Is your data anonymous or just encrypted?

Written by on March 2, 2015 in BillingViews, Guest Blog with 2 Comments

Businessman with bag over head working on computerThe rules on encrypting data can be something of a minefield, but are important to understand if you keep customer records.

Encryption is more relevant for customers than for service providers. If a device is stolen it is sensible that no-one can make sense of its contents. If you are sending emails about, for instance, sensitive legal cases such as child abuse, those emails should be encrypted. Encryption is useful when a human being’s ability to leave sensitive material on trains is the issue. Various laws imply the need for encryption; Directive 2002/58 is one – processing within Telecoms – says that businesses must deploy organizational and technological measures to ensure the security of the personal data. Encryption is not useful if the password to access the data is known, and unauthorized access happens because of that password. Encryption comes into play where a person hacks or gets access to the data by not entering the correct password, at this point the data remains scrambled.

Encrypted data, though, is not sufficient in many circumstances. It is reversible and therefore possible to identify the person to whom the encryption relates. Anonymisation, or masking, is something that may or may not be reversible depending on the reasons for anonymising. If the requirement is to depersonalize the data (making it outside the scope of data privacy laws), then this action must not be reversible. However, if the requirement is to anonoymise on a “need to know” basis – “design by default” as described in the pending General Data Protection Regulation, this process can be reversible, giving data access to some, but not all. In some cases partial anonymity is mandated. It may be that information used for marketing purposes needs to be anonymised, but that a certain level of executive might need to access the identify a customer in order to resolve an overpayment, for example. Access to payment information would be needed in this case.

That sounds clear enough, but, of course, it is not that simple. Many data protection laws that relate to customer data state that the data must be anonymous if you want to use the data, and do not have consent for further processing (beyond the intention of the original purpose of collection). It must be anonymous even when linked to other data that might reveal the identity of a customer. As we know, this is sometimes possible with as little as four vague pieces of information. Anonymising a street number would normally be enough, but if there are only five houses in the street, that is not.

It is also possible that regulations will insist on partial anonymisation. In Germany, for instance, the last few digits for called parties on bills may be anonymised. France had a similar law a few years ago, but for slightly different reasons.

For those customers and observers who watch, with horror or fascination, the revelations that have appeared since Snowden went public, the fact that there are laws that dictate that, at least service providers cannot identify us down to the individual.

Governments, of course, are different in that respect.

Tags: ,

About the Author

About the Author: Linda is an independent consultant, with 15 years experience in data privacy across the EU. Linda is an advocate for data privacy, with most of her experience in telecommunications and technology. Linda worked with Convergys as their Regulatory Affairs Consultant for over 10 years, responsible for the regulatory roadmap across Europe. Linda’s latests engagement have been with UL EHS Sustainability, and Asiainfo. The last 3 years have been spent with analysing the impact of the GDPR, and getting businesses ready for this new law. Linda, has a keen interest in international politics. .


If you enjoyed this article, subscribe now to receive more just like it.

Subscribe via RSS Feed

2 Reader Comments

Trackback URL Comments RSS Feed

  1. Michael Wright says:

    I’m not sure I agree with this statement: “Encryption comes into play where a person hacks or gets access to the data by not entering the correct password, at this point the data becomes scrambled.”

    If the data is encrypted, then the human readable text (cipher-text) is always “scrambled” and only becomes unscrambled or readable when the right key is entered and the cipher-text is presented as normal-text.

    Maybe change the word “becomes” to “remains”…

  2. Linda French says:

    Yes that is right Michael, it’s a typo, and will be amended. Thank you for spotting it. Linda

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.