Communications of the ACM
What Is Privacy? New Research Reveals We May Need a New Definition
A Rutgers University professor has analyzed anonymous credit card data from millions of people and found that information from just four transactions is sufficient to uniquely identify a person.
Credit: Popmatters.com
Rutgers University professor Vivek Singh has analyzed anonymous credit card data from millions of people and found that information taken from just four transactions can uniquely identify a person about 90 percent of the time.
Although removing obvious identifiers such as names, account numbers, or addresses from credit card data is required by the U.S. Privacy Act and the European Union Data Privacy Directive, the research shows it is possible to re-identify users even after removing such information.
"This finding has large implications for what we trust are private sources of information about us," Singh says. The research shows people's movements and behavior patterns uniquely identify them, and human behavior becomes unique very quickly. Singh says the research demonstrates that if "someone were to acquire simple information, such as the date, location, time, and the dollar amount of just four credit card transactions, they could re-identify 90-percent of users in sets of data that do not include any names, account numbers, home addresses, phone numbers, or other obvious identifiers."
The researchers say data scientists need to redesign the way data sets can be made anonymous to allow for analysis and scientific research while still maintaining the privacy of individuals.
From Rutgers Today
View Full Article
Abstracts Copyright © 2015 Information Inc., Bethesda, Maryland, USA
No entries found