Paper's abstract
Tristan
Allard,
Protection of personal data designed to be disclosed: description of a minimalist attack on a pseudonymized dataset
Decision support software based on artificial intelligence techniques is increasingly used in the field of justice. But these techniques often require access to large amounts of personal information to achieve quality learning. In France, the legal framework today seems favorable to the opening of judgments, provided that the privacy of the persons concerned is respected. However, it is still technically difficult to protect personal data before disclosure. This article aims to describe a minimalist attack that was performed in 2014 on a dataset protected by performing a pseudonymization algorithm. The originality of this attack lies in its simplicity - it did not require access to an auxiliary dataset - and in its target - the pseudonymization algorithm. We present the family of pseudonymization algorithms, describe and analyze the attack, and conclude on the role pseudonymization is playing in the General Regulation on the Protection of Personal Data.
Key Words : anonymization GRPD big data
t. 60, 2018: p. 183-188
