HAVE YOUR CAKE = avoid liability, comply with regulations, ensure trust = Data Protection
EAT IT TOO = process analytics, AI, personalization, maximize data value and sharing = Data Uses
(Your data use )
(Your data use )
Shortcomings of Security-Only Solutions
A common approach to improving data protection is to prescribe security upgrades. The problem with relying on this strategy by itself is two-fold. First, security solutions limit access to data by enforcing generalized access/no access controls to entire datasets, preventing people without permission from accessing any data, or granting access, to all of the data. Security-only solutions do not support fine-grained, risk-managed, use case-specific controls over what people can do with data once they are granted access. Second, security technologies such as encryption, hashing, static or stateless tokenization, data masking, and related approaches, help to protect against unauthorized identification of data subjects using data that directly reveals the identity of a data subject, but do nothing to protect against unauthorized re-identification of data subjects by correlating data attributes to reveal identity via “linkage attacks.”
Shortcomings of Privacy-Only Solutions
Before BigPrivacy technology, privacy was protected primarily using written contracts, “click-through” agreements and Terms of Service (“ToS”) that set forth what organizations would be authorized to do, or not do, with data. However, for non-technical, non-preventive, policy-based measures to remain effective, controllers require resources and access to monitor compliance by the counterparties to contractual commitments. Such monitoring is typically unavailable or impractical to implement. Policy and contract based measures also place the risk from inadequate data protection on data subjects, due to limited recourse against data controllers and data processors for privacy violations. Technologies developed to safeguard privacy rights either work on a binary access/no access basis (e.g., data masking) or on an aggregated basis to support generalized statistics. In today’s changing regulatory landscape, these technologies fail to comply with new standards for modern digital processing and do not support business needs for increased access to personal data without the availability of consent. For example, combining and analyzing multiple data sets and incorporating unstructured data – processing which is at the core of the new digital economy – cause legacy privacy technologies to break down and prevent them from supporting GDPR compliant secondary data uses.
Benefits of Anonos BigPrivacy
Anonos BigPrivacy technology maximizes the value and usability of data by dynamically controlling the linkability (or identifiability) of data under controlled conditions at the data element level. BigPrivacy is a first-of-its-kind, patented platform that enables controlled re-linking (or re-identification) of data to retain and expand value after dynamically de-linking (or de-identifying) data to satisfy data protection, privacy, and security compliance requirements including, but not limited to, GDPR compliant pseudonymisation.
Anonos has been actively engaged in research and development to advance the state of the art in data protection, privacy and security technology since 2012. The Anonos BigPrivacy systems, methods and devices that support GDPR compliant pseudonymisation are covered by foundational granted patents (including, but not limited to, Nos. U.S. No. 9,631,481; 9,129,133; 9,087,216; 9,087,215; and 9,619,669) and a portfolio of over 50 pending U.S. and international patent applications.
The benefits of Anonos BigPrivacy enable global compliance controls on a jurisdictional basis necessary for secondary use (further processing) of data underlying the new global data-driven economy to unlock data value.