On Wed, 18 Sep 1996, Vladimir Z. Nuri wrote:
of blinding and zero-knowledge protocols applied to health databases. it seems reasonable that this can be worked out.
De-identified records are common in medical research, where applicable. The problem is that for effective epidemiological research the self-generated ID you propose must be applied in a lot of databases outside of health care. The epidemiologist wants to know when you were born, when you give birth or die or buy liquor, your income, standard of living, grade of radon contamination in your house, what Web-pages you access etc etc. (The Swedish Post is currently spending a lot of money advertising their new Web services. For full access to such sensitive data as detailed wheather maps you have to enter your name, address and Person Number - for credit information, they say - and they will send you, by snail mail, a username and password; http://www.torget.se) So in the end you haven't really gained much by creating your own ID - it will be just as useful to the State as if they had given it to you. Asgaard