In Singapore, the Government launched an app using short-distance Bluetooth signals to connect one phone using the app with another user who is close by. It stores detailed records on a user's phone for 21 days decrypt the data if there is a public health risk related to an individual's movements.
China used a similar method to track a person's health status and to control movement in cities with high numbers of coronavirus cases. Individuals had to use the app and share their status to be able to access public transportation.
The keys to addressing privacy concerns about high-tech surveillance by the state is de-identifying the data and giving individuals control over their own data. Personal details that may reveal your identity such as a user's name should not be collected or should be protected with access to be granted for only specific health purposes, and data should be deleted after its specific use is no longer needed.
We will discuss how to protect privacy sensitive data that is collected to control the coronavirus outbreak.
3. 3
1. Founder of ULFMATTSSON.COM
2. Head of Innovation at TokenEx
3. Chief Technology Officer at
• Protegrity
• Atlantic BT
• Compliance Engineering
4. Architect & Developer at IBM Research and Development
5. Inventor of more than 70 awarded US Patents
6. Products and Services
• Data Encryption, Tokenization, and Data Discovery
• Security and Privacy Benchmarking/Gap-analysis for Financial Industry
• Managed Security Services, and Security Operation Centers
• Cloud Application Security Brokers, and Web Application Firewalls
• Robotics and Applications in Manufacturing
Ulf Mattsson
6. 6
How smart city tech is being used to control the coronavirus outbreak
https://www.techrepublic.com/article/how-smart-city-tech-is-being-used-to-control-the-coronavirus-outbreak/?ftag=COS-05-
10aaa0g&taid=5e8256ee9a7fcd0001c497db&utm_campaign=trueAnthem:+Twitter+Card&utm_medium=trueAnthemCard&utm_source=twitterCard
In Singapore, the Government Technology Agency of Singapore launched TraceTogether on March 20 in
collaboration with the Ministry of Health.
• The TraceTogether app uses short-distance Bluetooth signals to connect one phone using the app with another
user who is close by.
• It stores detailed records on a user's phone for 21 days but does not include location data.
• Authorities have said they will decrypt the data if there is a public health risk related to an individual's
movements.
China used a similar method to track a person's health status and to control movement in cities with high numbers
of coronavirus cases.
• Individuals had to use the app and share their status to be able to access public transportation.
David Heyman, founder and CEO of Smart City Works said that the keys to addressing privacy concerns about high-
tech surveillance by the state is anonymizing the data and giving individuals as much control over their own data as
possible.
• "Personal details that may reveal your identity such as a user's name should not be collected or should be
encrypted with access to be granted for only specific health purposes, and data should be deleted after its
specific use is no longer needed," he said.
7. 7https://www.scmagazineuk.com/uk-plans-its-own-covid-contact-tracing-app/article/1680268
The plan operates on the idea that people with suspected Coronavirus symptoms
will be able to declare their status in the app through a confirmation key.
The central database connected to the app will send a yellow alert to all users
who have recently been close to the suspected patient for an extended period of
time, said the report.
Once a medical test confirms the infection, then a red alert will be sent,
suggesting the other users go into self-quarantine.
Moore, cyber-security specialist at ESET:
“As with any account online, you should always think about submitting the least amount of personal data as possible. It is vital
to hold onto your own private information as it is becoming the most valuable currency of current times,” he said.
“Cyber-criminals are constantly attempting to poach private information from dormant accounts, so although this may seem
like a good idea presently, many people never delete their accounts. making this data easily targeted in future attacks. It is
vital to be sure to delete accounts you don’t use anymore.”
If the public accepts this intrusive use of personal data for health reasons in an emergency, would they become desensitised
to the UK government using data for crime prevention, to monitor large crowds at events or even to replace the national
census – due in 2021, asked Toni Vitale, head of data protection at JMW Solicitors.
"In some parts of the world – including China and Hong Kong – such tracking is already taking place. However, the European
Union and the UK are likely to be more cautious with this approach," he said.
