{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,26]],"date-time":"2025-03-26T04:32:36Z","timestamp":1742963556030,"version":"3.40.3"},"publisher-location":"Cham","reference-count":22,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783031073144"},{"type":"electronic","value":"9783031073151"}],"license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"DOI":"10.1007\/978-3-031-07315-1_6","type":"book-chapter","created":{"date-parts":[[2022,5,19]],"date-time":"2022-05-19T09:07:03Z","timestamp":1652951223000},"page":"88-96","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Fifty Shades of\u00a0Personal Data \u2013 Partial Re-identification and\u00a0GDPR"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-6290-2099","authenticated-orcid":false,"given":"Jan","family":"Willemson","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2022,5,20]]},"reference":[{"key":"6_CR1","unstructured":"EDPB Work Programme 2021\/2022, The European Data Protection Board. https:\/\/edpb.europa.eu\/system\/files\/2021-03\/edpb_workprogramme_2021-2022_en.pdf"},{"key":"6_CR2","unstructured":"Opinion 05\/2014 on Anonymisation Techniques. Article 29 Data Protection Working Party, April 2014. https:\/\/ec.europa.eu\/justice\/article-29\/documentation\/opinion-recommendation\/files\/2014\/wp216_en.pdf"},{"key":"6_CR3","unstructured":"Common Methodology for Information Technology Security Evaluation. Evaluation methodology, Version 3.1, Revision 5, CCMB-2017-04-004, April 2017. https:\/\/www.commoncriteriaportal.org\/files\/ccfiles\/CEMV3.1R5.pdf"},{"key":"6_CR4","unstructured":"AEPD-EDPS joint paper on 10 misunderstandings related to anonymisation (2021). https:\/\/edps.europa.eu\/data-protection\/our-work\/publications\/papers\/aepd-edps-joint-paper-10-misunderstandings-related_en"},{"key":"6_CR5","doi-asserted-by":"publisher","unstructured":"Benitez, K., Malin, B.: Evaluating re-identification risks with respect to the HIPAA privacy rule. J. Am. Med. Inf. Assoc. 17(2), 169\u2013177 (2010). https:\/\/doi.org\/10.1136\/jamia.2009.000026","DOI":"10.1136\/jamia.2009.000026"},{"issue":"4","key":"6_CR6","doi-asserted-by":"publisher","first-page":"653","DOI":"10.1007\/s00779-012-0513-6","volume":"17","author":"E Buchmann","year":"2013","unstructured":"Buchmann, E., B\u00f6hm, K., Burghardt, T., Kessler, S.: Re-identification of smart meter data. Pers. Ubiquitous Comput. 17(4), 653\u2013662 (2013). https:\/\/doi.org\/10.1007\/s00779-012-0513-6","journal-title":"Pers. Ubiquitous Comput."},{"key":"6_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"235","DOI":"10.1007\/11962977_19","volume-title":"Critical Information Infrastructures Security","author":"A Buldas","year":"2006","unstructured":"Buldas, A., Laud, P., Priisalu, J., Saarepera, M., Willemson, J.: Rational choice of security measures via multi-parameter attack trees. In: Lopez, J. (ed.) CRITIS 2006. LNCS, vol. 4347, pp. 235\u2013248. Springer, Heidelberg (2006). https:\/\/doi.org\/10.1007\/11962977_19"},{"issue":"1","key":"6_CR8","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1038\/srep01376","volume":"3","author":"YA De Montjoye","year":"2013","unstructured":"De Montjoye, Y.A., Hidalgo, C.A., Verleysen, M., Blondel, V.D.: Unique in the crowd: the privacy bounds of human mobility. Sci. Rep. 3(1), 1\u20135 (2013). https:\/\/doi.org\/10.1038\/srep01376","journal-title":"Sci. Rep."},{"issue":"12","key":"6_CR9","doi-asserted-by":"publisher","DOI":"10.1371\/journal.pone.0028071","volume":"6","author":"K El Emam","year":"2011","unstructured":"El Emam, K., Jonker, E., Arbuckle, L., Malin, B.: A systematic review of re-identification attacks on health data. PLoS ONE 6(12), e28071 (2011)","journal-title":"PLoS ONE"},{"key":"6_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"273","DOI":"10.1007\/978-3-540-25955-8_21","volume-title":"Privacy in Statistical Databases","author":"EAH Elamir","year":"2004","unstructured":"Elamir, E.A.H.: Analysis of re-identification risk based on log-linear models. In: Domingo-Ferrer, J., Torra, V. (eds.) PSD 2004. LNCS, vol. 3050, pp. 273\u2013281. Springer, Heidelberg (2004). https:\/\/doi.org\/10.1007\/978-3-540-25955-8_21"},{"key":"6_CR11","doi-asserted-by":"publisher","unstructured":"Finck, M., Pallas, F.: They who must not be identified-distinguishing personal from non-personal data under the GDPR. Int. Data Privacy Law 10(1), 11\u201336 (2020). https:\/\/doi.org\/10.1093\/idpl\/ipz026","DOI":"10.1093\/idpl\/ipz026"},{"key":"6_CR12","doi-asserted-by":"publisher","unstructured":"Kassem, A., \u00c1cs, G., Castelluccia, C., Palamidessi, C.: Differential inference testing: a practical approach to evaluate sanitizations of datasets. In: 2019 IEEE Security and Privacy Workshops, SP Workshops 2019, San Francisco, CA, USA, 19\u201323 May 2019, pp. 72\u201379. IEEE (2019). https:\/\/doi.org\/10.1109\/SPW.2019.00024","DOI":"10.1109\/SPW.2019.00024"},{"key":"6_CR13","doi-asserted-by":"publisher","unstructured":"Kikuchi, H., Yamaguchi, T., Hamada, K., Yamaoka, Y., Oguri, H., Sakuma, J.: Ice and fire: quantifying the risk of re-identification and utility in data anonymization. In: Barolli, L., Takizawa, M., Enokido, T., Jara, A.J., Bocchi, Y. (eds.) 