby M, Mackey E, Elliot M, Gowans H, Wallace S, Bell J, Smith H, Aidinlis S, Kaye J (2018) Anonymous, pseudonymous or both? Implications of the GDPR for administrative data. Comput Law Secur Rev 34(2):222–233
Ohm P (2010) Broken promises of privacy: responding to the surprising failure of anonymization. UCLA Law Rev 57(1701):1717–1723
Open Research Data Taskforce with Michael Jubb (2017) Research data infrastructure in the UK landscape report. https://www.universitiesuk.ac.uk/policy-and-analysis/research-policy/open-science/Pages/open-research-data-task-force.aspx
Open Research Data Taskforce (2018) Realising the potential. Open Research Data Taskforce final report. https://www.gov.uk/government/publications/open-research-data-task-force-final-report
Rubinstein I (2016) Brussels Privacy Symposium on Identifiability: policy and practical solutions for anonymisation and pseudonymisation – framing the discussion. In: Proceedings of Brussels Privacy Symposium: identifiability: policy and practical solutions for anonymisation and pseudonymisation. Brussels, Nov 2016. https://fpf.org/wp-content/uploads/2016/11/Mackey-Elliot-and-OHara-Anonymisation-Decision-making-Framework-v1-Oct-2016.pdf
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (Text with EEA relevance). Online at https://eur-lex.europa.eu/legalcontent/EN/TXT/?qid=1568043180510&uri=CELEX:32016R0679
Sweeney L (1997) Weaving technology and policy together to maintain confidentiality. J Law Med Ethics 25(2–3):98–110. https://doi.org/10.1111/j.1748-720X.1997.tb01885.x
UK Data Protection Act (2018) London, The Stationery Office. Online at http://www.legislation.gov.uk/ukpga/2018/12/contents/data.pdf
Willenborg L, DE Waal T (2001) Elements of disclosure control. Springer, New York
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this entry
Cite this entry
Mackey, E. (2019). A Best Practice Approach to Anonymization. In: Iphofen, R. (eds) Handbook of Research Ethics and Scientific Integrity. Springer, Cham. https://doi.org/10.1007/978-3-319-76040-7_14-1
Download citation
DOI: https://doi.org/10.1007/978-3-319-76040-7_14-1
Received:
Accepted:
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-76040-7
Online ISBN: 978-3-319-76040-7
eBook Packages: Springer Reference Religion and PhilosophyReference Module Humanities and Social SciencesReference Module Humanities