8. 8
https://www.irishtimes.com/news/world/europe/digital-tyranny-french-covid-19-tracing-app-faces-battle-for-acceptance-
1.4232756#.Xp15CMOluxM.twitter
European governments are more reluctant than their Asian
counterparts to use technology to determine a user’s location
French commentators interpret this as greater willingness in Asian societies to sacrifice individual freedoms for the
collective good.
“No one will have access to a list of contaminated people, and it will be impossible to know who has contaminated whom”
Instead of a mobile’s GPS (global positioning system), the French app would rely solely on Bluetooth technology that
enables a smartphone to record the numbers of nearby phones.
When a person is diagnosed with Covid-19, their phone will transmit anonymised warnings to phones that have been in
the same area.
Apple and Google are co-operating on technology to make iPhones and Android phones compatible for the Bluetooth app.
9. 9
https://www.isaca.org/resources/news-and-trends/isaca-now-blog/2020/privacy-and-respect-under-covid-
19?cid=sm_2003883&Appeal=sm&utm_campaign=ISACA+Main&utm_content=1586970061&utm_medium=social&utm_source=twitter
Personal location data as a means to track COVID-19, and more?
This March, US President Donald Trump entered discussions with tech companies about how Americans’ mobile location data
could be used to track COVID-19, barely a few months after the New York Times highlighted how US telecommunication
companies already share highly detailed individual location data for commercial gain.
The government’s desire to track its citizens’ location – ostensibly in the context only of COVID-19 – is not only happening in
the US, it is also happening in several other countries. The concern is about the impact of this is on “civil liberties,” especially
if the efforts are sustained and even extended beyond the pandemic, and without the knowledge of Americans.
Overall, what mechanisms will be available to hold these governments to account for the surveillance, and the supposedly
temporary, emergency breach of privacy, once the pandemic is over?
10. 10
http://dataprotection.link/Zn1Uk#https://www.wsj.com/articles/coronavirus-paves-way-for-new-age-of-digital-surveillance-11586963028
American officials are drawing cellphone location data from mobile advertising firms to track the presence of crowds—but
not individuals. Apple Inc. and Alphabet Inc.’s Google recently announced plans to launch a voluntary app that health officials
can use to reverse-engineer sickened patients’ recent whereabouts—provided they agree to provide such information.
European nations monitor citizen
movement by tapping
telecommunications data that they say
conceals individuals’ identities.
The extent of tracking hinges on a series of tough choices: Make it voluntary or mandatory? Collect personal or anonymized
data? Disclose information publicly or privately?
In Western Australia, lawmakers approved a bill last month to install surveillance gadgets in people’s homes to monitor those
placed under quarantine. Authorities in Hong Kong and India are using geofencing that draws virtual fences around
quarantine zones. They monitor digital signals from smartphone or wristbands to deter rule breakers and nab offenders, who
can be sent to jail. Japan’s most popular messaging app beams health-status questions to its users on behalf of the
government.
11. 11https://apnews.com/7f420983dfca013baf0914714c95272a
Aiming to take the tracing approach to a new scale are tech giants Apple and Google, which are jointly working to build
smartphone technology that alerts users if they shared a park bench or grocery store aisle with a stranger later found to be
infected with the virus. Unlike the more invasive location-tracking methods attempted by some governments, the Apple-
Google approach uses Bluetooth beacons to detect physical proximity and encrypted keys to maintain people’s anonymity.
In addition to developing the technology, experts warn that the implications of deploying such devices need to be carefully
considered. Who will collect and verify the data? How long will it be held? Will enough people use a voluntary app for it to
be helpful?
“We know from history that ‘emergency measures’ too often last long beyond their initial expiry date,” said Deborah Brown, a
senior researcher at Human Rights Watch. She also noted that systems that monitor cellphone location or GPS data reveal
more than just where someone has recently been. “Your contacts and associations can be gleaned, potentially your religious
or political beliefs,” she said -- for instance, if you’ve visited a church or mosque.
