De-identification

De-identification

One key method for ensuring privacy while processing large amounts of data is de-identification.

De-identified data refers to data through which a link to a particular individual cannot be established. This often involves “scrubbing” the identifiable elements of personal data, making it “safe” in privacy terms while attempting to retain its commercial and scientific value.

In legal terms, the criteria for de-identified data remain vague. The Health Insurance Portability and Accountability Act defines data as de-identified if it “does not identify an individual and with respect to which there is no reasonable basis to believe that the information can be used to identify an individual is not individually identifiable health information.” In its recent report, the FTC gave recommendations to help assess whether data should be considered identifiable. However, best practices have not been identified and industry practices vary widely.

The Future of Privacy Forum held a conference on December 5, 2011 to begin addressing this issue. Our goal is to facilitate the development of safe de-identification practices for data sets that extend beyond the health-care sector.

Future of Privacy Forum “De-ID Project”

The De-ID project will focus on several aspects of the de-identification landscape, including de-identification technologies, real-world applications, and existing/future legal frameworks.

FPF’s first task will be to establish a De-ID working group composed of privacy advocates, industry stakeholders, consumer groups, academics, and policymakers. The working group will focus on

identifying current applications of de-identification in diverse sectors with the goal of identifying current leading practices. FPF will rely on the “De-ID” working group’s expertise throughout this project. FPF will also look to identify potential areas for improvement within the existing de-identification landscape.

FPF will also publish a number of use cases that illustrate reasonable steps for de-identification with various types of data sets.  This portion of the project will serve to examine the range of de-identification processes and the technology available to de-identify data.

A working premise of the project assumes that legal and policy commitments are a critical part of the de-identification discussion. As such FPF will seek to frame the levels of technical de-identification with the legal and policy commitments that may be needed.

FPF’s twelve month “De-ID” project will culminate with a conference where the project’s use cases, policy paper, and working group findings will be presented to stakeholders and policymakers. FPF’s goal is to use the evidence produced throughout the project to help inform future policy and “best practices” discussions. While the main corpus of De-identification policy is currently found in the Health-Care field, FPF aims to broaden de-identification dialogues to include other sectors that rely on personal data.

FPF De-identification Project LinkedIn Page

Privacy Calendar

Apr
22
Tue
10:00 am Privacy Principles in the Era of Massive Data @ Georgetown Law Center
Privacy Principles in the Era of… @ Georgetown Law Center
Apr 22 @ 10:00 am – 12:00 pm
Experts from the public and private sectors will join public policy experts from the Georgetown University McCourt School of Public Policy and privacy law experts [...]
Apr
24
Thu
all-day 6th Biannual International Surveillance & Society Conference
6th Biannual International Surve…
Apr 24 – Apr 25 all-day
The 6th Biannual International Surveillance & Society conference hosted by the University of Barcelona and supported by the Surveillance Studies Network is currently calling for [...]
12:00 pm Data Privacy in Education: Ensuring Student Security while Encouraging Innovation in K-12 Education @ Rayburn House Office Building, Room B-354
Data Privacy in Education: Ensur… @ Rayburn House Office Building, Room B-354
Apr 24 @ 12:00 pm – 1:00 pm
The Congressional E-Learning Caucus in cooperation with Into and the National Coalition for Technology in Education and Training presents a luncheon to discuss “Data Privacy [...]
Apr
29
Tue
all-day IAPP Europe Data Protection Intensive 2014
IAPP Europe Data Protection Inte…
Apr 29 – May 1 all-day
The IAPP Europe Data Protection Intensive features timely programming centred on the top issues impacting the European data protection community, with a focus on addressing [...]
Apr
30
Wed
5:30 pm InSecurity: Race, Surveillance and Privacy in the Digital Age @ New America Foundation
InSecurity: Race, Surveillance a… @ New America Foundation
Apr 30 @ 5:30 pm – 7:30 pm
Now more than ever, digital tools sit at a precarious tipping point, and many question whether they will be used to address pre-existing disparities, [...]
May
7
Wed
all-day IAPP Canada Privacy Symposium 2014
IAPP Canada Privacy Symposium 2014
May 7 – May 9 all-day
The IAPP Canada Privacy Symposium is the leading conference for education, debate and discussion of issues that matter most to Canadian privacy and data protection [...]
Jun
5
Thu
all-day Privacy Law Scholars Conference (7th Annual) @ The George Washington School of Law
Privacy Law Scholars Conference … @ The George Washington School of Law
Jun 5 – Jun 6 all-day
  UC Berkeley School of Law and The George Washington University Law School will be holding the seventh annual Privacy Law Scholars Conference (PLSC) on [...]
Jun
8
Sun
all-day Computers, Freedom, and Privacy 2014 Conference @ Airlie Center
Computers, Freedom, and Privacy … @ Airlie Center
Jun 8 – Jun 10 all-day
Mark your calendars! The 2014 Computers, Freedom, and Privacy Conference will be held June 8-10 at the Airlie Center in Warrenton, Virginia. The Airlie Center [...]

View Calendar