"Paul Bernal (LAW)" writes: > I've just come across this paper: "The 'Re-Identification' of Governor > William Weld's Medical Information: A Critical Re-Examination of > Health Data Identification Risks and Privacy Protections, Then and > Now" > > It can be downloaded here: > > http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2076397
It's weird. While reading this thread, I could've sworn that the author completely missed Paul Ohm's amazing "Broken Promises of Privacy" [0], but flipping (very quickly) through the paper, he refers to it, while seeming to have completely missed the point (or maybe I'm just a fanboy?). The thing is that each piece of data can (probabilistically) lead you to the next, much as a detective follows clues in a murder mystery. In the case of a specific target, the job gets easier as more data are acquired (as others have mentioned, perfect deanonymization isn't usually necessary). See the EFF's Panopticlick [1] for an idea of the numbers. I won't address more generalized population de-anonymization because I don't understand the problem/numbers as well. If you haven't read Paul Ohm's paper yet, you should. It's long, but that's mostly because it's incredibly well explained. Nick 0: http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1450006 1: http://panopticlick.eff.org/
-- Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
