When “Anonymous,” Isn’t
Privacy Plus+
Privacy, Technology and Perspective
When “Anonymous,” Isn’t. Recently, priest was outed as gay by a Catholic news outlet, called the Pillar, using “an analysis of app data signals correlated to [the priest’s] mobile device show[ing] the priest…visited gay bars and private residences while using a location-based hookup app in numerous cities...” A link to the Pillar’s article, which includes that quote follows:
https://www.pillarcatholic.com/p/pillar-investigates-usccb-gen-sec
Where being gay is punishable by death in some places in the world, this story about the consequences of mishandling data deserves a strong spotlight, especially where it has been reported that such data was anonymized data that was sold then linked back to the priest. For more on that story, you can click on this link to Recode:
Data anonymization and pseudonymization are typically considered privacy enhancing techniques. Both have been long criticized by computer scientists and others for not delivering what each promises — de-identified data. For an example of such criticism, click on the following link to a 2014 article on the subject:
https://www.cs.princeton.edu/~arvindn/publications/no-silver-bullet-de-identification.pdf
Still, the Big Data industrial complex continues to rely on aggregated anonymized and pseudonymized data to power analytics tools and deliver advertising content, among other things. Moreover, even presumably sophisticated regulators, like those in the EU, author laws, like the EU’s General Data Protection Regulation, which exempt anonymized data and pseudonymized data, from regulation.
Location data clearly is a fraught issue in this context, and we have previously written about how location data is “raided, traded, weaponized and commoditized.” That post is available by clicking on the link that follows:
https://www.hoschmorris.com/privacy-plus-news/your-location-data
As stated in the 2014 Princeton article linked to above, “[t]here is no known effective method to anonymize location data, and no evidence that it’s meaningfully achievable.”
Hence, a conundrum exists:
In this day and age when technology makes it easy to re-identify anonymized and pseudonymized data, what laws will restrict how that data is used, who can access it, how those third parties can use it or who they can sell it to or share it with, if not privacy laws?
This question needs to be answered sooner rather than later.
---
Hosch & Morris, PLLC is a boutique law firm dedicated to data privacy and protection, cybersecurity, the Internet and technology. Open the Future℠.