De-identified data probably isn’t

Back to the program


Title: De-identified data probably isn’t

Speaker: Vanessa Teague, Thinking Cybersecurity and the Australian National University

For the Talk slides Please click here

Date: September 07, Monday

Time: 10:20 – 11:20 (Israel time UTC+03:00)
08:20 – 09:20 (UK UTC+01:00)
03:20 – 04:20 (EDT UTC-04:00)
17:20 – 18:20 (AEST UTC+10:00)

Abstract: Cynthia Dwork wrote many years ago, “De-identified data isn’t, and the culprit is auxiliary information.”  This simple lesson nevertheless seems to be lost on numerous private and public entities that are entrusted with other people’s sensitive data. This talk will be an unsophisticated look at just how easy it is to re-identify detailed individual unit-records.  Using nothing more than basic searches through Google, Twitter, and Facebook, I’ll explain how Chris Culnane, Ben Rubinstein and I re-identified ‘de-identified’ medical and transport records of Australian state and federal politicians.  The only surprising thing about this is that people who share other people’s ‘de-identified’ individual records continue to pretend to be surprised when they are easily re-identified.

Short Bio: My name is Vanessa Teague. I’m a cryptographer living and working on Wurundjeri land in Southeastern Australia (near Melbourne). I am interested in cryptographic protocols that support a free and democratic society. I work on openly-available research and open source software for supporting democratic decisionmaking and empowering ordinary people to make choices about their own data.