Chapter 6. Anonymized Data
The data custodian of personal data, be it identified or pseudonymized, has options for the responsible sharing of data or analytic outputs. Determining the most suitable approach requires an evaluation of wants and needs, and can be complex depending on the use case. We have provided many tools and options to consider, including concepts from privacy engineering and requirements engineering to help drive these initiatives.
Oftentimes, however, it’s not the data custodian that is driving the design and development of anonymization pipelines, but a partner seeking to innovate from the data. The data custodian will be compensated, perhaps through new insights or features added to products and services they receive from this partner, or also by getting access to the technology or outputs of the pipeline. Either way, both parties will want assurances that the anonymization is done properly.
In previous chapters we considered identified data, and then pseudonymized data. It therefore seems natural to build a pipeline from identified to anonymized, as if data is pushed through by the data custodian, and we will consider that in this chapter. Considering it from the other direction, as if data is pulled through the pipeline by the data recipient, introduces a perspective that can actually provide new insights and methods for creating anonymized data, and we will consider that as well.
Identifiability Spectrum Revisited
Let’s start by revisiting the identifiability ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access