Bra grejjer från Holland:
http://staff.science.uva.nl/~noordend/publications/DPR-GvN-final.pdf
Alldeles färskt: Guido van't Noordende, Informatics Institute,
University of Amsterdam, April 30, 2013
//Erik
Summary of main points
− Definitions of anonymous or pseudonymous data are unnecessary if a
good definition of personal data exists. Currently proposed
definitions of anonymous and pseudonymous data focus narrowly on
removing directly identifiable features from microdata, thus
ignoring significant risks of re-identifyability of the remaining
data.
− Current Article 83 creates an exemption from DPR rules that allows
usage of data for “historic, statistical, and scientific research”
even if identifiable, without consent. This is too lenient,
particularly given the broad application of Article 83 within the
DPR.
− Medical information looses its special protection in the DPR
(compared to 95/46/EC) under the original definition of Article 81
in the commission's proposal. A consent requirement should be
included in Article 81(2). Also, Article 83 should not permit for
processing of special categories of information for historical,
statistical and scientific research without explicit consent.
− Re-identification mechanisms have been described for years, and it
has been shown that combination of “anonymised” (or pseudonymised)
data with other (background) information is straightforward. If due
to new DPR regulations more and more “anonymised” micro-information
becomes available, this problem is exacerbated, as re-identifcation
and/or linkage of this information with other information becomes
even more straightforward.
− Pseudonymised information, due to its inherent property of
linkability and longitudinal stability (i.e., being the same over
time), may bring additional risks compared to using anonymous data.
Pseudonymization is usable as a tool for securing information during
processing, but should not be used as a means to escape DPR rules
such as accountability and transparency.