ANONYMISATION: A STRANGE CASE OF IDENTITY THEFT
By: Carole Lucock
September 20, 2005
Often the ID Trail Mix presents an opinion or editorial on a specific topic. In this piece I’ve taken a slightly different approach by raising two questions that have received very little attention in the literature. I hope to highlight the fact that there are questions to be asked as well as to generate discussion. My own thoughts will be forthcoming in an upcoming paper that analyses the issues in some depth.
The use of information in anonymised form is increasingly represented and understood as a win-win privacy/access solution. On this account, those seeking access get what they need – namely, the information. At the same time, the ‘data subject’s’ privacy is not diminished. In fact, his or her privacy right or interest, is not engaged, much less infringed.
There are many questions raised by this touted solution: How shall we interpret the meaning of the term ‘anonymous’, or ‘anonymised’? What operational definitions shall we assume? To what standard shall we assess whether information has been rendered anonymous? Anonymous with respect to whom – to everyone and anyone – or only to some?
However before getting to these questions, first the assumption that if information is anonymous, then the person has no privacy right or confidentiality interest with respect to this information must be carefully examined. Implicit in this assumption is the idea that, once information has been anonymised – its link to the subject of the information (supposedly) severed – the subject no longer has a privacy or other right in the information. It is premised on the notion that anonymised information is no longer private, confidential or under a duty of confidentiality.
The “no longer” is important. It indicates that the subject did at some point have a privacy right or confidentiality interest with respect to the information, which becomes erased with the erasure of identity. To say that one no longer holds a privacy right or interest may be to say too much. However, something peculiar is going on here, and the assumption that nothing is here lost for privacy is no less dubious, and perhaps even more so.
To examine these assumptions it is important to focus on the anonymisation of information. This process or act, for the most part, is hidden in the shadow land and barely noticed at all. It occurs between two points in time and in virtue of this act or process, between one time and another – a before and after – information goes from being identifiable to being not so. Another thing also seems to happen between these two points in time: at one point the subject has rights in the information and at the following point s/he does not.
Thus, the act of anonymisation not only transforms the information. It also transforms the nature of the subject’s relationship to it! Along with the removal of identity, the information loses or is stripped of the character of being under the jurisdiction of the person to whom the information originally attached. Given this significant consequence, does or should the scope of the rights that a person has in information prior to anonymisation include the right to control whether the act of anonymisation is undertaken at all? A second, related, question is whether a person does or should have continuing rights with respect to his or her anonymised information?