Unveil the Privacy Threat – that’s how we named the Game Jam (October 7, 2017) we’re going to host together with the Alexander von Humboldt Institute for Internet and Society – will be fun and serious. And we want you to be part of it.
We will present to you three different use cases with a direct connection to data security and privacy by design. We have invited prominent experts to talk about the importance of data privacy, advise and inspire the participants of the Game Jam. What are the use cases, who are the experts? This is use case No 3.
Use case 3: Unraveling the anonymity paradox!
What sounds like the title of a 60′s psycho thriller B-Movie for mathematicians is in fact a modern day horror story. Here’s why.
If personal information were anonymized, all our privacy concerns would be gone! But what does “anonymized” mean?
This question is one of the hardest to resolve in the privacy debate. At present, privacy experts are grappling with the paradox that – in the big data era – there is no anonymous data anymore.
All data can always be related to an individual by means of data analysis technologies. The reason for this is that data is only considered “anonymized” if it cannot be related to an identified or even to an identifiable individual.
In order to understand this paradox, imagine this:
More than three million Berlin citizens – and another million tourists – are carrying around their personal devices every single day. There’s a Berlin-wide wifi system, which is publicly available for all people who have switched on their devices’ wifi by default. This wifi system collects the movement data of all these devices over a longer period of time.
Guess how useful this data would be for urban traffic management and many other innovations. But wouldn’t it be creepy if this data could also be misused against an individual later on?
This data is thus anonymized in order to mitigate these risks. In the process all personal identifiers (i.e. the MAC address and IMEI) of the devices captured by the wifi system – which could in principle lead to an identification of the owner or even carrier of a device – are “hashed” (i.e. substituted by a specific hash value for each identifier).
This hash value does not per se contain information referring to the owner or carrier of the device. However, it is still possible to capture the device’s movement pattern by referring to this hash. This movement pattern becomes more and more precise over time.
A person who gets access to that movement pattern (e.g. an employee of the provider of the wifi system or another data-driven company) might suddenly discover that this device must be owned by somebody he knows very well.
The reason for this is that this device “leaves” the building where he lives at the same time every morning and “moves” to an address where only lawyers work: In terms of probability, that person must be his wife!
This risk of re-identification of “anonymized” data exists generally, where it is combined with further information.
It is hard to say which information will be added and hard to say what the consequences of an identification are. It is hard to say under which conditions this risk is low enough in order to be socially acceptable.
The goal of this use case is to develop an engaging game concept that helps people to understand the anonymity paradox. One target group are people working in companies specifically dealing with anonymized data (e.g. such as the provider of the wifi system described).
Want to join the Unveil the Privacy Threat Game Jam on October 7, 2017 in Berlin? Register here for free.
The best game idea will be awarded by an expert jury with an exciting prize – a weekend trip to London for the whole winning team including a visit of The Crystal, the world’s largest museum on the future of (smart) cities – sponsored by Siemens. Furthermore, amongst all participants, we give away two one-year-memberships of Adobe Creative Cloud sponsored by Adobe.*
*without possibility of recourse to legal action
Text by Max von Grafenstein