Technology-based protections could make personal data impersonal.
Computerworld - In the ongoing debate over how to protect personal information, much of the attention has focused on whether - and to what degree - the government should limit the amount of personal information companies can ask for or share.
Recently however, a small group of computer scientists has been taking a different tack. They're building software tools that promise to keep names, addresses, health status and other information secret while allowing patterns to emerge within large data sets that can help predict broad social trends, buying behaviors or massive health or terrorist threats.
Some of this software has been patented and used by government agencies in the U.S.; other algorithms are several years from practical implementation. The tools may someday be used by health care providers, financial services firms and the government for collecting and using data gleaned from individuals.
Some of the existing tools enhance anonymity. For example, the Freedom browser from Zero-Knowledge Systems Inc. in Montreal prevents sending of personal information over an Internet connection without the user's consent.
Latanya Sweeney, a professor at Carnegie Mellon University
For example, researchers at the IBM Privacy Research Institute in San Jose are perfecting an approach that "randomizes" data before it's communicated. A Web business might use it to extract valuable demographic data without knowing the underlying personal data of the consumer.
A user would enter his age, salary or weight, and software would randomize it by adding or subtracting that number from a random value. The random value would differ for every user, while the range of randomization wouldn't change. The software would use the randomized values and the range of randomization to find a close approximation of the true distribution, IBM officials say. Experiments show a 5% to 10% loss in accuracy of data even when all values are randomized, says Rakesh Agrawal, an IBM researcher on the project.
Carnegie Mellon University in Pittsburgh is focusing on protecting personal information that's already public, such as voter registration information and hospital discharge data. "One of the biggest problems is that people think their data might be anonymous when it is not," says Latanya Sweeney, a computer science professor and director of the school's Laboratory for International Data Privacy.
Sweeney estimates that 87% of the U.S. population can be uniquely identified if only a date of birth, gender and five-digit ZIP code are known. "It doesn't take much to identify you," she
- Top 3 Myths about Big Data Security : Debunking common misconceptions about big data security Big data represents massive business possibilities and competitive advantage for organizations that are able to harness and use that information. But how are...
- Magic Quadrant for Data Masking Technology IBM is a leader in Gartner Inc's Magic Quadrant for Data Masking Technology. Read the full report to learn about IBM.
- Best Practices for Securing Hadoop Historically, Apache Hadoop has provided limited security capabilities. To protect sensitive data being stored and analyzed in Hadoop, security architects should use a...
- Top Tips for Securing Big Data Environments: Why Big Data Doesn't Have to Mean Big Security Challenges Organizations must come to terms with the security challenges they introduce. As big data environments ingest more data, organizations will face significant risks...
- Data Protection and Disaster Recovery with iSCSI and VMware Get this on demand webcast now
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different.... All Privacy White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!