Kieron O'Hara
Data anonymisation
Books relating to Data anonymisation
The De-Identification Decision-Making Framework
The De-Identification Decision-Making Framework is an adaptation to the Australian context of the
UK resource The Anonymisation Decision-Making Framework, and is the result of a close
collaboration of CSIRO and the Office of the Australian Information Commissioner, with input from
the Australian Bureau of Statistics and the Australian Institute of Health and Welfare. The
adaptation has required revisions due to differences in the legal frameworks, the use of Australian
examples and terminology, and minimal additional changes.
The Anonymisation Decision-Making Framework
The ADF provides a way of thinking about anonymisation and the reuse of personal data that breaks out of the constraints of overly technical or overly legal framings of the problem. Effectively anonymising data whilst still remaining compliant with GDPR is possible, given a suitable framework and set of tools. GDPR is intended to facilitate proper and appropriate data sharing and reuse as well as protecting data subjects. The ADF provides a mechanism for realising both of these ambitions.
Articles relating to Data anonymisation
Functional anonymisation: personal data and the data environment
Computer Law and Security Review, 34(2), 204-221
2018
Co-authors: Mark Elliot, Charles Raab, Christine M. O'Keefe, Elaine Mackey, Chris Dibben, Heather Gowans, Kingsley Purdam, Karen Mc Cullagh
Themes: Data anonymisation
Category: Journal article, Peer reviewed
Anonymisation of personal data has a long history stemming from the expansion of the types of data products routinely provided by National Statistical Institutes. Variants on anonymisation have received serious criticism reinforced by much-publicised apparent failures. We argue that both the operators of such schemes and their critics have become confused by being overly focused on the properties of the data itself. We claim that, far from being able to determine whether data is anonymous (and therefore non-personal) by looking at the data alone, any anonymisation technique worthy of the name must take account of not only the data but also its environment.
This paper proposes an alternative formulation called functional anonymisation that focuses on the relationship between the data and the environment within which the data exists (the data environment). We provide a formulation for describing the relationship between the data and its environment that links the legal notion of personal data with the statistical notion of disclosure control. Anonymisation, properly conceived and effectively conducted, can be a critical part of the toolkit of the privacy-respecting data controller and the wider remit of providing accurate and usable data.
Read the article