Using Differential Privacy to Define Personal, Anonymous, and Pseudonymous Data

Tao Huang; Shuyuan Zheng

doi:10.1109/ACCESS.2023.3321578

IEEE Access (Jan 2023)

Using Differential Privacy to Define Personal, Anonymous, and Pseudonymous Data

Tao Huang,
Shuyuan Zheng

Affiliations

Tao Huang: ORCiD; School of Law, City University of Hong Kong, Hong Kong, China
Shuyuan Zheng: ORCiD; Graduate School of Information Science and Technology, Osaka University, Osaka, Japan

DOI: https://doi.org/10.1109/ACCESS.2023.3321578
Journal volume & issue: Vol. 11
pp. 109225 – 109236

Abstract

Read online

Defining personal, anonymous, and pseudonymous data is a vital issue for data protection law. Current approaches adopted by legal regimes are either too absolute to be practical or too vague to be manageable. Differential privacy (DP), as a newly emergent technical tool, can help define the different categories of data by quantifiably measuring identification risks of databases. Through the selection of a privacy budget in advance, data controllers can delineate the boundaries among personal, anonymous, and pseudonymous data in an auditable and reviewable manner, as well as incorporate these definitions into the broader practice of data risk management. This article offers concrete steps for applying this approach in practice and argues that such an approach not only enhances certainty, consistency, and transparency, but also inspires a new model of interaction between law and technology. Recognizing that this approach is not perfect, the article then discusses some challenges and directions for future research.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords