On Fri, Mar 21, 2014 at 02:17:02PM -0400, Eric Mill wrote:
So this is a little different from the usual fare here, but my colleague Tom Lee at the Sunlight Foundation has been thinking about using basic cryptographic concepts to convince governments to publish more unique identifiers in their datasets -- even when the identifiers they have in their *databases* is sensitive (like SSNs).
The problem of anonymizing unique data is in some senses easier than others here, because in some gov't contexts, making things personally identifiable isn't the problem -- the *intent* is to publish personally identifiable, connect-able information, like for campaign donors and lobbyists. So the Mosaic Effect (de-anonymizing Netflix data) is less of a concern. Depends on the problem, though.
After talking about it on a couple<https://groups.google.com/forum/#!topic/sunlightlabs/CdCdB_0TCgc>of lists<https://mailman.stanford.edu/pipermail/liberationtech/2014-February/012834.html>, Tom blogged it up:
http://sunlightfoundation.com/blog/2014/03/20/a-little-math-could-make-ident...
Your feedback would be very welcome, either here or in public fora. Of course, convincing government agencies to actually do this sort of thing might be a challenge, but there's a lot of levels and branches of government out there - you never know who might lead the way.
I need a reliable identifier to implement http://minco.me/ Now the next question is it mathematically possible to come up with a reliable and deterministic way of creating a public PII (identifier) with a distributed system? What if, instead of government agencies, we had Notary Publics sign a document with a 'secret' nonce to create the PII? ---------------------------------------------------------------------------- Troy Benjegerdes 'da hozer' hozer@hozed.org 7 elements earth::water::air::fire::mind::spirit::soul grid.coop Never pick a fight with someone who buys ink by the barrel, nor try buy a hacker who makes money by the megahash