20 20

Transactions on
Data Privacy
Foundations and Technologies

http://www.tdp.cat


Articles in Press

Accepted articles here

Latest Issues

Year 2025

Volume 18 Issue 2
Volume 18 Issue 1

Year 2024

Volume 17 Issue 3
Volume 17 Issue 2
Volume 17 Issue 1

Year 2023

Volume 16 Issue 3
Volume 16 Issue 2
Volume 16 Issue 1

Year 2022

Volume 15 Issue 3
Volume 15 Issue 2
Volume 15 Issue 1

Year 2021

Volume 14 Issue 3
Volume 14 Issue 2
Volume 14 Issue 1

Year 2020

Volume 13 Issue 3
Volume 13 Issue 2
Volume 13 Issue 1

Year 2019

Volume 12 Issue 3
Volume 12 Issue 2
Volume 12 Issue 1

Year 2018

Volume 11 Issue 3
Volume 11 Issue 2
Volume 11 Issue 1

Year 2017

Volume 10 Issue 3
Volume 10 Issue 2
Volume 10 Issue 1

Year 2016

Volume 9 Issue 3
Volume 9 Issue 2
Volume 9 Issue 1

Year 2015

Volume 8 Issue 3
Volume 8 Issue 2
Volume 8 Issue 1

Year 2014

Volume 7 Issue 3
Volume 7 Issue 2
Volume 7 Issue 1

Year 2013

Volume 6 Issue 3
Volume 6 Issue 2
Volume 6 Issue 1

Year 2012

Volume 5 Issue 3
Volume 5 Issue 2
Volume 5 Issue 1

Year 2011

Volume 4 Issue 3
Volume 4 Issue 2
Volume 4 Issue 1

Year 2010

Volume 3 Issue 3
Volume 3 Issue 2
Volume 3 Issue 1

Year 2009

Volume 2 Issue 3
Volume 2 Issue 2
Volume 2 Issue 1

Year 2008

Volume 1 Issue 3
Volume 1 Issue 2
Volume 1 Issue 1


Volume 17 Issue 1


Legally Anonymizing Location Data Under the GDPR

Cameron D. Bale(a),(*), Jordan L Fischer(b), Matthew J. Schneider(a), Steven Weber(c), Suzanne Chang(b)

Transactions on Data Privacy 17:1 (2024) 1 - 30

Abstract, PDF

(a) Lebow College of Business, Drexel University, Philadelphia, PA 19104, USA.

(b) Thomas R. Kline School of Law, Drexel University, Philadelphia, PA 19104, USA.

(c) Electrical and Computer Engineering, Drexel University, Philadelphia, PA 19104, USA.

e-mail:cdb327 @drexel.edu; jordan @jordanfischer.me; mjs624 @drexel.edu; spw26 @drexel.edu; sc3887 @drexel.edu


Abstract

In the last decade, different countries adopted data protection legislation to govern the collection and processing of personal data. Most of these legislative frameworks recognize that data can either be personal or non-personal. However, there is a lack of definitive criteria for when personal data has become non-personal data, as well as an understanding of the consequences of applying such criteria to the usefulness of personal data. This uncertainty creates confusion as to whether organizations can comply with privacy laws while retaining the usefulness of personal data. To address this problem, we use the existing data privacy literature to provide reasonable interpretations of legal anonymization criteria for location data under the GDPR. We apply these criteria to two reasonable anonymization solutions that produce protected person-level data. Using location data of COVID-19 patients in South Korea, we find that these solutions can produce legally anonymous location data or useful data, but not both. Further, we highlight examples of developing more sophisticated data protection solutions to better balance the tradeoff between privacy and usefulness for contextual data sets.

* Corresponding author.


ISSN: 1888-5063; ISSN (Digital): 2013-1631; D.L.:B-11873-2008; Web Site: http://www.tdp.cat/
Contact: Transactions on Data Privacy; Vicenç Torra; Umeå University; 90187 Umeå (Sweden); e-mail:tdp@tdp.cat
Note: TDP's web site does not use cookies. TDP does not keep information neither on IP addresses nor browsers. For the privacy policy access here.

 


Vicenç Torra, Last modified: 10 : 12 February 03 2024.