Susan Landau, a cybersecurity professor at Tufts University, said she has doubts about the effectiveness of relying on
smartphone-based approaches, even if the apps are carefully designed to protect individual privacy. “My real concern about
the whole thing is I think it’s being oversold,” she said. “Does it reduce spread? I don’t doubt that. Does it enable us to
eliminate social distancing? No, not as long as there’s a high portion of people who are asymptomatic.”
13. 13https://theintercept.com/2020/04/02/coronavirus-covid-19-surveillance-privacy/
Treat Covid-19 data like U.S. census data, said Albert Fox Cahn, founder and executive director of the Surveillance
Technology Oversight Project. Tight restrictions on how census data is used actually encourages people to volunteer it. “You
can’t use it to put people in jail,” he said of the census. “You can’t use it for immigration enforcement. You can’t use it for
tax collection.”
“We have such strong privacy safeguards, not because that information wouldn’t be useful other agencies — it would be
hugely useful — but because they know that [otherwise] Americans would never give us an accurate count.”
Lindsey Barrett, an attorney with Georgetown Law’s Institute for Public Representation, also emphasized the importance of
walling off public health data from those whose mission isn’t public health. “A very clear [guardrail] is that any data
collected for disease response measures should not be accessible to law enforcement,” Barrett explained. “The CDC and
state and local governments are reportedly using location data from advertisers to track the movements of people they
suspect of carrying COVID19. What’s to stop them from passing that data on to ICE, which is reportedly trying to track
people by buying location data from aggregators?”
Personal data vacuumed up for a stated purpose has the
tendency to drift to other users; old mug shots are run
through facial recognition systems, user emails are sold
from one advertiser to another. The possibility of similar
drift with coronavirus data could deter certain marginalized
groups — undocumented immigrants or people with
criminal records, for example — from participating in opt-in
data collection efforts.
14. 14https://techcrunch.com/2020/04/09/mit-develops-privacy-preserving-covid-19-contact-tracing-inspired-by-apples-find-my-feature/
MIT’s system sidesteps entirely many of the thorniest privacy-related issues around contact tracing, which have been
discussed in detail by the ACLU and other privacy protection organizations: It doesn’t use any geolocation information at
all, nor does it connect any diagnosis or other information to a particular individual.
It’s still not entirely left to individual discretion, which would be a risk from the perspective of ensuring compliance,
because MIT envisions a health official providing a QR code along with delivering any positive diagnosis that would
trigger the upload of a person’s chirp history to the database.
If any person tests positive for COVID-19, they can then upload a
full list of the chirps that their phone has broadcast over the past
14 days (which at the outside, should represent the full time
they’ve been contagious).
Those go into a database of chirps associated with confirmed
positive cases, which others can scan against to see if their phone
has received one of those chirps during that time.
A positive match with one of those indicates that an individual
could be at risk, since they were at least within 40 feet or so of a
person who has the virus, and it’s a good indicator that they should
seek a test if available, or at least self-quarantine for the
recommended two-week period.
16. 16
Source:
The US FEDERAL TRADE
COMMISSION
(FTC) , 2019
Credit card fraud tops
the list of identity theft
reports in 2018
• FTC received nearly three
million complaints from
consumers in 2018
• The FTC received more than
167,000 reports from people
who said their information
was misused on an existing
account or to open a new
credit card account
17. 17
Source:
https://www.zdnet.com/article/fbi-says-cybercrime-reports-quadrupled-during-
covid-19-pandemic/
"Whereas they might typically receive 1,000 complaints a day through their internet portal, they're now receiving something like
3,000 - 4,000 complaints a day not all of those are COVID-related, but a good number of those are.
"There was this brief shining moment when we hoped that, you know, 'gosh cyber criminals are human beings too,' and maybe
they would think that targeting or taking advantage of this pandemic for personal profit might be beyond the pale. Sadly that
has not been the case," Ugoretz said.
"They really run the gamut. Everything from setting up fraudulent internet domains [...], we've seen people set up fraudulent
COVID charities, promise delivery of masks and other equipment, and then deliver fraudulent loans, extortion, etc.. So pretty
much, sadly, anything you can think of. Cyber-criminals are quite creative," the FBI official said
FOREIGN HACKERS HAVE TARGETED US-BASED COVID-19 RESEARCH
But in addition to regular cybercrime reports, Ugoretz said the bureau is also aware of attacks carried out by foreign countries,
targeting the national healthcare sector and the US' COVID-19 research capabilities.
