Functional anonymisation: Personal data and the data environment

Mark Elliot, Kieron O'Hara, Charles Raab, Christine M. O'Keefe, Elaine Mackey, Chris Dibben, Heather Gowans, Kingsley Purdam, Karen McCullagh

Research output: Contribution to journalArticlepeer-review

Abstract / Description of output

Anonymisation of personal data has a long history stemming from the expansion of the types of data products routinely provided by National Statistical Institutes. Variants on anonymisation have received serious criticism reinforced by much-publicised apparent failures. We argue that both the operators of such schemes and their critics have become confused by being overly focused on the properties of the data itself. We claim that, far from being able to determine whether data is anonymous (and therefore non-personal) by looking at the data alone, any anonymisation technique worthy of the name must take account of not only the data but also its environment.

This paper proposes an alternative formulation called functional anonymisation that focuses on the relationship between the data and the environment within which the data exists (the data environment). We provide a formulation for describing the relationship between the data and its environment that links the legal notion of personal data with the statistical notion of disclosure control. Anonymisation, properly conceived and effectively conducted, can be a critical part of the toolkit of the privacy-respecting data controller and the wider remit of providing accurate and usable data.
Original languageEnglish
Pages (from-to)204-221
JournalComputer Law and Security Review
Issue number2
Early online date28 Feb 2018
Publication statusPublished - 1 Apr 2018


Dive into the research topics of 'Functional anonymisation: Personal data and the data environment'. Together they form a unique fingerprint.

Cite this