In today's digital age, data is an essential resource for many industries, including healthcare, finance, and marketing. However, the collection and use of personal data can pose a significant risk to individual privacy. Anonymization is a technique used to protect privacy by removing or masking identifying information from data. However, there is always a risk of deanonymization, which can reveal the identity of individuals from seemingly anonymous data. In this blog post, we'll discuss what anonymization and deanonymization are, and what are some ways we can prevent it.

What Is Anonymization?

Anonymization is the process of removing or masking personally identifiable information (PII) from data. This is typically done to protect privacy, while still allowing the data to be used for research or analysis. Anonymization techniques can include removing names, addresses, and other identifying information from data, as well as replacing specific data points with general categories (e.g., age range instead of exact age). This technique is referred to as Pseudo-Anonymization.

If you are wondering why we currently anonymize data in the first place, this is done to prevent the presence of any bias that the ML Model might infer from its training data.

What Is De-Anonymization?

Despite the best efforts by engineers to completely anonymize data, it is important to note that anonymization is not foolproof. There are several ways in which data can be deanonymized, or re-identified, including through cross-referencing with other data sets or through advanced machine-learning techniques. In some cases, even seemingly innocuous data points can be enough to re-identify an individual.

User de-anonymization refers to the process of identifying individuals from datasets that have been stripped of personally identifiable information. This is a significant concern in machine learning because it can lead to privacy violations and other negative consequences.

For example, an attacker may be able to use other publicly available data sets to link the anonymized data back to a particular individual, or they may use advanced machine learning techniques to re-identify individuals from seemingly anonymous data.

How De-Anonymization Effects You?

The best example of de-anonymization is from 2006 and features the well-known streaming service Netflix. Back then, University of Texas researchers de-anonymized a sizable portion of Netflix subscribers by comparing their movie ratings with the comments posted on the Internet Movie Database (IMDb).

The researchers compared the whole Netflix dataset with IMDb ratings, despite Netflix's efforts to remove reviewers' sensitive information like names and replace it with random numbers. They were able to de-anonymize certain Netflix customers by comparing their rankings and time stamps with publicly available information on IMDb (many IMDb users post reviews under their real names).

If 2 researchers were able to achieve de-anonymization for the sake of a scientific study, it is not difficult to conceive what a bad actor could do to harm unaware users. This is why it is quite important to prevent such situations from happening again.

How To Prevent De-Anonymization?

Data minimization :

One of the most effective strategies for preventing deanonymization in ML is to minimize the amount of data that is collected and used in training models. This can be achieved by only collecting data that is strictly necessary for the intended purpose and by removing any unnecessary or sensitive data.
Differential privacy :

Another technique for preventing deanonymization in ML is to use differential privacy. This involves adding noise to the data during the training process to protect individual privacy. This makes it harder for attackers to identify individual users in the data set.
Federated Learning :

This is a technique that allows data to be trained on local devices rather than on a centralized server. In this approach, the model is trained locally on each user's device and only the model updates are shared with the central server. This way, user data is kept locally, and no single entity has access to all the data.
Homomorphic encryption :

This is a technique that allows computation to be performed on encrypted data. This way, the user's data remains encrypted and cannot be used to identify the individual.
Secure multi-party computation :

This is a technique that allows multiple parties to compute a function collaboratively without revealing their data to each other. In this approach, multiple parties contribute their data to a computation, and the output of the computation is shared among the parties. This way, no single entity has access to all the data, and the user's identity remains anonymous.
k-Anonymity :

This is a technique that masks the user's identity by ensuring that the data shared with others is indistinguishable from at least k-1 other individuals. This way, the user's identity remains anonymous, and their data cannot be traced back to them.

Conclusion

With data collection and analytics becoming a part of everyday life, De-anonymization of user data is a critical issue that has to be prevented and solved. While there are a lot of efforts being made and new techniques being introduced to effectively encrypt and anonymize data, De-anonymization in Machine Learning is a complex issue that requires a multifaceted approach from the ground up.

References

https://link.springer.com/chapter/10.1007/978-3-540-79228-4_1

https://federated.withgoogle.com/

https://analyticsindiamag.com/data-anonymization-is-not-a-fool-proof-method-heres-why/

Solving For Data De-Anonymization In Machine Learning