Data privacy and security concerns have mounted in the last few years as the potential of Big Data is tapped and more effectively realized. The bits and bytes of our lives are, more now than ever before, tracked, recorded, and analyzed. And while providing insights both noteworthy and frivolous, it sometimes feels a little like we’re living in the Matrix as the information we consider personal and private is swiftly logged, categorized, and stored in colossal databases, no longer belonging solely to the individual but available to whoever is granted (or illicitly forces) access.
Though the concerns of data security and privacy are typically linked they are two separate, although equally important, matters. Data security refers to the confidentiality and protection of collected data and involves the processes which ensure data is accessed only by those with the necessary authorization. It further warrants that the data being used is both accurate and reliable. When implementing data security plans, most organizations address the obligation of collecting only the required information, securing it during storage, and destroying that which is no longer needed. Data privacy, on the other hand, is the appropriate use of data which addresses organizations only collecting and using information according to agreed purposes and conforming to the regulations of the organization, the state, and the country. Organizations that collect data against an individual’s wishes, or sell it on without first seeking consent, are obstructing data privacy.
Government organizations, healthcare providers, financial institutions, and just about every other responsible organization collecting personal data are under pressure to implement adequate privacy and security policies. Increasingly, the de-identification (also termed anonymizing in the EU) of personal data before sharing it with marketers or research institutions is occurring, but this is not a foolproof strategy. Because so much data is available from such a variety of sources, it’s possible that individuals can be identified through combinations of personal attributes.
Fujitsu Laboratories Ltd. has recently involved itself in the protection of shared personal data, and CloudTweaks discussed the issues and potential solutions with Kouichi Ito, Research Manager of Fujitsu Laboratories Ltd.’s Cyber & Data Security Project. Says Ito, “To support the safe utilization of personal data, in Japan, the Protection of Personal Information Act is being updated. While technologies for de-identification processing are an important tool towards this aim, Fujitsu Laboratories posits that robust assessments of the risks associated with the data itself are indispensable for achieving secure anonymization.”
Some experts suggest that correctly anonymizing data is, in fact, a step further than de-identifying it as it removes all of the identifiable information from data and results in an assemblage of data that no longer requires protection, but instead offers only broad-spectrum data ideal for research and analytics.
Currently developing new technology that searches anonymized data for the most easily identifiable records and indicates problematic attribute combinations with a quantified score, Fujitsu plans the practical implementation of their solution for 2017. Says Ito, “Professionals in diverse fields, including marketing and health care, have an increasing demand to utilize personal data. Fujitsu Laboratories’ hope is that our new technology, by visualizing the privacy risks of personal data, will streamline the use of secure, de-identified data, thereby facilitating the co-creation of businesses among Fujitsu’s customers.”
Thanks in part to governments recognizing the necessity of, and insisting on, high data security and privacy, organizations are working hard to mitigate the risks which characterize Big Data and the sharing of it. Few of us would deny the promise of Big Data analytics, but knowing our personal information remains private and secure makes it a far more exciting mechanism.
By Jennifer Klostermann
