De-anonymization
❗Article Status Notice: This Article is a stub
This article is underdeveloped, and needs additional work to meet the wiki's Content Guidelines and be in line with our Mission Statement for comprehensive coverage of consumer protection issues. Learn more ▼
De-anonymization is a practice used to relate pieces of previously-anonymized user data in order to assemble a complete user profile.
How it works
The core of de-anonymization involves making inferences to connect different types of obfuscated data, sometimes even across platforms.
How data is anonymized
Note from Collaborator: While maybe irrelevant, it is important to understand how data is collected when it comes to it being anonymized.
Anonymization, in practice, also involves around collecting user data that is said to be "aggregated/de-identified basis" which involves the usage of k-anonymity. There are also forms of data collection that also used in different methods such as t-closeness, l-diversity, and differential privacy, however there are other forms of data collection that is also used, which have yet to be disclosed to the customers.
Why it is a problem
Many privacy policies describe the disclosure of anonymized data to third parties in an effort to "limit unwarranted data collection". However, de-anonymization circumvents these privacy measures, allowing these third parties to engage in practices such as data sales or targeted advertising as normal. This is however, an issue when it comes to privacy, as an adversary (e.g telemarketer) will be able to conduct an research on those records in order to attempt to reveal the data that is aggregated.[1]
Examples
- ↑ Narayanan & Shmatikov, Arvind & Vitaly (November 11, 2006). How To Break Anonymity of the Netflix Prize Dataset. United States, Taxes, Austin.: The University of Texas at Austin.