18. 18
FBI: Cybercrime Gang Mailing 'BadUSB' Devices to Targets
Malicious USB Devices Accompanied by Fake Gift Cards to Entice Would-Be Victims
https://www.databreachtoday.com/fbi-cybercrime-gang-mailing-badusb-devices-to-targets-a-14029?rf=2020-03-
31_ENEWS_SUB_DBT__Slot1_ART14029&mkt_tok=eyJpIjoiT1RBd1ltRXpaamsxTmpFMCIsInQiOiJQYnh5YWtpVVZqNThvb0RldkszS1F6dFExUXBLS1wva1RmTmhrVkdhckIrSWdYV2dTeFVBNDZcL3FPTFBxM
El5NXRGZExmV29KaEJhbGsyMFJDXC8ycDZlR3dOeHdpN1V6WjNEUlRkWmE3Y09NMXd6RXNPNGVaZkhtWDNaNmluVlN2NzlOVEJOQUZYWmFxaXdSMENJVkxcLzNBPT0ifQ%3D%3D
22. 22
Source: The State of
Consumer Trust - Q1
2020,
https://www.jebbit.com
THE CONSUMER DATA TRUST INDEX
Jebbit collected over 25,000 responses from 1,000 consumers across the United States.
• We analyzed how much they trust some top brands with their personal data, why they do (or don’t),
and what brands can do to be more data “trustworthy.”
• We asked US adult consumers one very simple question about some of the world’s largest public-facing
companies: “On a scale of 1 to 10, how much do you trust [Brand X] with your personal data, in
exchange for more relevant offers, goods, and services?”
26. 26
https://tealium.com/blog/digital-marketing/data-privacy-acronyms-marketers-and-analysts-should-know-in-2020/
By 2023, 65% of the world’s population will have its personal information covered under
modern privacy regulations, up from 10% today.
More than 60 jurisdictions around the world have enacted or proposed postmodern privacy and data protection laws,
following the introduction of the GDPR in 2018. These include Argentina, Australia, Brazil, Egypt, India, Indonesia, Japan,
Kenya, Mexico, Nigeria, Panama, the U.S., Singapore and Thailand.
“People are actively demanding privacy protection — and legislators are reacting,” says Willemsen. “If your organization
operates globally, focus on standardizing operations in accordance with the GDPR, and then adjust as required for local
requirements.”
He suggests using technology solutions to assist with not only readiness efforts, but also to automate portions of your
privacy management program once it’s established. This is particularly important for the handling of subject rights requests
and the processes for consent and preference management (CPM).
By year-end 2022, more than 1 million organizations will have appointed a privacy officer (or data protection officer).
Increased regulation will lead organizations to hire capable, empowered senior-level privacy officers to deliver both
compliance and customer satisfaction.
28. 28
Are the EU GDPR,
California CCPA, PCI DSS or
US HIPAA rules changing?
29. 29
In Times Of Pandemic, GDPR Still Applies, EU Warns
https://www.forbes.com/sites/emmawoollacott/2020/03/20/in-times-of-pandemic-gdpr-still-applies-eu-
warns/#744505616215
Ensure
protection
of personal
data
32. 32
Data flow mapping under GDPR
• If there is not already a documented workflow in place in your organisation, it can be
worthwhile for a team to be sent out to identify how the data is being gathered.
• This will enable you to see how your data flow is different from reality and what needs
to be done to amend this.
If an organisation’s theory about how its data is flowing is different from the reality, you
have a breach and could be fined.
The organisation needs to look at how the
data was captured, who is accountable
for it, where it is located and who has
access.
