The Anatomy of Anonymity

Anonymize. That’s a word I hear often these days in terms of how businesses are managing the challenge of balancing the value proposition of Big Data against concerns of privacy. Therein lies a dichotomy of a customized experience vs. the privacy advocates.


It’s clear being able to correlate data with specific individuals has enormous value in terms of targeted marketing and user experience. So it seems businesses are faced with a combination technology and public relations challenge: use the data that is (often) freely given to improve their products and services while avoiding the appearance of knowing just a bit too much about their customers. The “creepiness” factor.

Like many, I appreciate a customized experience. The flip side of the anonymity/Big Data issue is the value consumers derive from a more customized, relevant experience. For many, it changes how we interact online. I have what I call my “clean” browser. I have an instance of Opera which I’ve configured to not save any cookies and in which I don’t log into Google, Amazon, Facebook, Twitter or any other collector of data.  This is my way of getting an un-customized internet browsing experience.

One solution being offered by businesses is anonymization of the data, stripping out personally identifiable attributes like names, addresses, and user ids to leave just the “usage” data they need. Even there, the solution is not perfect. Apple recently clarified their data retention policies in regard to Siri data (Apple Finally Reveals How Long Siri Keeps Your Data).

When it comes to anonymization, the challenge is in compliance — it’s easier to prove you ARE doing something than that you’re NOT doing something. Just because you can show you’re stripping out personal information doesn’t mean you aren’t keeping a second copy somewhere else. And even if you succeed in anonymizing the data, and can prove it, there’s no guarantee someone can’t de-anonymize it right back. Businesses need to get out in front of this issue. How they handle privacy and data will determine the level of regulation to which they may be subjected.

Will the definition of what it means to “anonymize”  be the subject of much debate over the years to come? Or has  the privacy ship already sailed and we need to come to terms with a new reality?

Note: My spell checker had problems with “anonymize,” “anonymization,” and “de-anonymize.” As of the wiriting of this post there’s not even a Wikipedia entry for “anonymize.” I expect that will change. 

This post was written as part of the IBM for Midsize Business program, which provides midsize businesses with the tools, expertise and solutions they need to become engines of a smarter planet. I’ve been compensated to contribute to this program, but the opinions expressed in this post are my own and don’t necessarily represent IBM’s positions, strategies or opinions.


Enhanced by Zemanta
  • Claims of anonymity, including those that claim they don’t collect personally identifiable information, are largely bogus. Three pieces of seemingly innocuous information I’d be willing to widely share: my first name, Jonathan; my current residence, Stamford, CT; my college: Hamilton College. There! I’ve just identified myself uniquely. I’m the only Hamilton graduate in Stamford named Jonathan. What most companies/sites are offering is the *illusion* of anonymity. If they want to identify you, they have the information.

    • That’s the crux of it, isn’t it. Too late to close the barn door, so to speak.

  • Think about the potential brand and company damage that can take place
    if an organization violates privacy/data collection laws–or at least
    social norms. To be sure, it’s true that European regulators take privacy more seriously than we do in the US.

    Despite this legislative oversight, however, cultural and business
    norms dictate that organizations at least pay lip service to privacy.

    • Thanks, Phil. Privacy is one thing. Anonymity is another. People expect the companies they share their information with to keep it private. What they don’t expect is the piecing together of supposedly anonymous data to create personal profiles.

      • I wonder if people are still expecting that after PRISM. :)

  • Pingback: Phil Simon: On Privacy, Brand Value, and Big Data()