De-anonymization
❗This article is a stub. You can help by expanding it.
#appeals channel in either Zulip or Discord to request removal.An article may be flagged as a stub when it is missing major elements needed to make it useful to a reader. You can help by adding missing sections, verifiable sources, relevant company policies and communications, etc. to make the article more complete.
De-anonymization is the process or final state of revealing the true identity of an anonymous or pseudonymous person. All data linked to the anonymous or pseudonymous entity can then be connected to the true identity.
How it works
editThe core of de-anonymization involves making inferences to connect different types of obfuscated data, sometimes even across platforms.
How data is anonymized
editBefore de-anonymization happens, it needs to be anonymized. Anonymization, in practice, also involves around collecting user data that is said to be "aggregated/de-identified basis" which involves the usage of k-anonymity. There are also forms of data collection that also used in different methods such as t-closeness, l-diversity, and differential privacy, however there are other forms of data collection that is also used, which have yet to be disclosed to the customers.
Why it is a problem
editMany privacy policies describe the disclosure of anonymized data to third parties in an effort to "limit unwarranted data collection". However, de-anonymization circumvents these privacy measures, allowing these third parties to engage in practices such as data sales or targeted advertising as normal. This is however, an issue when it comes to privacy, as an adversary (e.g telemarketer) will be able to conduct an research on those records in order to attempt to reveal the data that is aggregated.[1]
Examples
edit- ↑ Narayanan & Shmatikov, Arvind & Vitaly (November 11, 2006). How To Break Anonymity of the Netflix Prize Dataset. United States, Taxes, Austin.: The University of Texas at Austin.