Privacy International defends the right to privacy across the world, and fights surveillance and other intrusions into private life by governments and corporations. Read more »


Error message

  • Notice: Undefined index: title in theme_book_title_link() (line 342 of /home/privacyint/www/privacyinternational.org/modules/book/book.module).
  • Notice: Undefined index: href in theme_book_title_link() (line 342 of /home/privacyint/www/privacyinternational.org/modules/book/book.module).
Chapter: 

Inadequate explanation of anonymisation

The draft code assumes that data is either anonymised or not anonymised. In practice, there is a significant grey area between the two, where a data controller might think a data set is anonymised but an interested party will still be able to identify one or more indiviudals from the data. This kind of discussion is outside the scope of this code or this consultation response, but should be referred to emphatically.

The efficacy of an anonymisation technique also depends on the identity and prior knowledge of the interested observer. In one example given to us by an international organisation, statistical data on sexual assault victims by age group within a certain geographic area were published, and included one 'anonymised' report of a sexual assault on a minor. The community leaders were already aware of the assault and the victim's identity - but after the data was published, they learned that the victim's family had reported the incident  to the authorities, a serious taboo in the commuity in question.