33. 33https://www.searchblox.com/blog/how-to-secure-your-pii-data-within-elasticsearch
PII is any* information about an individual
(1) any information that can be used to distinguish or trace an individual‘s identity, such as name, social security number,
date and place of birth, mother‘s maiden name, or biometric records; and
(2) any other information that is linked or linkable to an individual, such as medical, educational, financial, and employment
information.
*: What is considered PII?
PII is divided into two categories: linked data and linkable data.
Linked data that can lead us to identify a person personally.
1. Full name
2. Home address
3. Email address
4. Social security number
5. Passport number
6. Driver’s license number
7. Credit card numbers
8. Date of birth
9. Telephone number
10. Log in details
Linkable data is a piece of data that can be
used to connect with other data to locate
a person individually.
1. First or Last name
2. Country, State, City, Zip
3. Gender
4. Race
5. Non-specific age (e.g. 30-40, 60-70)
6. Job position
7. Workplace
Field-level data encryption is required within Elasticsearch to store and search all PII fields.
SearchBlox is a provider of enterprise search, sentiment analysis and text analytics solutions.
35. 35
CCPA Redefines Personal Data
• According to “PI Vs PII: How CCPA Redefines What Is Personal Data” the CCPA
definition “creates the potential for extremely broad legal interpretation around
what constitutes personal information, holding that personal information is any
data that could be linked with a California individual or household.”
• CCPA states that ”Personal information” means information that identifies,
relates to, describes, is capable of being associated with, or could reasonably be
linked, directly or indirectly, with a particular consumer or household.“
• This goes well beyond data that is obviously associated with an identity, such
as name, birth date, or social security number, which is traditionally regarded as
PII.
• It’s ultimately this “indirect” information–such as product preference or
geolocation data that is material since it is much more difficult to identify it and
connect it with a person than well-structured personally identifiable information
37. 37https://www.jdsupra.com/legalnews/just-like-that-ccpa-sets-a-new-standard-15934/
The CCPA has spawned a new kind of class action with consumers asserting CCPA violations against businesses ranging
from clothing sellers, to most ironically, home security retailers. Undoubtedly, these lawsuits will be closely monitored by
companies and lawyers alike to see how far the courts will go, and the legal standard required, to award significant relief to
consumers nationwide.
1. First, the CCPA is a meaningful weapon that will be used against companies that fail to overhaul security compliance
to comport with its standards.
2. Second, the CCPA is broad in scope in terms of the types of businesses it covers, the range of potential plaintiffs who
may bring a class action and the plethora of legal claims that may be asserted for violations under the CCPA.
3. Third, class actions under the CCPA are not going away and while some of the causes of action asserted in these cases
may be dismissed, companies will shoulder the burden of the costs associated with defending against these claims.
Finally, the best way to protect your business is to conduct your own audit of privacy protocols to ensure compliance
with best practices.
40. 40https://iapp.org/resources/article/ccpa-genius-overview/
The Westin Research Center released a new interactive tool to help IAPP members navigate the California Consumer Privacy
Act. The “CCPA Genius” maps requirements in the law to specific CCPA provisions, the proposed regulations, expert analysis
and guidance regarding compliance, the California Privacy Rights Act ballot initiative, and other resources.
As privacy professionals get ready for CCPA enforcement to begin, the "CCPA Genius" is a useful reference tool for compliance
with the current law and awareness of what may be next.
Although the CCPA has only been in effect since January, there is a tremendous amount of information available regarding its
interpretation and how to operationalize its requirements. By collecting and organizing these resources by topic, the "CCPA
Genius" will make it easier for privacy professionals to address compliance issues and analyze specific questions that arise.
41. 41
HHS Issues Limited Waiver of HIPAA Sanctions Due to Coronavirus
https://healthitsecurity.com/news/hhs-issues-limited-waiver-of-hipaa-sanctions-due-to-coronavirus
Information
sharing
Information
sharing
42. 42
Compliancy Group LLC 55 Broadway, Unit 684 Greenlawn, New York, ow.ly/NJ4K50zh3gy
HIPAA Journal - The guidance on working from home during the #COVID-19
pandemic
43. 43
PCI SSC is aware of the unprecedented situation caused by the
spread of COVID-19
https://www.pcisecuritystandards.org/covid19?utm_content=123288427&utm_medium=social&utm_source=twitter&hss_channel=tw-20256309
46. 46
Field Privacy Action (PA) PA Config
Variant Twin
Output
Gender Pseudonymise AD-lks75HF9aLKSa
PseudonymizationGeneralization
Field Privacy Action (PA) PA Config
Variant Twin
Output
Age Integer Range Bin
Step 10 +
Pseud.
