call +44 20 7096 1079
February 28, 2014 | Javier Ruiz

ICO Survey on the Code of Practice on Anonymisation

The Information Commissioner's Office is asking for feedback on their Code of Practice on 'anonymisation', but the survey does not ask the right questions. We explain the issues.


The ICO survey on the Code of Practice on Anonymisation closes today.

Asking for comments and feedback on the code is a positive move, but the survey is not balanced to capture a variety of opinions. For example it asks whether the code explains the benefits of anonymisation, but not whether it explains the risks. And it doesn't.

The survey also has space for comments on the style and language of the code, but not on the content, which is surely at least as important.

The code itself is a good initiative but it falls short in certain areas. For example, some of the concepts are not properly explained.

“We draw a distinction between anonymisation techniques used to produce aggregated information, for example, and those – such as pseudonymisation – that produce anonymised data but on an individual-level basis.”

Presenting pseudonymisation – which involves converting transparent identifiers such as names into reference codes - as a proper anonymisation technique could lead to dangerous releases of personal information. In many contexts we would argue that pseudonymous data should have the same levels of protection as fully identifiable data.

In general, the code presents an excessively optimistic narrative that could encourage risks to be downplayed. The current debate on care.data is a good example of this.

The code should stress that effective anonymisation is possible, but it is hard to achieve and we should be very careful when releasing data.

google plusdeliciousdiggfacebookgooglelinkedinstumbleupontwitteremail


Comments (1)

  1. Lloyd Barrett:
    Mar 07, 2014 at 01:34 PM

    Sorry i cannot see what is wrong with the system as it is now. Simply do not share any information with anybody and stick to the principles of why the ICO was set up in the first place. By trying to hide behind Anonymisation and pseudonymisation sets a dangerous precedent and you can guarantee those making the decision wont be the ones getting hurt hurt when it all goes tit up....



This thread has been closed from taking new comments.