<p><pre><code> Academic researchers have shown that anonymized data can
be correlated with other data to identify people.
</code></pre>
Very true. Just in the last year or so, the credit reporting agencies figured out how to match anonymized subprime mortgage borrower information with their own database of individual credit scores.<p><a href="http://www.equifax.com/cs7/Satellite?c=EFX_News_C&childpagename=US/EFX_News_C/PressReleasePage&cid=1187889849347&p=1182374863790&packedargs=locale%3Den_us&pagename=EFX/Wrapper" rel="nofollow">http://www.equifax.com/cs7/Satellite?c=EFX_News_C&childp...</a><p>Then they sell the joined database to hedge funds and banks (still anonymized). They that before a borrower defaults on his mortgage, he'll first max out all his credit cards. Also, late credit card payments appear within 30 days. Late mortgage payments tend to take 60 days of delinquency before blipping on any radars.<p>Fortunately it's hard to argue today that this practice is hurting anyone. In fact, some day this could help good borrowers stand out better and receive a lower interest rate.
The Wired article references the below quote from timesonline.co.uk:<p>"Industry experts said that Saga would want to maximise returns on its investment, and could still make wider use of data that some subscribers may find uncomfortable. Pooled and anonymised information, for example, could be sold to academic researchers or pharmaceutical companies."<p>Personally, I find the concern to be a little premature based on the terms of deCODE's privacy policy.<p>"deCODE will under no circumstances provide any 3’rd party, including insurance companies, health management organizations, hospitals, and government agencies, access to any of your personal data or data derived from your samples"<p>Pooled and/or anonymised information would fall under "data derived from your samples" and therefore would be a breach of the policy.
Another candidate for an 'up-front' end of life policy or a we we-destroy-your-data guarantee.<p>Imagine this companies assets get bought up by a health insurance company.<p>What is the status of a privacy policy anyway if companies as a whole can be bought and sold.