External Links

World Economic Forum   
Unlocking the Value of Personal Data: From Collection to Usage


MIT's Open PDS research proposes a privacy mechanism wherein data is retained and processed in a device owned by the consumer.  A secure piece of code necessary to do the processing is sent from the bank, retailer, etc and is inserted into the device.  Only results are returned , no raw data.  

http://openpds.media.mit.edu/ ​ 


Pseudonymous data is a class of techniques that replace personally identifiable data with a proxy value. Processing can then be performed without significant risk of privacy breach.


Homomorphic Encryption
Homomorphic encryption is a method of performing computations on a set of data while it remains encrypted.  This is a computationally intense technique but one which has significant potential.  This link is a very non-technical description.


Tokenization is a process wherein sensitive data is replaced with tokens.  The original data is contained in a secure "vault" where it can be readily controlled.  The token that is used to replace the data is selected so that it cannot be computationally manipulatec to derive the sensitive data.


Masking is a technique wherein sensitive data such as an account number is obscured with a masking character such as "X".  There are numerous scenarios such as engineering testing where live data is required but its use represents a privacy and security risk.  This approach can be used in some cases to mitigate that risk.


Generalization is a process of "zooming out" from specific data to more generalized / summarized data.  A specific data element might be an individual's income.  A generalization of this might be an income bracket containing individuals within a $30,000 window.



Differential Privacy
Differential privacy is a statistical approach intended to make it harder for attackers to deanonymize data by comparing multiple related datasets.