Personal information can be routinely de-identified before it is used or disclosed for a wide range of purposes, such as research, where it is not necessary to know the identity of individuals. Recently, however, the practice of de-identification as an effective tool to protect privacy has been challenged by those who claim it is possible to re-identify individuals from seemingly anonymous data. Today's report refutes this position, and further validates that anonymizing data is a reliable, safe and practical way to protect personal information.
Launched at the University of Alberta's National Access and Privacy Conference, the new paper entitled,"Dispelling the Myths Surrounding De-Identification: Anonymization Remains a Strong Tool for Protecting Privacy," shows that the re-identification of properly de-identified information is not, in fact, an easy or trivial task, and rather requires concerted effort on the part of skilled technicians. De-identification is a vital first step in protecting privacy, by drastically reducing the risk that personal information will be used or disclosed for unauthorized or malicious purposes.
"Not only does de-identification protect individual privacy, it also enables the valuable use of information for authorized secondary purposes, such as health research, which benefits not only individuals but society as a whole. This enables the shift from a zero-sum paradigm to a positive-sum paradigm, a key principle of Privacy by Design," says Commissioner Cavoukian.
"De-identification techniques are gaining serious traction and Canadians are leading this conversation abroad," adds Dr. El Emam. "Collaborating with the Commissioner's Office to compile this report is an important achievement. Privacy topics get a lot of attention only when something goes wrong. Today we are sending a positive message that personal information can get protected and utilized for good reasons, in the safest way possible."
Explore further: Cyber risks for those with heads in the cloud