30th IEEE International Conference on Advanced Information Networking and Applications, AINA 2016, Crans-Montana, Switzerland, 23\u201325 March 2016, pp. 1035\u20131042. IEEE Computer Society (2016). https:\/\/doi.org\/10.1109\/AINA.2016.151","DOI":"10.1109\/AINA.2016.151"},{"key":"6_CR14","doi-asserted-by":"crossref","unstructured":"Narayanan, A., Shmatikov, V.: Robust de-anonymization of large sparse datasets. In: 2008 IEEE Symposium on Security and Privacy (S&P 2008), pp. 111\u2013125. IEEE (2008)","DOI":"10.1109\/SP.2008.33"},{"key":"6_CR15","doi-asserted-by":"crossref","unstructured":"Purtova, N.: From Knowing by name to personalisation: meaning of identification under the GDPR. Available at SSRN 3849943 (2021)","DOI":"10.2139\/ssrn.3849943"},{"issue":"3","key":"6_CR16","doi-asserted-by":"publisher","first-page":"502","DOI":"10.1017\/err.2018.47","volume":"9","author":"C Quelle","year":"2018","unstructured":"Quelle, C.: Enhancing compliance under the general data protection regulation: the risky upshot of the accountability- and risk-based approach. Eur. J. Risk Regul. 9(3), 502\u2013526 (2018). https:\/\/doi.org\/10.1017\/err.2018.47","journal-title":"Eur. J. Risk Regul."},{"key":"6_CR17","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"427","DOI":"10.1007\/978-3-319-45741-3_22","volume-title":"Computer Security \u2013 ESORICS 2016","author":"M Rocchetto","year":"2016","unstructured":"Rocchetto, M., Tippenhauer, N.O.: On attacker models and profiles for cyber-physical systems. In: Askoxylakis, I., Ioannidis, S., Katsikas, S., Meadows, C. (eds.) ESORICS 2016. LNCS, vol. 9879, pp. 427\u2013449. Springer, Cham (2016). https:\/\/doi.org\/10.1007\/978-3-319-45741-3_22"},{"issue":"4","key":"6_CR18","first-page":"361","volume":"14","author":"C Skinner","year":"1998","unstructured":"Skinner, C., Holmes, D.J.: Estimating the re-identification risk per record in microdata. J. Official Stat. 14(4), 361 (1998)","journal-title":"J. Official Stat."},{"key":"6_CR19","doi-asserted-by":"publisher","unstructured":"Truta, T.M., Fotouhi, F., Barth-Jones, D.C.: Disclosure risk measures for microdata. In: Proceedings of the 15th International Conference on Scientific and Statistical Database Management (SSDBM 2003), 9\u201311 July 2003, Cambridge, MA, USA, pp. 15\u201322. IEEE Computer Society (2003). https:\/\/doi.org\/10.1109\/SSDM.2003.1214948","DOI":"10.1109\/SSDM.2003.1214948"},{"issue":"3","key":"6_CR20","doi-asserted-by":"publisher","DOI":"10.1371\/journal.pone.0120592","volume":"10","author":"Z Wan","year":"2015","unstructured":"Wan, Z., et al.: A game theoretic framework for analyzing re-identification risk. PLoS ONE 10(3), e0120592 (2015). https:\/\/doi.org\/10.1371\/journal.pone.0120592","journal-title":"PLoS ONE"},{"issue":"10","key":"6_CR21","doi-asserted-by":"publisher","DOI":"10.1371\/journal.pone.0140589","volume":"10","author":"L Yin","year":"2015","unstructured":"Yin, L., et al.: Re-identification risk versus data utility for aggregated mobility research using mobile phone location data. PLoS ONE 10(10), e0140589 (2015)","journal-title":"PLoS ONE"},{"key":"6_CR22","doi-asserted-by":"publisher","unstructured":"Zang, H., Bolot, J.: Anonymization of location data does not work: a large-scale measurement study. In: Ramanathan, P., Nandagopal, T., Levine, B.N. (eds.) Proceedings of the 17th Annual International Conference on Mobile Computing and Networking, MOBICOM 2011, Las Vegas, Nevada, USA, 19\u201323 September 2011, pp. 145\u2013156. ACM (2011). https:\/\/doi.org\/10.1145\/2030613.2030630","DOI":"10.1145\/2030613.2030630"}],"container-title":["Lecture Notes in Computer Science","Privacy Technologies and Policy"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-07315-1_6","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,6,14]],"date-time":"2022-06-14T23:04:43Z","timestamp":1655247883000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-07315-1_6"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022]]},"ISBN":["9783031073144","9783031073151"],"references-count":22,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-07315-1_6","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2022]]},"assertion":[{"value":"20 May 2022","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"APF","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Annual Privacy Forum","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Warsaw","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Poland","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2022","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23 June 2022","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"24 June 2022","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"10","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"apf2022","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/privacyforum.eu\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"38","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"8","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"0","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"21% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}