vviewpoints
DOI: 10.1145/1743546.1743558
Privacy and security
Myths and fallacies of “Personally
identifiable information”
The DiGiTAL eConoMy relies on the collection of personal data on an ever-increasing scale. Information about our searches, browsing history,
social relationships, medical history,
and so forth is collected and shared
with advertisers, researchers, and government agencies. This raises a number of interesting privacy issues. In
today’s data protection practices, both
in the U.S. and internationally, “
personally identifiable information” (PII)—or,
as the U.S. Health Insurance Portability
and Accountability Act (HIPAA) refers
to it, “individually identifiable” information—has become the lapis phi-losophorum of privacy. Just as medieval
alchemists were convinced a (mythical)
philosopher’s stone can transmute lead
into gold, today’s privacy practitioners
believe that records containing sensitive individual data can be “
de-identified” by removing or modifying PII.
What is Pii?
For a concept that is so pervasive in
both legal and technological discourse
any information that
distinguishes one
person from another
can be used for
re-identifying data.
on data privacy, PII is surprisingly dif-
ficult to define. One legal context is
provided by breach-notification laws.
California Senate Bill 1386 is a rep-
resentative example: its definition of
personal information includes Social
Security numbers, driver’s license
numbers, financial accounts, but not,
for example, email addresses or tele-
phone numbers. These laws were en-
acted in response to security breaches
involving customer data that could
enable identity theft. Therefore, they
focus solely on the types of data that
are commonly used for authenticating
an individual, as opposed to those that
violate privacy, that is, reveal some sen-
sitive information about an individual.
This crucial distinction is often over-
looked by designers of privacy protec-
tion technologies.
