Data Protection Act loophole risks sensitive data

A loophole in the Data Protection Act has been risking the anonymity of sensitive data for years, according to a chief privacy adviser at Microsoft

A loophole in the UK's Data Protection Act has been putting the anonymity of sensitive data at risk for years, a seminar on online privacy has heard.

The loophole in the act relating to data anonymising has already caused sensitive data to be compromised on a massive scale, according to Caspar Bowden, chief privacy adviser for Microsoft's worldwide technology office, who was speaking at a Westminster Media Forum Keynote Seminar on social media and online privacy in London.

Bowden described how a database containing information on who telephoned whom across the UK over the course of a month was exported to the US five years ago with "sham anonymisation" applied to the data, employing a process that turns each individual telephone number into a random yet consistently used number. Such a process can easily be undone, according to Bowden.

For more on this ZDNet UK-selected story, see Anonymity loophole puts UK data at risk on

Get the latest technology news and analysis, blogs and reviews delivered directly to your inbox with ZDNet UK's newsletters.