The University of Southampton
University of Southampton Institutional Repository

Anonymous data v. personal data—a false debate: an EU perspective on anonymization, pseudonymization and personal data

Anonymous data v. personal data—a false debate: an EU perspective on anonymization, pseudonymization and personal data
Anonymous data v. personal data—a false debate: an EU perspective on anonymization, pseudonymization and personal data
Introduction
This era of big data analytics promises many things. In particular, it offers opportunities to extract hidden value from unstructured raw datasets through novel reuse. The reuse of personal data is, however, a key concern for data protection law as it involves processing for purposes beyond those that justified its original collection, at odds with the principle of purpose limitation. The issue becomes one of balancing the private interests of individuals and realizing the promise of big data. One way to resolve this issue is to transform the personal data that will be shared for further processing, such as data mining, into ―anonymous information‖ to use an EU legal term. "Anonymous information" is outside the scope of data protection laws in the EU, and is also carved out from privacy laws in many other jurisdictions worldwide. The foregoing solution works well in theory, but only as long as the output potential from the data still retains utility, which is not necessarily the case in practice. This is because the value or knowledge that can be gained from analyzing datasets (particularly using automatic algorithmic software) is maximized by virtue of finding patterns, basically linking relationships between data points. Anonymization, by contrast, aims to delink such data point relationships where they relate to informational knowledge that can be gleaned in respect of specific persons and their identities. This leaves those in charge of processing the data with a problem: how can they ensure that anonymization is conducted effectively on the data on their possession, while retaining that data‘s utility for potential future disclosure to, and further processing by, a third party?
0743-7951
284-322
Stalla-Bourdillon, Sophie
c189651b-9ed3-49f6-bf37-25a47c487164
Knight, Alison
108e7e4a-9959-4ea8-870a-542adaa1fcc9
Stalla-Bourdillon, Sophie
c189651b-9ed3-49f6-bf37-25a47c487164
Knight, Alison
108e7e4a-9959-4ea8-870a-542adaa1fcc9

Stalla-Bourdillon, Sophie and Knight, Alison (2017) Anonymous data v. personal data—a false debate: an EU perspective on anonymization, pseudonymization and personal data. Wisconsin International Law Journal, 34 (2), 284-322.

Record type: Article

Abstract

Introduction
This era of big data analytics promises many things. In particular, it offers opportunities to extract hidden value from unstructured raw datasets through novel reuse. The reuse of personal data is, however, a key concern for data protection law as it involves processing for purposes beyond those that justified its original collection, at odds with the principle of purpose limitation. The issue becomes one of balancing the private interests of individuals and realizing the promise of big data. One way to resolve this issue is to transform the personal data that will be shared for further processing, such as data mining, into ―anonymous information‖ to use an EU legal term. "Anonymous information" is outside the scope of data protection laws in the EU, and is also carved out from privacy laws in many other jurisdictions worldwide. The foregoing solution works well in theory, but only as long as the output potential from the data still retains utility, which is not necessarily the case in practice. This is because the value or knowledge that can be gained from analyzing datasets (particularly using automatic algorithmic software) is maximized by virtue of finding patterns, basically linking relationships between data points. Anonymization, by contrast, aims to delink such data point relationships where they relate to informational knowledge that can be gleaned in respect of specific persons and their identities. This leaves those in charge of processing the data with a problem: how can they ensure that anonymization is conducted effectively on the data on their possession, while retaining that data‘s utility for potential future disclosure to, and further processing by, a third party?

Text
Stalla-Bourdillon_WILJ SAE Comments_8_12_2016.ssb.pdf - Accepted Manuscript
Restricted to Repository staff only
Request a copy

More information

Accepted/In Press date: 16 July 2016
Published date: March 2017
Organisations: Southampton Law School

Identifiers

Local EPrints ID: 400388
URI: https://eprints.soton.ac.uk/id/eprint/400388
ISSN: 0743-7951
PURE UUID: 84241d65-a9f9-42db-873d-5b8ee2e1d0a9

Catalogue record

Date deposited: 15 Sep 2016 15:11
Last modified: 21 Mar 2019 17:31

Export record

Download statistics

Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.

View more statistics

Atom RSS 1.0 RSS 2.0

Contact ePrints Soton: eprints@soton.ac.uk

ePrints Soton supports OAI 2.0 with a base URL of https://eprints.soton.ac.uk/cgi/oai2

This repository has been built using EPrints software, developed at the University of Southampton, but available to everyone to use.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.

×