Pseudonymisation in practice
The process which underpins the pseudonymisation of data is quite technical, but it’s comparable to when an author writes a book under a pseudonym. The crux is that no one knows who is behind that pseudonym. When personal data is made unrecognisable in that way, organisations can use it to conduct valuable research without running the risk of violating the privacy of those concerned.
For example, we helped the Parking Department of the City of Amsterdam to reduce rat-run traffic in certain neighbourhoods in the city centre. In Amsterdam, there’s always much ado around the hustle and bustle of the city centre. A significant number of cars were driving in and through residential areas in the old centre, and local politicians had been debating the roots and reasons for years. The Parking Department wanted to have research carried out so that they could argue, based on where the traffic was coming from and going, what measures could be useful.
Combining multiple data sources
Cameras were hung at the entrance and exit of a residential area so the number plates of vehicles entering and leaving the neighbourhood and the times of their comings and goings could be measured. You need extra information about those vehicles. Are they permit holders, for example? Taxis? Or are they anti-social parkers? When you’ve sorted this out, you can determine the reasons for the nuisance based on facts and data. And once you know the whys, you can take action.
Theoretically-speaking, a link could be made to the municipality’s permit database to conclude whether cars in the area belonged to permit holders. But that data was obtained for the purpose of issuing and collecting permits, not for research. Therefore, the independent privacy committee that had called in the Parking Department ruled that the permit records could not just be linked with camera data.
Privacy safeguarded
The solution was to pseudonymise the data. An algorithm was used to convert each number plate into a code so that the dataset could no longer be traced back to the original number plates. Because it guaranteed the privacy of the residents of the neighbourhood, the privacy committee in Amsterdam approved this method. A public participation evening was organised in the community, in which it was clearly explained what the Parking Department’s plans were and how they wanted to approach the research.
What I liked was that they shared that cameras were going to be placed in the neighbourhood and that they would be measuring what time people left and returned. That’s a massive invasion of privacy. The beautiful thing is that no one complained about it because everyone had been suffering so much from the traffic there. The mix of irritation and the safeguarding of their privacy through pseudonymisation meant that hardly anyone objected.
Nuisance reduction
Thanks to pseudonymisation, the research data obtained from various sources could be combined, without the number plates involved being visible. Pseudonymisation ensured the privacy of motorists. What was the result? Nearly 70 percent of the cars in the district were not local traffic. As a result of the research, the municipality has made certain streets one-way, which has made it possible to reduce the amount of rat-run traffic significantly.
Read also:
- Pseudonymisation service for traffic research
- How do you make data analysis possible under the new privacy legislation (GDPR)?
- Pseudonymisation: do it yourself or outsource it?
Edwin Kusters
In his role as a data and privacy consultant, Edwin has mainly been involved in large BI projects for the past eighteen years. He increasingly noticed that clients had certain customer analysis requirements which were in conflict with the Dutch Data Protection Act (a forerunner to the GDPR). As a result, he went in search of a solution that would still make carrying out such analyses possible. The entire playing field of the definition of the law was the starting point, but he also had to take into account such customer priorities as time-to-market, quality of service and compliance costs. The creation of a specific, separate company, today known as Viacryp, proved to be the most effective solution for clients when it comes to navigating this complex world. Edwin regularly speaks on privacy matters at seminars and congresses, and is a member of the NEN working group for the development of a pseudonymisation standard.