Myths and Fallacies of “Personally Identifiable Information”

June 24, 2010

Personally Identifiable Information (PII) is found in two very different types of laws: data breach notification laws and information privacy laws. In data breach notification laws, the spirit of the term is to encompass information that could be used for identity theft. We have absolutely no issue with the sense in which PII is used in this category of laws.

On the other hand, in laws and regulations aimed at protecting consumer privacy, the intent is to compel data trustees who want to share or sell data to scrub “PII” in a way that prevents the possibility of re-identification.  This is essentially impossible to do in a foolproof way without losing the utility of the data. Furthermore, any non-trivial information can potentially be used for re-identification.

Read More

Ready for a Private and Secure Online Workspace – GoSecure

%d bloggers like this: