Litcius/Paper detail

Misconceptions in Privacy Protection and Regulation

Chris Culnane, Kobi Leins

2020Law in context22 citationsDOIOpen Access PDF

Abstract

Privacy protection legislation and policy is heavily dependent on the notion of de-identification. Repeated examples of its failure in real-world use have had little impact on the popularity of its usage in policy and legislation. In this paper we will examine some of the misconceptions that have occurred to attempt to explain why, in spite of all the evidence, we continue to rely on a technique that has been shown not to work, and further, which is purported to protect privacy when it clearly does not. With a particular focus on Australia, we shall look at how misconceptions regarding de-identification are perpetuated. We highlight that continuing to discuss the fiction of de-identified data as a form of privacy actively undermines privacy and privacy norms. Further, we note that ‘de-identification of data’ should not be presented as a form of privacy protection by policy makers, and that greater legislative protections of privacy are urgently needed given the volumes of data being collected, connected and mined.

Topics & Concepts

Privacy policyLegislationPopularityIdentification (biology)Internet privacyInformation privacyPrivacy by DesignPrivacy lawLegislatureData Protection Act 1998Information privacy lawPrivacy laws of the United StatesPrivacy softwareWork (physics)BusinessPublishingPolitical scienceComputer scienceLawEngineeringBiologyBotanyMechanical engineeringPrivacy-Preserving Technologies in DataPrivacy, Security, and Data ProtectionCOVID-19 Digital Contact Tracing