Three months ago, you noticed than XYZ Health was cheaper than other health insurances and you signed up with them. Reading their privacy policy, you find out that they collect and sell your data to third parties. The policy states that this data “might include” demographic data along with financial and health information. You feel weird but Jack from customer service reassures you: you should not worry. The data being shared is “anonymous” (also called de-identified or depersonalized) and third parties only have access to at most 1% of the database.
Is the data truly anonymous and is your information safe? Or could a few pieces of information be used to re-identify you?
Enter some of your demographics in the app on the right and see if this would be enough to identify you. By the way, this demo is only running in your browser, and we don't collect your data. :)
If you do not live in the US nor in the UK, here are some postcodes. In the US, you can use 10001 for the Chelsea neighborhood in New York City (22,000 people) or 79936 for El Paso (120,000 people). In the UK, you can use SW7 for South Kensington (20,000 people).
For the UK, this demo uses only postcodes from England and Wales.
NaN% of the time!
If your employer or neighbor finds someone matching your date of birth (1990/11/12), gender (male), and postcode district (SW7) in an “anonymous” health dataset, that person would be you
Other people have, on average,
Scroll below to learn why it matters and how extra information could make you even more unique.
“We might share anonymous data with third parties”
If you ever took the time to read terms of service, you have probably seen this sentence before.
But is anonymous data really anonymous? What would it take to find you in an anonymous dataset?
Where do you live?