Age_KXYC
Age Integer Range Bin
Custom
Steps
18-25
Aggregation/Binning
Field Privacy Action (PA) PA Config
Variant Twin
Output
Balance Nearest Unit Value Thousand 94000
Rounding
Generalization
Source data:
Output data:
Last name Balance Age Gender
Folds 93791 23 m
… … … …
Generalization
Source data:
Output data:
Patient Age Gender Region Disease
173965429 57 Female Hamburg Gastric ulcer
Patient Age Gender Region Disease
173965429 >50 Female Germany Gastric ulcer
Generalization
Examples data de-identification
Examples from Anonos and Privitar
47. 47
Data sources
Data
Warehouse
In Italy
Complete policy-
enforced de-
identification of
sensitive data across
all bank entities
Example of Cross Border Data-centric Security using Tokenization
• Protecting Personally Identifiable Information
(PII), including names, addresses, phone, email,
policy and account numbers
• Compliance with EU Cross Border Data
Protection Laws
• Utilizing Data Tokenization, and centralized
policy, key management, auditing, and
reporting
50. 50
• Privacy enhancing data de-identification terminology and classification of techniques
Source: INTERNATIONAL STANDARD ISO/IEC 20889
Encrypted data
has the same
format
Server model Local model
Differential
Privacy (DP)
Formal privacy measurement models
(PMM)
De-identification techniques
(DT)
Cryptographic tools
(CT)
Format
Preserving
Encryption (FPE)
Homomorphic
Encryption
(HE)
Two values
encrypted can
be combined*
K-anonymity
model
Responses to queries
are only able to be
obtained through a
software component
or “middleware”,
known as the
“curator**
The entity
receiving the
data is looking
to reduce risk
Ensures that for
each identifier there
is a corresponding
equivalence class
containing at least K
records
*: Multi Party Computation (MPC)
**: Example Apple and Google
ISO Standard for Encryption and Privacy Models
51. 51
Positioning of some Encryption and Privacy Models
Source: INTERNATIONAL STANDARD ISO/IEC 20889
Clear
123 897
Differential Privacy (DP)Format Preserving
Encryption (FPE)
Homomorphic
Encryption (HE)
FPE
Enc
**: Example Apple
Clear_D1
Protected
Curator**
Filter
Clear
Cleanser
Filter
Clear
__
__
__
*: Multi Party Computation (MPC)
Op
(Enc_D1,
Enc_D2)
HE Dec
HE Enc
HE Enc
Clear12
FPE
Dec
Clear
123
Protec
ted
DB
Protected
Keys
Protected
Key
Clear_D2
Enc_D1
Enc_D2
“Untrusted
Party*”
k-Anonymity Model
__
__
__
Clear
Cleanser
Filter
DB
52. 52
Data
Warehouse
Centralized Distributed
On-
premises
Public
Cloud
Private
Cloud
Vault-based tokenization y y
Vault-less tokenization y y y y y y
Format preserving
encryption
y y y y y
Homomorphic encryption y y
Masking y y y y y y
Hashing y y y y y y
Server model y y y y y y
Local model y y y y y y
L-diversity y y y y y y
T-closeness y y y y y y
Formal
privacy
measurement
models
Differential
Privacy
K-anonymity
model
Privacy enhancing data de-identification
terminology and classification of techniques
De-
identification
techniques
Tokenization
Cryptographic
tools
Suppression
techniques
Example of mapping of data security and privacy techniques (ISO) to different
deployment models
53. 53
Use cases of some de-identification techniques and models
Source:
INTERNA
TIONAL
STANDA
RD
ISO/IEC
20889
Transit Use Storage Singling out
Pseudonymization Tokenization
Protects the data flow
from attacks
Yes Yes Yes Yes Direct identifiers No
Deterministic
encryption
Protects the data when
not used in processing
operations
Yes No Yes Yes All attributes No
Order-preserving
encryption
Protects the data from
attacks
Partially Partially Partially Yes All attributes No
Homomorphic
encryption
Protects the data also
when used in processing
operations
Yes Yes Yes Yes All attributes No
Masking
Protects the data in
dev/test and analytical
applications
Yes Yes Yes Yes Local identifiers Yes
Local suppression
Protects the data in
analytical applications
Yes Yes Yes Yes
Identifying
attributes
Partially
Record suppression
Removes the data from
the data set
Yes Yes Yes Yes Yes Yes
Sampling
Exposes only a subset of
the data for analytical
applications
Partially Partially Partially Yes Yes Partially
Generalization
Protects the data in
dev/test and analytical
applications
Yes Yes Yes Yes
Identifying
attributes
Partially
Rounding
Protects the data in
dev/test and analytical
applications
Yes Yes Yes Yes
Identifying
attributes
No
Top/bottom coding
Protects the data in
dev/test and analytical
applications
Yes Yes Yes Yes
Identifying
attributes
No
Noise addition Noise addition
Protects the data in
dev/test and analytical
applications
Yes Yes Yes No
Identifying
attributes
Partially
Generalization
Technique name
Data
truthfulness
at record
level
Use Case / User
Story
Data protected in
Applicable to
types of
attributes
Reduce
Cryptographic tools
Suppression
54. 54
Applicability of some de-identification techniques and models
Source:
INTERNA
TIONAL
STANDA
RD
ISO/IEC
20889
Transit Use Storage Singling out Linking In
Pseudonymization Tokenization
Protects the data flow
from attacks
Yes Yes Yes Yes Direct identifiers No Partially
Deterministic
encryption
Protects the data when
not used in processing
operations
Yes No Yes Yes All attributes No Partially
Order-preserving
encryption
Protects the data from
attacks
Partially Partially Partially Yes All attributes No Partially
Homomorphic
encryption
Protects the data also
when used in processing
operations
Yes Yes Yes Yes All attributes No No
Masking
Protects the data in
dev/test and analytical
applications
Yes Yes Yes Yes Local identifiers Yes Partially
Local suppression
Protects the data in
analytical applications
Yes Yes Yes Yes
Identifying
attributes
Partially Partially P
Record suppression
Removes the data from
the data set
Yes Yes Yes Yes Yes Yes Yes
Sampling
Exposes only a subset of
the data for analytical
applications
Partially Partially Partially Yes Yes Partially Partially P
Generalization
Protects the data in
dev/test and analytical
applications
Yes Yes Yes Yes
Identifying
attributes
Partially Partially P
Rounding
Protects the data in
dev/test and analytical
applications
Yes Yes Yes Yes
Identifying
attributes
No Partially P
Top/bottom coding
Protects the data in
dev/test and analytical
applications
Yes Yes Yes Yes
Identifying
attributes
No Partially P
Noise addition Noise addition
Protects the data in
dev/test and analytical
applications
Yes Yes Yes No
Identifying
attributes
Partially Partially P
Generalization
Technique name
Data
truthfulness
at record
level
Use Case / User
Story
Data protected in
Applicable to
types of
attributes
Reduces the risk o
Cryptographic tools
Suppression
55. 55
Risk reduction and truthfulness of some de-identification techniques and models
Source:
INTERNA
TIONAL
STANDA
RD
ISO/IEC
20889
Transit Use Storage Singling out Linking Inference
Pseudonymization Tokenization
Protects the data flow
from attacks
Yes Yes Yes Yes Direct identifiers No Partially No
Deterministic
encryption
Protects the data when
not used in processing
operations
Yes No Yes Yes All attributes No Partially No
Order-preserving
encryption
Protects the data from
attacks
