The Information Commissioner has announced a code of conduct setting out guidelines for the protection of privacy when dealing with large volumes of data

• More

The Guardian on large volumes of data

The Office of the Information Commissioner (ICO) has announced a new data protection code of practice, which provides advice on how to protect the privacy of individuals in the treatment database big and rich.

The public sector is the increasing use of large data and earlier this month Margaret Hodge, chairman of the Public Accounts Committee, spoke of the need for the government to improve its strategy with important data to achieve ? 33 billion of potential savings.

With the increasing use of large databases, especially those containing data on members of the public, creates a greater risk of violating an individual's right to privacy.

Although these data are anonymous, some data sets contain rich information that can be possible to identify a person through data alone unless proper precautions are taken.

The notice sets out best practices for secure anonymous data up to its name, providing even the most resolute attempts to identify an individual in a public dataset prove fruitless.

Speaking at the publication of the new Code of Practice Christopher Graham, the Information Commissioner in the UK, said:

"We posted our code of practice on the management of data protection, the risks associated with anonymity to provide a framework for professionals to use when considering the possibility of producing anonymous . The code also aims to provide greater consistency of approach and to show what is expected of organizations that use these data.

"properly anonymize personal data may result in enforcement action by the ICO. Recognize, however, that anonymous data offer considerable advantages, increasing government transparency and using widely regarded in the research community in the UK. "

Great

data are used by the world's governments through areas such as the fight against tax evasion and improve the delivery of health care.

The announcement should somewhat allay the growing collection and processing of personal data that allow individuals to be identified.

Bridget Treacy, leading to privacy in the UK and the practice of information management in the law firm Hunton & Williams, spoke about how the code will help achieve holders anonymize data at the highest level:

"Ensure that the data is properly limited, and not just" hidden "can be very difficult to achieve in practice, especially as technology is constantly evolving. Organizations are often not sure about the legal basis for the anonymization process itself and if the data can be personal data anonymous. code refers to these two questions. "

Treacy warned that the code "not legally binding" but added that "may affect performance."

The code aims to ensure that new forms and amounts of data are managed in the framework of the Act on Data Protection (DPA) 1998.

United

principles Directive on European data protection data protection does not apply to anonymous data such that the subject is no longer identifiable, essentially putting the responsibility to ensure that guarantee the fulfillment of anonymity.

The key factor here is not so

possible

for an individual to be identified, but the

probability

to carry such identification.

As such, the code sets a framework for the organization to continue to establish what level of probability, and therefore whether the DPA applies to databases that are managed.

addition anonymization process initial data to support such should consider the possibility of re-identification, the process by which a person in possession of a set of data can be combined with one or more additional database to establish the identity of an individual.

This is particularly worrying when one considers the relationship with Freedom of Information (ATI) Act as an organization is a request for access to information for deciding whether publish their data violate the DPA.

Until now, there was no obligation written by an officer of the freedom of information to consider the implications of the spread of data for use in re-IDENTIFIER in individuals of other data sets, but must now be considered.
For example, the code recommends the use of heat maps for crime mapping, which minimizes the risk that individual address individual or the crime could not be identified.

The ICO has also announced the creation of a new network anonymization United Kingdom (UKAN), led by the University of Manchester, University of Southampton, National Statistics Office and new Open Government Data Institute (ODI).

Network receive ? 15,000 of the OIC in the next two years to implement the best practices to be shared anonymously through the public and private sectors.

You can read the entire code here.