back to article Anonymous means NO identifying element left behind – EU handbook

A new handbook on European data protection laws contains a different test from the one used by the UK's Information Commissioner's Office (ICO) for determining whether data is personal or anonymised for the purposes of data protection law. The new handbook (214-page/3.08MB PDF) has been issued jointly by the European Union …


This topic is closed for new posts.
  1. Old Man - Grey Fleece

    Always tricky

    This is a difficult balance. Some compliance departments insist on testing on anonymised data - guaranteed to either fail proper validates or fail in live when real data hits the validates (or both). The better the anonymisation the worse both problems get. If you match anonymised data to big data sets then it becomes hard to leave any value in anonymised data without it being breakable. You want Post Code for geografic analysis? then what other data won't sometimes identify individuals. Still, better have one of my favourites:

    1. Immenseness

      Re: Always tricky

      I hope the NHS are reading this before they go full tilt into the automaticlaly opted-in program that it becomes impossible to opt out of in a few weeks time.

      1. TallPaul

        Re: Always tricky

        I was just having the same thought. Even the architects behind acknowledge that jigsaw attacks provide a means on de-anonymising the data, a hole which they intend to plug by making it illegal (and that worked so well for phone hacking didn't it boys and girls ...)

    2. Vimes

      Re: Always tricky

      it becomes hard to leave any value in anonymised data

      Value for whom? Advertisers and marketers?

      You want Post Code for geografic analysis?

      Again - geographic analysis - who is this being done by? If it's done for commercial purposes by the company that has actually been selling items or services then presumably they have access to all their own sales records. This only becomes a problem when you start handing data to 3rd parties, often for questionable purposes.

  2. This Side Up

    "Data are anonymised ..."

    Seems the Europeans can write better English than most of he English!

    1. Richard Taylor 2

      Re: "Data are anonymised ..."

      Data - plural as well. Just as well the Europeans were taught properly unlike (t)he English! (or even the British)

      1. Khaptain Silver badge

        Re: "Data are anonymised ..."

        (or even the British)

        or the Americans, Canadians and Australians.

        1. frank ly

          Re: "Data are anonymised ..."

          Surely 'data' can be (and is) regarded as an 'incorporated entity' or a 'body of facts' as the dictionary puts it, and so it is correct to say 'Data is ....' If not, then you should be careful to say "The datum is ...' whenever you are referring to a single item/fact.

          1. I. Aproveofitspendingonspecificprojects

            Damned Americana

            I used to think I was alone in this use of the term. "Data is" sounds so much more natural than "data are".

            Since common usage can make a term accepted, I don't see why uncommon usage can't. So if enough advocates persist in whatever, it makes it English and should prevent all the spoilt liitle unEnglish gits getting upset and very unEnglish about things.

            1. Charles 9

              Re: Damned Americana

              I think the main justification for addressing the word "data" in the singular is because it can be considered a collective noun, much like how one can call a group or a set of things in the singular, though I recognize the rules can vary depending on location. For example, I'm quite aware that teams can frequently still be addressed in either the singular or the plural. In the end, I call it in the matter of context: singular if being addressed as a whole or collection, plural if being addressed as a multiple of datum.

    2. Charlie Clark Silver badge

      Re: "Data are anonymised ..."

      Data is / data are - both are in common use and, therefore, okay and in the dictionary. Personally, I much prefer "data is" with a partial noun "bits of data" when I want to be specific as this fits the pattern of other "uncountables": milk, spaghetti.

      1. Khaptain Silver badge

        Re: "Data are anonymised ..."

        "Data are anonymised " just doesn't roll of the tongue correctly, there are too many hard a's.

        Whereas "Data is anonymised " is far easier and therefore sounds/feels more correct.

  3. ratfox

    It's all shades of grey

    Obviously, the only way for the data to be completely anonymous is to contain no data at all. This is why these rules contain sentences like "by exercising reasonable effort" and "disproportionate amount of time, expense and effort".

    Ultimately, the limits are blurry, and you can fully expect people to get too close, get sued, and receive a half-random decision from the courts.

    But it's good that governments are getting in the business of deciding what is privacy, and what companies can do. Currently, T&Cs are designed to be as vague as possible, in order to protect companies from lawsuits. The only way to get sane limits is to have them be set by the law. (Though obviously, this is not going to stop governments from spying on us…)

    1. Charles 9

      Re: It's all shades of grey

      "Obviously, the only way for the data to be completely anonymous is to contain no data at all."

      Of course, because unique data, by definition, is identifiable in some way (otherwise it can't be distinguished and therefore cannot be unique). And as someone has mentioned before, collaboration of the data (which can even happen internally if a single company interacts with customers in different ways--no sharing required) can open the door for a jigsaw attack on data that is required for the company's services to function.

