The University of Southampton
University of Southampton Institutional Repository

Functional anonymisation: personal data and the data environment

Functional anonymisation: personal data and the data environment
Functional anonymisation: personal data and the data environment
Anonymisation of personal data has a long history stemming from the expansion of the types of data products routinely provided by National Statistical Institutes. Variants on anonymisation have received serious criticism reinforced by much-publicised apparent failures. We argue that both the operators of such schemes and their critics have become confused by being overly focused on the properties of the data themselves. We claim that, far from being able to determine whether data are anonymous (and therefore non-personal) by looking at the data alone, any anonymisation technique worthy of the name must take account of not only the data but also their environment. This paper proposes an alternative formulation called functional anonymisation that focuses on the relationship between the data and the environment within which the data exist (their data environment). We provide a formulation for describing the relationship between the data and their environment that links the legal notion of personal data with the statistical notion of disclosure control. Anonymisation, properly conceived and effectively conducted, can be a critical part of the toolkit of the privacy-respecting data controller and the wider remit of providing accurate and usable data.
anonymisation, obscurity, release-and-forget, functional anonymisation, DDF, ADF, data environment, statistical disclosure control, deanonymisation, deidentification, data protection
2212-4748
Elliot, Mark
62f054c9-5f59-431d-9771-d7dd1b584198
O'hara, Kieron
0a64a4b1-efb5-45d1-a4c2-77783f18f0c4
Raab, Charles
e21fbc8f-15dd-4862-8045-fabd7887be2b
O'Keefe, Christine M.
aa0ab1a6-7a84-4a6b-ba07-82e422c106a7
Mackey, Elaine
255f4de6-35a0-49ae-bc2d-527196e1e638
Dibben, Chris
01e585b8-3e18-4d9f-a801-85a8329c5608
Gowans, Heather
b64acb77-9e1f-436e-87d5-a9d3fd0cd89b
Purdam, Kingsley
860d55a7-1482-49aa-a1d6-ecb2f68a47fc
McCullagh, Karen
75281ceb-5ba3-4298-8242-2d75a795d360
Elliot, Mark
62f054c9-5f59-431d-9771-d7dd1b584198
O'hara, Kieron
0a64a4b1-efb5-45d1-a4c2-77783f18f0c4
Raab, Charles
e21fbc8f-15dd-4862-8045-fabd7887be2b
O'Keefe, Christine M.
aa0ab1a6-7a84-4a6b-ba07-82e422c106a7
Mackey, Elaine
255f4de6-35a0-49ae-bc2d-527196e1e638
Dibben, Chris
01e585b8-3e18-4d9f-a801-85a8329c5608
Gowans, Heather
b64acb77-9e1f-436e-87d5-a9d3fd0cd89b
Purdam, Kingsley
860d55a7-1482-49aa-a1d6-ecb2f68a47fc
McCullagh, Karen
75281ceb-5ba3-4298-8242-2d75a795d360

Elliot, Mark, O'hara, Kieron, Raab, Charles, O'Keefe, Christine M., Mackey, Elaine, Dibben, Chris, Gowans, Heather, Purdam, Kingsley and McCullagh, Karen (2018) Functional anonymisation: personal data and the data environment. Computer Law & Security Review. (doi:10.1016/j.clsr.2018.02.001).

Record type: Article

Abstract

Anonymisation of personal data has a long history stemming from the expansion of the types of data products routinely provided by National Statistical Institutes. Variants on anonymisation have received serious criticism reinforced by much-publicised apparent failures. We argue that both the operators of such schemes and their critics have become confused by being overly focused on the properties of the data themselves. We claim that, far from being able to determine whether data are anonymous (and therefore non-personal) by looking at the data alone, any anonymisation technique worthy of the name must take account of not only the data but also their environment. This paper proposes an alternative formulation called functional anonymisation that focuses on the relationship between the data and the environment within which the data exist (their data environment). We provide a formulation for describing the relationship between the data and their environment that links the legal notion of personal data with the statistical notion of disclosure control. Anonymisation, properly conceived and effectively conducted, can be a critical part of the toolkit of the privacy-respecting data controller and the wider remit of providing accurate and usable data.

Text
Functional Anonymisation and the Data Environment Final - Accepted Manuscript
Download (1MB)

More information

Accepted/In Press date: 2 February 2018
e-pub ahead of print date: 28 February 2018
Keywords: anonymisation, obscurity, release-and-forget, functional anonymisation, DDF, ADF, data environment, statistical disclosure control, deanonymisation, deidentification, data protection

Identifiers

Local EPrints ID: 417832
URI: http://eprints.soton.ac.uk/id/eprint/417832
ISSN: 2212-4748
PURE UUID: 95717bfc-bf7d-4414-b0eb-7e8988285237
ORCID for Kieron O'hara: ORCID iD orcid.org/0000-0002-9051-4456

Catalogue record

Date deposited: 15 Feb 2018 17:30
Last modified: 08 Oct 2020 04:24

Export record

Altmetrics

Contributors

Author: Mark Elliot
Author: Kieron O'hara ORCID iD
Author: Charles Raab
Author: Christine M. O'Keefe
Author: Elaine Mackey
Author: Chris Dibben
Author: Heather Gowans
Author: Kingsley Purdam
Author: Karen McCullagh

University divisions

Download statistics

Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.

View more statistics

Atom RSS 1.0 RSS 2.0

Contact ePrints Soton: eprints@soton.ac.uk

ePrints Soton supports OAI 2.0 with a base URL of http://eprints.soton.ac.uk/cgi/oai2

This repository has been built using EPrints software, developed at the University of Southampton, but available to everyone to use.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.

×