Blog Why anonymous data isn’t as anonymous as you think

CrazyReader

Automated Import
Staff member
de-anonymization-150x150.jpg


During an ad break, you see a commercial for a company offering cheaper health insurance. Eager to save some money, you start researching the company. Scrolling through their privacy policy, you notice a clause stating the company collects data and sells it to third parties. But this is nothing unusual. After all, the data being shared is anonymous, so your identity is safe. Right?

Perhaps not. While the data you share with companies and third parties is supposedly anonymous, it’s possible to de-anonymize the data, potentially exposing your sensitive information for anyone to see.

But before we look at data de-anonymization and how it puts your personal information at risk, let’s first take a look at what anonymous data is.

What is anonymized data?​


Companies and organizations anonymize or de-identify data about its customers’ behavior and interests by removing information that could directly be linked back to an individual. This includes names, addresses, and credit card details. Other details that could indirectly link back to you should also be removed, and these include things like your job title or medical diagnoses.

Once anonymized, this data is sent to others, either within the company or to third parties. The company that collected your data has complied with its policy of only sharing data anonymously, leaving it to be sold or otherwise disseminated within the company or to third parties.

Even the EU’s GDPR rules permit the sale of anonymized data. But, as we’ll explain later, this doesn’t mean your data can’t be linked back to you.

What is aggregate data?​


Some companies claim they only share aggregate data, which is when your data is combined with that of many other people and presented as an overall statistic. Aggregate data is considered to be better for individual privacy than anonymized data.

How is data de-anonymized?​


De-anonymization, also known as re-identification, involves cross-referencing anonymous data with other publicly available information, such as census results.

It’s surprisingly easy to take a few data points and figure out who they belong to. In the U.S., a ZIP code, gender, and date of birth are enough information to uniquely identify most people, and there are websites that let you easily test this.

In 2006, anonymous movie ratings of 500,000 Netflix users were cross-referenced with public IMDB.com ratings. For people who appeared in both datasets, there was an 84% chance of identifying that individual. This figure jumped to 99% if the data included an approximate time a user left a movie rating. Researchers found that one could infer political views and other areas of interest based on an individual’s movie ratings and Netflix viewing history.

And then there’s the dataset of 120 million unidentified households recently sold by data broker Experian—featuring 248 pieces of information per household. From what we’ve seen so far, the chance of this data remaining anonymous is slim.

How to increase your anonymity​


Becoming 100% anonymous is impossible, unless you’re willing to go full Cast Away mode and live off the grid. However, there are ways to increase your online anonymity to make it harder for others to identify you.

Avoid sharing personal information​


Of course, this is tough due to how our lives are becoming increasingly connected to the internet. However, you can still control some of your privacy by using as few online services as possible and opting out of any kind of data collection or sharing. Consider deleting accounts that you no longer use. Avoid giving out your email, phone number, address, gender, and birth date, as much as possible.

Read more: How to stop spam with anonymous email forwarding

Read privacy policies​


Being selective about which services you sign up to can help minimize who has access to your private information. Before signing up, scrutinize a company’s privacy policy for data collection and sharing practices. This even extends to which doctor you choose. The selling of patient data is a billion-dollar industry, and data de-anonymization could expose your clinical records.

Use a VPN together with Tor Browser​


A VPN increases your anonymity by allowing you to browse the internet using a different IP address. Using the Tor Browser, which is optimized for security and privacy, further enhances your anonymity.

Read more: Tor and VPN


The post Why anonymous data isn’t as anonymous as you think appeared first on Home of internet privacy.
 
Top