Abstract
In a context in which privacy is increasingly demanded by citizens and by various institutions, reflected in protection laws, anonymity emerges as an essential tool. Both the General Data Protection Regulation (GDPR) in the EU and the Brazilian General Data Protection Law (LGPD) provide a softer regulation for anonymised data, compared to personal data. Despite the legal advantages in their use, anonymisation tools have limits that should be considered, especially when it comes to massive data contexts. The work seeks to analyze whether anonymisation techniques can satisfactorily ensure privacy in big data environments, without taking other measures in favor of privacy. Based on two hypothetical cases, we realized that the anonymisation techniques, although well implemented, must be associated with governance techniques to avoid latent breaches of privacy. Besides that, we point out some guidelines identified in the case studies for the use of anonymous data in Big Data.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
The term is spelled with two variants: “anonymisation”, used in the European context; or “anonymization” used in the US context. We adopt in this article the European variant because the work uses the GDPR [19] as reference.
References
Brasher, E.A.: Addressing the failure of anonymization: guidance from the European union’s general data protection regulation. Colum. Bus. L. Rev. p. 209 (2018)
Brkan, M.: Do algorithms rule the world? Algorithmic decision-making and data protection in the framework of the GDPR and beyond. Int. J. Law Inf. Technol. 27(2), 91–121 (2019)
Carvalho, A.P., Canedo, E.D., Carvalho, F.P., Carvalho, P.H.P.: Anonymisation and compliance to protection data: Impacts and challenges into big data. In: 22th International Conference on Enterprise Information Systems, pp. 31–41 (2020)
Casanovas, P., De Koker, L., Mendelson, D., Watts, D.: Regulation of big data: perspectives on strategy, policy, law and privacy. Health Technol. 7(4), 335–349 (2017)
Dalla Favera, R.B., da Silva, R.L.: Cibersegurança na união europeia e no mercosul: big data e surveillance versus privacidade e proteção de dados na internet. Revista de Direito, Governança e Novas Tecnologias 2(2), 112–134 (2016)
De Mauro, A., Greco, M., Grimaldi, M.: A formal definition of big data based on its essential features. Lib. Rev. 65(3), 122–135 (2016)
Domingo-Ferrer, J.: Personal big data, GDPR and anonymization. In: Cuzzocrea, A., Greco, S., Larsen, H.L., Saccà, D., Andreasen, T., Christiansen, H. (eds.) FQAS 2019. LNCS (LNAI), vol. 11529, pp. 7–10. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-27629-4_2
Fothergill, D.B., Knight, W., Stahl, B.C., Ulnicane, I.: Responsible data governance of neuroscience big data. Front. Neuroinf. 13, 28 (2019)
Hintze, M., El Emam, K.: Comparing the benefits of pseudonymisation and anonymisation under the GDPR. J. Data Prot. Priv. 2(2), 145–158 (2018)
Jensen, M.H., Nielsen, P.A., Persson, J.S.: Managing big data analytics projects: the challenges of realizing value (2018)
Joyce, D.: Data associations and the protection of reputation online in Australia. Big Data Soc. 4(1), 2053951717709829 (2017)
Koutli, M., et al.: Secure IoT e-health applications using vicinity framework and GDPR guidelines. In: 2019 15th International Conference on Distributed Computing in Sensor Systems (DCOSS), pp. 263–270. IEEE (2019)
Lin, C., Wang, P., Song, H., Zhou, Y., Liu, Q., Wu, G.: A differential privacy protection scheme for sensitive big data in body sensor networks. Ann. Telecommun. 465–475 (2016). https://doi.org/10.1007/s12243-016-0498-7
Liu, H.: Visions of big data and the risk of privacy protection: a case study from the Taiwan health databank project. Ann. Global Health 1(81), 77–78 (2015)
Mehmood, A., Natgunanathan, I., Xiang, Y., Hua, G., Guo, S.: Protection of big data privacy. IEEE Access 4, 1821–1834 (2016)
Mustafa, U., Pflugel, E., Philip, N.: A novel privacy framework for secure m-health applications: the case of the GDPR. In: 2019 IEEE 12th International Conference on Global Security, Safety and Sustainability (ICGS3), pp. 1–9. IEEE (2019)
Pomares-Quimbaya, A., Sierra-Múnera, A., Mendoza-Mendoza, J., Malaver-Moreno, J., Carvajal, H., Moncayo, V.: Anonylitics: from a small data to a big data anonymization system for analytical projects. In: 21st International Conference on Enterprise Information Systems, pp. 61–71 (2019)
Popovich, C., Jeanson, F., Behan, B., Lefaivre, S., Shukla, A.: Big data, big responsibility! building best-practice privacy strategies into a large-scale neuroinformatics platform. Int. J. Popul. Data Sci. 1(1), 1–343 (2017)
Regulation, G.D.P.: EU data protection rules. European Commission, Accessed in October 9, 2019 (2018). https://ec.europa.eu/commission/priorities/justice-and-fundamental-rights/data-protection/2018-reform-eu-data-protection-rules_en
da República, P.: Lei geral de acesso a informação (lai). Secretaria-Geral (2011). http://www.mpf.mp.br/atuacao-tematica/sci/normas-e-legislacao/legislacao/legislacao-em-ingles/law-12.527. Accessed 4 Feb 2020
da República, P.: Lei geral de proteção de dados pessoais (LGPD). Secretaria-Geral (2018). https://www.pnm.adv.br/wp-content/uploads/2018/08/Brazilian-General-Data-Protection-Law.pdf. Accessed 19 Nov 2019
Ryan, M., Brinkley, M.: Navigating privacy in a sea of change: new data protection regulations require thoughtful analysis and incorporation into the organization’s governance model. Int. Auditor 74(3), 61–63 (2017)
Shapiro, S.: Propositional, first-order and higher-order logics: basic definitions, rules of inference, examples. Natural Language Processing and Knowledge Representation: Language for Knowledge and Knowledge for Language. AAAI Press/The MIT Press, Menlo Park, CA (1995)
Ventura, M., Coeli, C.M.: Para além da privacidade: direito à informação na saúde, proteção de dados pessoais e governança. Cadernos de Saúde Pública 34, e00106818 (2018)
Zikopoulos, P., Eaton, C., et al.: Understanding big data: analytics for enterprise class hadoop and streaming data. McGraw-Hill Osborne Media (2011)
Acknowledgments
This research work has the support of the Research SupportFoundation of the Federal District (FAPDF) research grant 05/2018.
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Carvalho, A.P., Canedo, E.D., Carvalho, F.P., Carvalho, P.H.P. (2021). Anonimisation, Impacts and Challenges into Big Data: A Case Studies. In: Filipe, J., Śmiałek, M., Brodsky, A., Hammoudi, S. (eds) Enterprise Information Systems. ICEIS 2020. Lecture Notes in Business Information Processing, vol 417. Springer, Cham. https://doi.org/10.1007/978-3-030-75418-1_1
Download citation
DOI: https://doi.org/10.1007/978-3-030-75418-1_1
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-75417-4
Online ISBN: 978-3-030-75418-1
eBook Packages: Computer ScienceComputer Science (R0)