      The takeaways I get from this are (1) one cannot interact with the world on a fully anonymous basis if the interaction must in some form be two-way, as one must be able to receive a reply, (2) if one is not fully anonymous, one will eventually be fully identified due to the natural courses of business and human nature (filling in the gaps), leading to (3) against a determined and resourceful adversary, anonymity of any sort is infeasible, as they only have to be lucky once.

  4. DriveBy

    A false mask of respectability...

    The EU loves this sort of thing...

    Until it comes to the politburo (European Commission) itself... Take a quick look at the provisions of the recent Lisbon Treaty (aka EU Constitution), and you always find that the last clause in our list of "rights" (tee hee), is the bit where the EU can do what it likes.

    E.G. We have a right to free speech, unless the EU decrees that we are saying something that it doesn't like.

    We have a right to life, unless the EU decrees that we should be executed.

    And we have a right to privacy, unless the EU deems it necessary to stick its big nose into our affairs...

    1. Terry Barnes

      Re: A false mask of respectability...

      "We have a right to life, unless the EU decrees that we should be executed."

      What on earth are you talking about?

      The EU is consistently a stronger defender of the rights of people than national governments. We should applaud its efforts.

      1. DriveBy

        Re: A false mask of respectability...


        ARTICLE 2

        Right to life

        1. Everyone’s right to life shall be protected by law. No one shall be deprived of his life intentionally save in the execution of a sentence of a court following his conviction of a crime for which this penalty is provided by law.

        2. Deprivation of life shall not be regarded as inflicted in contravention of this Article when it results from the use of force which is no more than absolutely necessary:

        (a) in defence of any person from unlawful violence;

        (b) in order to effect a lawful arrest or to prevent the escape of a person lawfully detained;

        (c) in action lawfully taken for the purpose of quelling a riot or insurrection.


        Is that clear enough for you Tel?

        Particularly Clause C!

        1. Terry Barnes

          Re: A false mask of respectability...

          I'm not sure why you've posted an extract of an ECHR document as evidence to support your claims about the EU. They're different bodies.

          1. DriveBy

            Re: A false mask of respectability...

            I have posted that because under the terms of the Lisbon Treaty, (i.e. the treaty that I mentioned in my original comment), all member states have to abide by the terms of the ECHR...

            An example of this might be the knots that our so-called government got itself into last week when some of the MP's attempted to force the government to opt out of one or more provisions of the ECHR... Namely the repatriation of foreign criminals, following the end of their deliberately shortened sentences. Cameron thought that it was illegal, and he was right (for once).

            So, if they really wanted to adopt some of the daft things that Theresa May has been prattling on about, they can't, it is just window dressing.

            And it is this veneer of respectability that lead some gullible folks into believing that the EU is somehow better than the governments of the member states....

            Note that in order for a nation-state to join the EU, it has to repeal any provisions for capital punishment... So a state cannot execute people, but the EU can...

            All it has to do is organise a riot, and then shoot the participants.... There is no redress.

            The peasants are revolting...

            Jean Monnet is 126.

  5. Anonymous Coward
    Anonymous Coward

    I was under the impression that the UK hated anonimity?

  6. John Smith 19 Gold badge

    "disproportionate amount of time, expense and effort"

    That sounds like a pretty useful definition of how annonymised the data should be.

    Or IMHO very f**king annonymised indeed.

  7. Come to the Dark Side

    Does this mean that information from large systems (like Google Analytics) can no longer be tied to customer databases?

  8. Anonymous Coward

    nhs please note

    The slack jawed fuckwits at are claiming that DOB plus post code is anonymous data, and then we find out that the motherfuckers are stirring in an unique identifier, ie the NHS number!

    This all gets copied and pasted into various newspapers verbatim and everyone swans around saying oh it's anonymous, it's ok. Wait till the insurance companies, police, busybodies at the town hall, experian and all the other creepy crawly lowlife scum suckers out there get hold of the nhs number list. Or have the slimeball credit reference agencies already got it, same as they seem to get privileged access to the electoral register? Which is meant for, wake up at the ICO, elections, not snooping.

    1. Pascal Monett Silver badge

      Yeah, but

      Since you're electing the next batch of snoopers, you might as well go the whole nine yards, no ?

  9. Anonymous Coward
    Anonymous Coward

    How far does "reasonable effort" extend?

    "No element may be left in the information which could, by exercising reasonable effort, serve to re-identify the person(s) concerned."

    A MAC address identifies my laptop. An IP address identifies my broadband account. Even if everything else "personal" is stripped from some composite data item, either one of these two technical attributes can identify me. Does this mean that network logs and application logs on servers need to be stripped?

    In a "big data" world, how reasonable or practical is this guidance from the EU?

This topic is closed for new posts.

Other stories you might like