JISCMail - DATA-PROTECTION Archives

While it is preferable to avoid using personal data, the BSi guidance mentioned below deals with situations where anonymisation is not the ideal way to test a system. It may be that the system that requires testing needs to replicate the live system exactly, and anonymisation may prevent use of the system as it was intended e.g. lookups using postcodes or names etc. and/or the ability to investigate a reported situation without fear of compromising the live system.

I would then take the approach of making sure the test system is as secure as the live, and applying the same conditions to access etc.

Best wishes,

Michelle

Michelle Peel
Information Manager
Transport for Greater Manchester

2 Piccadilly Place, Manchester M1 3BG
Direct line 0161 244 1123, Extension 701123
www.tfgm.com<http://www.tfgm.com/>

Please don't print this email unless you really need to.

NOTE: This email message and any attachments are for the sole use of the intended recipient(s) and may contain confidential and/or privileged information. Any unauthorised review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by replying to this email, and destroy all copies of the original message.

From: This list is for those interested in Data Protection issues [mailto:[log in to unmask]] On Behalf Of Tim Turner
Sent: 29 September 2014 08:04
To: [log in to unmask]
Subject: Re: [data-protection] Anonymising real data

It’s equally often a significant risk to assume that ICO knows what it is talking about; they are often out of step with the Directive and always keen to find an answer to make big Data Controllers happy, rather than the correct one. Start with personal data, and one is at greater risk of the data staying identifiable, or the un-anonymised data being input by mistake. There is no simple, easy answer to this.

Tim Turner


On 29 September 2014 at 07:52:41, Michael Bacon - Grimbaldus ([log in to unmask]<mailto:[log in to unmask]>) wrote:
The ICO takes the view that system testing is a subsidiary purpose of a main purpose and therefore need neither be included in a notification nor brought to the attention of the data subject. [Source: BSi BIP0002]

Whilst the ICO has advised that the use of PD for systems testing should be avoided, properly anonymised data is not PD. By "properly anonymised" I mean that something like a randomised one-way trapdoor approach is used, so that it is not possible to derive the original data from the test data, not is it possible to repeat the transformation and derive the same test dataset from the original. [Albeit, the ICO included tests for the success of anonymisation within the COP.]

There are many instances where the creation of an 'original' test dataset can be riskier than anonymising an existing dataset. For example, a test dataset created out of (say) two billion original records is far more likely to really test the system than a test dataset created for the purpose of testing the system. For one, it eliminates human bias. I have seen too many system tests that were biased towards success, where the testers had removed tests or data that would more likely than not cause failures - which would highlight inadequate specification and/or poor coding, or had simply not thought of test cases - a not at all uncommon failing.

M

Grimbaldus Limited

> On 28 Sep 2014, at 21:28, Ian Griffiths <[log in to unmask]<mailto:[log in to unmask]>> wrote:
>
> Probably but I'd be curious why you want to start with real data - firstly you're probably not OK to process in this way even if the aim is only to produce a test set. Secondly, its probably easier and safer to create it from scratch.
>
> Ian
>
>
> ----- Original Message ----- From: "Mike Humphrey" <[log in to unmask]<mailto:[log in to unmask]>>
> To: <[log in to unmask]<mailto:[log in to unmask]>>
> Sent: Friday, September 26, 2014 12:43 PM
> Subject: [data-protection] Anonymising real data
>
>
> Dear All
>
> I am trying to identify if there are off the shelf applications that can take data containing personal data from a live database and anonymise it to produce something suitable for use as test data.
>
> Any recommendations?
>
> Mike Humphrey : Information Management Officer
> England and Wales Cricket Board : Lord's Cricket Ground, London, NW8 8QZ, England.
>
> Tel: +44(0)20 7432 1274 : Mobile: +44 (0) 7837 365507 : Switchboard: +44 (0)20 7432 1200
> Email: [log in to unmask]<mailto:[log in to unmask]> : Web: http://www.ecb.co.uk
>
>
> [cid:image001.jpg@01CFD987.79C5EB20]<mailto:[cid:image001.jpg@01CFD987.79C5EB20]>
>
>
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]<mailto:[log in to unmask]>
> All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
> Any queries about sending or receiving messages please send to the list owner
> [log in to unmask]<mailto:[log in to unmask]>
> Full help Desk - please email [log in to unmask]<mailto:[log in to unmask]> describing your needs
> To receive these emails in HTML format send the command:
> SET data-protection HTML to [log in to unmask]<mailto:[log in to unmask]>
> (all commands go to [log in to unmask]<mailto:[log in to unmask]> not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> All archives of messages are stored permanently and are
> available to the world wide web community at large at
> http://www.jiscmail.ac.uk/lists/data-protection.html
> If you wish to leave this list please send the command
> leave data-protection to [log in to unmask]<mailto:[log in to unmask]>
> All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
> Any queries about sending or receiving messages please send to the list owner
> [log in to unmask]<mailto:[log in to unmask]>
> Full help Desk - please email [log in to unmask]<mailto:[log in to unmask]> describing your needs
> To receive these emails in HTML format send the command:
> SET data-protection HTML to [log in to unmask]<mailto:[log in to unmask]>
> (all commands go to [log in to unmask]<mailto:[log in to unmask]> not the list please)
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]<mailto:[log in to unmask]>
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving messages please send to the list owner
[log in to unmask]<mailto:[log in to unmask]>
Full help Desk - please email [log in to unmask]<mailto:[log in to unmask]> describing your needs
To receive these emails in HTML format send the command:
SET data-protection HTML to [log in to unmask]<mailto:[log in to unmask]>
(all commands go to [log in to unmask]<mailto:[log in to unmask]> not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Tim Turner
12 Honeysuckle Close
Manchester
M23 9EZ
________________________________

All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html

Selected commands (the command has been filled in below in the body of the email if you are receiving emails in HTML format):

  *   Leaving this list: send leave data-protection to [log in to unmask]<mailto:[log in to unmask]&BODY=LEAVE%20data-protection>
  *   Suspending emails from all JISCMail lists: send SET * NOMAIL to [log in to unmask]<mailto:[log in to unmask]&BODY=SET%20*%20NOMAIL>
  *   To receive emails from this list in text format: send SET data-protection NOHTML to [log in to unmask]<mailto:[log in to unmask]&BODY=SET%20data-protection%20NOHTML>
  *   To receive emails from this list in HTML format: send SET data-protection HTML to [log in to unmask]<mailto:[log in to unmask]&BODY=SET%20data-protection%20HTML>

All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm and are sent in the body of an otherwise blank email to [log in to unmask]<mailto:[log in to unmask]>

Any queries about sending or receiving messages please send to the list owner [log in to unmask]<mailto:[log in to unmask]>

(Please send all commands to [log in to unmask]<mailto:[log in to unmask]> not the list or the moderators, and all requests for technical help to [log in to unmask]<mailto:[log in to unmask]>, the general office helpline)

________________________________

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
     All archives of messages are stored permanently and are
      available to the world wide web community at large at
      http://www.jiscmail.ac.uk/lists/data-protection.html
     If you wish to leave this list please send the command
       leave data-protection to [log in to unmask]
All user commands can be found at http://www.jiscmail.ac.uk/help/commandref.htm
 Any queries about sending or receiving messages please send to the list owner
              [log in to unmask]
  Full help Desk - please email [log in to unmask] describing your needs
        To receive these emails in HTML format send the command:
         SET data-protection HTML to [log in to unmask]
   (all commands go to [log in to unmask] not the list please)
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^