Data Protection Act loophole risks sensitive data

A loophole in the Data Protection Act has been risking the anonymity of sensitive data for years, according to a chief privacy adviser at Microsoft

A loophole in the UK's Data Protection Act has been putting the anonymity of sensitive data at risk for years, a seminar on online privacy has heard.

The loophole in the act relating to data anonymising has already caused sensitive data to be compromised on a massive scale, according to Caspar Bowden, chief privacy adviser for Microsoft's worldwide technology office, who was speaking at a Westminster Media Forum Keynote Seminar on social media and online privacy in London.

Bowden described how a database containing information on who telephoned whom across the UK over the course of a month was exported to the US five years ago with "sham anonymisation" applied to the data, employing a process that turns each individual telephone number into a random yet consistently used number. Such a process can easily be undone, according to Bowden.

For more on this ZDNet UK-selected story, see Anonymity loophole puts UK data at risk on silicon.com.

Get the latest technology news and analysis, blogs and reviews delivered directly to your inbox with ZDNet UK's newsletters.