Also outside of perhaps the EU, are there any legal enforcement mechanisms to hold them accountable for lying about it, if an audit showed that they were?

  • MagosInformaticus@sopuli.xyz
    link
    fedilink
    English
    arrow-up
    26
    ·
    edit-2
    11 months ago

    It becomes inherently difficult to make datasets actually anonymous the more data points they have about a given individual - it doesn’t much matter whether names and such are listed data points if they can be inferred from the rest. This investigation by Svea Eckert and Andreas Dewes, for instance, managed to identify a named German member of parliament (Valerie Wilms) and other public functionaries within a data set on web browsing habits they received from data brokers.

    Most countries do have data privacy legislation and relevant regulatory/enforcement agencies, but the data brokerage business is big and intensely international so the picture on audits is kind of unavoidably complicated.

      • 1rre
        link
        fedilink
        arrow-up
        3
        ·
        11 months ago

        You’re not really missing anything, other than how easy it is for a collection of datapoints to become unique… If you had burrito Monday, spaghetti Tuesday, oatmeal Wednesday, Banana Thursday, then I doubt there’d be more than a few hundred people that match that pattern.

        Some people don’t like that because they think it’s the same as being identified by name, others don’t really care