On 29 November 2011 16:11, Ted Dunning <ted.dunn...@gmail.com> wrote: > The deanonymization attacks depend on some aspect of the data being related > to real-world events or products. The attack on the netflix data depended > on the movies being identified so that ratings could be correlated to > ratings on other systems. > > If you blind product id's and user id's then none of the currently known > attacks are likely to work. > > But I respect the limits you describe. Caution is never such a bad thing > in these matters.
+1 ... data leaks in expected ways. Random aside: in the Netherlands currently, Albert Heijn, a major supermarket chain, give away key tags with a loyalty barcode printed on them. If you enter the code from the keytag (properly, your own; but maybe you see colleagues and friends keyring from time to time...) into http://www.ah.nl/appie you get that person's shopping history ordered by favourites, most recent purchases. Although as Ted says this only unlocks half the puzzle, ... Dan
