However, computer scientists have shown they can use data that is not PII to reconstitute the associated person's identity. "There are many ways to piece data back together once you have even one type of data to work with," says Keith Carter, Adjunct Professor, The Business School of the National University of Singapore. If a brand or government acquired a list of GPS records covering one year, it could use that to learn a lot about a person or persons including their identities.
"You would easily be able to find out who they are by identifying the address they regularly come from at seven or eight in the morning. You would be able to see the school or office where they then show up. You would be able to learn where they went back to in the evening," says Carter, a speaker at the "Big Data World Asia 2013" conference.
From that, someone could get their name and address with a high degree of accuracy using a public address lookup tool. Having the family name, they could determine which family member it is by where they end up once they leave home in the morning, whether at a primary or secondary school or at a certain place of work.
But, this assumes that governments and businesses had faith in anonymization in the first place, according to Carter, who has had roles with Roles with Accenture, Goldman Sachs and Estee Lauder. There is also an assumption here that businesses and governments have spent a lot of money on something that doesn't deliver business value, Carter notes. In fact, what governments and businesses have done is to give themselves safe harbor by using deidentification/anonymization. And, even when companies don't use deidentification, the legal repercussions are a slap on the wrist, Carter confirms.
The truth is there may never be an adequate solution for Big Data privacy concerns, affordable or otherwise. There may only be solutions that protect enterprises and other entities from liability while pacifying people whose data is at risk. Unfortunately, for the individual, this means that abuses will indeed go on, regardless of the solution at hand.
Sign up for CIO Asia eNewsletters.