Open data's Achilles heel: Re-identification

The privacy czar has floated the possibility of making re-identification of anonymised data illegal.

Governments around the globe are embracing the mantra of open data and talking up its productivity benefits, but none have so far made the re-identification of this mass of anonymised data illegal.

That's possibly because the risks of re-identification in a world of multiple open sets of anonymised data are still energetically debated.

John Edwards

The possibility of outlawing re-identification is now being discussed in New Zealand, with both the Privacy Commissioner John Edwards and a May report (PDF) from the New Zealand Data Futures Forum suggesting that legal protections against re-identification may be necessary.

Edwards told ZDNet that he is trying to look towards the future and ensure that the value in government data can be safely extracted in ways that maintain public confidence.

“One of the methods might be a prohibition on re-identification. If we did that, we would be world leaders," he said.

Similarly, the Data Futures Forum report said it is necessary to develop a "robust data-use ecosystem" and to get the rules around open data right. This should include a data council to act as guardians and advisers, and a broad review of legislation.

The report also recommended: "Specific changes to legislation in the short term to provide for mandatory proactive release, extension of information sharing beyond central government, better definition of personal data and protections against re-identification of anonymised data.

"Although there are low risks involved, robust, secure, shared infrastructure, and governance are needed for this data-use scenario to protect individuals from accidental or malicious re-identification," the report said.

It recommended three changes to the Privacy Act: Updating the definition of personal data; extending the information-sharing provisions beyond central government; and including protections against the re-identification of anonymised data.

This week, Edwards addressed the issue in a speech (PDF) to New Zealand's Ministry of Social Development.

"For example, under the [Privacy] Act, there is currently no explicit prohibition on the re-identification of data from which identifying information has been removed," he said. "It's food for thought that a prohibition of this nature could potentially increase public confidence in the safe use of 'de-identified' or 'anonymised' data.

"Similarly, further work could be undertaken on strengthening individual rights to have information about them deleted, again increasing their confidence that information provided is not necessarily available forever and able to be combined with yet-to-be-created data sets."

For Edwards, there is still a lot of work to do before changes to the law are made.

"I’m not yet convinced there is a compelling case for it, and we would need to carefully consider practicalities and implications before recommending such a step.

“At this stage, I am much encouraged by talk of an independent 'data council' to provide ethical oversight and governance as a way to proceed with caution.”

 In his submission to the Data Futures Forum, Edwards said an explicit prohibition in the Privacy Act "could usefully reassure people that they have a means of redress if they suffered harm due to them being successfully re-identified from supposedly anonymous data”.