Website data leaks pose greater risks than most people realize

Most companies still don’t know what anonymization means and confuse anonymized with pseudonymized or masked data.<p>Part of the problem is that there are still no good criteria available to define anonymity. Concepts like differential privacy are a step in the right direction but they still provide room for error, and in many cases they are either too restrictive (transformed data is not useful anymore) or too lax (transformed data is useful but can be easily re-identified).

Differential privacy provides a system that can allow the sharing of databases without allowing an external observer to determine if a particular individual was included.<p>If companies were required to aggregate information in this way and throw away their logs, perhaps leaks would be much less risky for their users.<p>Today this might seem far-fetched, but it could come to pass in the future, when people raised in this environment and able to understand the implications and technical aspects come to political power.<p><a href="https:&#x2F;&#x2F;www.cis.upenn.edu&#x2F;~aaroth&#x2F;privacybook.html" rel="nofollow">https:&#x2F;&#x2F;www.cis.upenn.edu&#x2F;~aaroth&#x2F;privacybook.html</a><p><a href="https:&#x2F;&#x2F;en.wikipedia.org&#x2F;wiki&#x2F;Differential_privacy" rel="nofollow">https:&#x2F;&#x2F;en.wikipedia.org&#x2F;wiki&#x2F;Differential_privacy</a>

I&#x27;ve considered how I would like E.G. GPS &#x2F; driving apps to anonymize data.<p>For freeways, lots of small segments, and fuzzing of timestamps to co-mingle users. Where there&#x27;s a stoplight snap the intersection cross-time to the green light (guess) for anyone in the queue.<p>The anonymity would come from breaking up both requests and observed telemetry to fragments too small to tie back to a single user or session (and thus form a pattern; I hope).<p>Do NOT record end-times, only an intended route. Do NOT associate that movement to any particular user or persistent session (ideally in memory on the mobile device only, not saved: though it could save favorite routes locally). Packages of transition times between various freeway exits would generally help add to anonymity.<p>That would also be part of generally improving the UI for the user. The application on the device should be making most of the decisions, by asking about the traffic in a given region on a grid. I also want it to show me (the driver) the data (heatmap) on the rejected routes so I know what isn&#x27;t a good option.

Largely true, but there are HHS rules and guidelines that are accepted in the US healthcare space:<p><a href="https:&#x2F;&#x2F;www.hhs.gov&#x2F;hipaa&#x2F;for-professionals&#x2F;privacy&#x2F;special-topics&#x2F;de-identification&#x2F;index.html" rel="nofollow">https:&#x2F;&#x2F;www.hhs.gov&#x2F;hipaa&#x2F;for-professionals&#x2F;privacy&#x2F;special-...</a>

The title refers to <i>claims by marketing companies</i> that they have appropriately anonymised the data, and is not an attack on the concept of anonymisation itself.

What does &quot;computer science concentrator&quot; or &quot;statistics concentrator&quot; mean? It&#x27;s a first time I see such a title (?)

Students have found data enrichment techniques exist and can be effectively applied to breach datasets. Good for them.

I think this should be sent to the government officials that they were able to find in their research, it might get them to wake up and stop treating it so lightly.

Relevant XKCD: <a href="https:&#x2F;&#x2F;xkcd.com&#x2F;792&#x2F;" rel="nofollow">https:&#x2F;&#x2F;xkcd.com&#x2F;792&#x2F;</a>

Is it just data leaks? How about Google&#x27;s reports on how busy a certain area is (restaurants, malls)? That is pretty much telling a potential terrorist the optimal time to target an area. We leak data everywhere, and all we need is a single bad actor to utilize it for a catastrophe to occur.