(I know this is pie-in-the-sky thinking but...) The issue with the personally identifying information is that... well, it identifies a person.
However, we don't necessarily want to identify that person, just confirm that record A and record B refer to the same person. Couldn't we take a hash (with appropriate salt etc) of the personally identifying information to permit these comparisons, without providing actual identifying information? Addresses can be normalised to whatever Royal Mail believes it should be. Names are harder, and more mutable - surname changes mess up most systems - but could potentially have different hashes (surname / surname + forename / surname + all names) to allow for partial matches. (We could salt it with further information - perhaps address? - to avoid 'SMITH' being the encoding for the most common surname hash.) There could even be a system to convert hashes from one system to hashes in another system, but not necessarily vice-versa. This doesn't necessarily solve the underlying problem, but might go some way to finding middle ground. _______________________________________________ developers-public mailing list [email protected] https://secure.mysociety.org/admin/lists/mailman/listinfo/developers-public Unsubscribe: https://secure.mysociety.org/admin/lists/mailman/options/developers-public/archive%40mail-archive.com
