An Overview of De-Identification Techniques and Their Standardization Directions

Heung Youl YOUM  

IEICE TRANSACTIONS on Information and Systems   Vol.E103-D   No.7   pp.1448-1461
Publication Date: 2020/07/01
Online ISSN: 1745-1361
DOI: 10.1587/transinf.2019ICI0002
Type of Manuscript: INVITED PAPER (Special Section on Information and Communication System Security)
de-identification,  re-identification,  pseudonym,  anonymization,  standardization,  

Full Text: PDF(3.7MB)>>
Buy this Article

De-identification[1]-[5], [30]-[71] is the process that organizations can use to remove personal information from data that they collect, use, archive, and share with other organizations. It is recognized as an important tool for organizations to balance requirements between the use of data and privacy protection of personal information. Its objective is to remove the association between a set of identifying attributes and the data principal where identifying attribute is attribute in a dataset that is able to contribute to uniquely identifying a data principal within a specific operational context and data principal is entity to which data relates. This paper provides an overview of de-identification techniques including the data release models. It also describes the current standardization activities by the standardization development organizations in terms of de-identification. It suggests future standardization directions including potential future work items.