Skip to main navigationSkip to main content
The University of Southampton
Interdisciplinary Centre for Law, Internet and Culture (iCLIC)

Defining and Regulating Anonymisation Event

Time:
14:00 - 17:00
Date:
9 March 2016
Venue:
65 / 2141, Avenue Campus, University of Southampton

For more information regarding this event, please email kmo@ecs.soton.ac.uk .

Event details

Open data has been an important aspect of government policy since 2009 as a means of generating economic and social value, and of holding government to account. However, much of the demand for data is for personal data (i.e. data from which the data subject is identifiable). Yet the sharing of personal data has strong privacy and data protection implications.

The most obvious solution to the problem of leveraging the value of personal data is to transform the personal data to be shared into anonymous data. The Data Protection Directive as well as the most recent version of the General Data Protection Regulation (GDPR) seem to adopt a restrictive definition of anonymous data (anonymous in such a way that the data subject is no longer identifiable.)

Yet, much recent research has shown that, if anonymised data retains utility, then it is usually possible to reidentify people in the dataset using auxiliary data from other sources.

The issue is further complicated by the Directive combining this binary characterisation of anonymisation with the language of reasonableness (taking account of the means likely reasonably to be used to identify someone), and still further by the GDPR introducing the category of pseudonymous data to be distinguished from the category of anonymous data.

To explore these issues in the context of open data, we are holding two workshops.

The purpose of this first workshop is to address the following questions: 

  • When is it illegal to share personal data without data subjects consent?
  • How to distinguish between pseudonymous and anonymous data?
  • How to assess an anonymisation/pseudonymisation effort?
  • To what extent can anonymous data within the meaning of the Directive and the GDPR retain utility?
  • To what extent are data controllers released from data protection obligations when they anonymise personal data?
  • What should the effects of a pseudonymisation effort be? To what extent should the sharing of personal data be then possible?

The two workshops will be connected in theme, and the second will build on the outputs of the first. However, it is not necessary to attend both.
Details of the second workshop.

Numbers are strictly limited. To express an interest, please email kmo@ecs.soton.ac.uk and s.stalla-bourdillon@soton.ac.uk by 1 March 2016.

These workshops are funded by the Web Science Institute's Research Collaboration Stimulus Fund, which is allocated to the University of Southampton from the Higher Education Innovation Fund (HIEF).

Speaker information

Mr Francis Aldhouse CBE, MA, MSc, Solicitor,Southampton Law School,Visiting Research Fellow

Privacy Settings