Partially Partially Partially Yes All attributes No Partially No
Homomorphic
encryption
Protects the data also
when used in processing
operations
Yes Yes Yes Yes All attributes No No No
Masking
Protects the data in
dev/test and analytical
applications
Yes Yes Yes Yes Local identifiers Yes Partially No
Local suppression
Protects the data in
analytical applications
Yes Yes Yes Yes
Identifying
attributes
Partially Partially Partially
Record suppression
Removes the data from
the data set
Yes Yes Yes Yes Yes Yes Yes Yes
Sampling
Exposes only a subset of
the data for analytical
applications
Partially Partially Partially Yes Yes Partially Partially Partially
Generalization
Protects the data in
dev/test and analytical
applications
Yes Yes Yes Yes
Identifying
attributes
Partially Partially Partially
Rounding
Protects the data in
dev/test and analytical
applications
Yes Yes Yes Yes
Identifying
attributes
No Partially Partially
Top/bottom coding
Protects the data in
dev/test and analytical
applications
Yes Yes Yes Yes
Identifying
attributes
No Partially Partially
Noise addition Noise addition
Protects the data in
dev/test and analytical
applications
Yes Yes Yes No
Identifying
attributes
Partially Partially Partially
Generalization
Technique name
Data
truthfulness
at record
level
Use Case / User
Story
Data protected in
Applicable to
types of
attributes
Reduces the risk of
Cryptographic tools
Suppression
60. 60
References:
1. California Consumer Privacy Act, OCT 4, 2019, https://www.csoonline.com/article/3182578/california-consumer-privacy-act-what-
you-need-to-know-to-be-compliant.html
2. CIS Controls V7.1 Mapping to NIST CSF, https://dataprivacylab.org/projects/identifiability/paper1.pdf
3. GDPR and Tokenizing Data, https://tdwi.org/articles/2018/06/06/biz-all-gdpr-and-tokenizing-data-3.aspx
4. GDPR VS CCPA, https://wirewheel.io/wp-content/uploads/2018/10/GDPR-vs-CCPA-Cheatsheet.pdf
5. General Data Protection Regulation, https://en.wikipedia.org/wiki/General_Data_Protection_Regulation
6. IBM Framework Helps Clients Prepare for the EU's General Data Protection Regulation, https://ibmsystemsmag.com/IBM-
Z/03/2018/ibm-framework-gdpr
7. INTERNATIONAL STANDARD ISO/IEC 20889, https://webstore.ansi.org/Standards/ISO/ISOIEC208892018?gclid=EAIaIQobChMIvI-
k3sXd5gIVw56zCh0Y0QeeEAAYASAAEgLVKfD_BwE
8. INTERNATIONAL STANDARD ISO/IEC 27018, https://webstore.ansi.org/Standards/ISO/
ISOIEC270182019?gclid=EAIaIQobChMIleWM6MLd5gIVFKSzCh3k2AxKEAAYASAAEgKbHvD_BwE
9. New Enterprise Application and Data Security Challenges and Solutions https://www.brighttalk.com/webinar/new-enterprise-
application-and-data-security-challenges-and-solutions/
10. Machine Learning and AI in a Brave New Cloud World https://www.brighttalk.com/webcast/14723/357660/machine-learning-and-ai-
in-a-brave-new-cloud-world
11. Emerging Data Privacy and Security for Cloud https://www.brighttalk.com/webinar/emerging-data-privacy-and-security-for-cloud/
12. New Application and Data Protection Strategies https://www.brighttalk.com/webinar/new-application-and-data-protection-
strategies-2/
13. The Day When 3rd Party Security Providers Disappear into Cloud https://www.brighttalk.com/webinar/the-day-when-3rd-party-
security-providers-disappear-into-cloud/
14. Advanced PII/PI Data Discovery https://www.brighttalk.com/webinar/advanced-pii-pi-data-discovery/
15. Emerging Application and Data Protection for Cloud https://www.brighttalk.com/webinar/emerging-application-and-data-protection-
for-cloud/
16. Data Security: On Premise or in the Cloud, ISSA Journal, December 2019
60