| The Anonymity as a Relative Notion |
| Written by Giusella Finocchiaro, Annarita Ricci | |
|
In today information society, personal data are collected, exchanged and manipulated at a great speed, challenging the attempt of the individual to manage her/his own information. While it is generally recognised that current technologies potentially reduce the privacy of the individual, when compared to the level of privacy enjoyed in the past, it is as well acknowledged that electronic devices can also be used as means for preserving privacy or may at least implement features that encompass legitimate expectations of privacy. A good balance instrument to ensure privacy while not impeding the circulation of information is the recourse to anonymity. Qualifying anonymity however is not a simple operation. Anonymity in the common language In common language the term "anonymous" does not pose excessive problems. Plainly, it refers to a condition in which a person is not known, a person without name.
However, anonymity is often relative to specific facts, specific subjects and specific purposes. A composition, for instance, may be anonymous for some but not for others, depending whether or not they know the author. So the right to be anonymous, when recognized, refers to certain subjects, in predefined circumstances and for specific occasions, which can be specified by the law. Having a quick look to Italian legislation, we find references to the term in private law (copyright, personal data protection), criminal law (as an aggravating circumstance in some crimes), criminal procedure (anonymous crime reports), administrative law (open competions for public recruitment), constitutional law (freedom to speak). It is relatively easy to conclude that anonymity is a term that spreads in various areas and consequently it is hard to extract a single univocous legal concept. Anonymous data in the Italian personal data protection code Anonymous data are extremely relevant in Italian and European legislation: in fact, these data are not subject to the laws regarding processing of personal data. This is stated, for instance, by the recital no. 26 of the European Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. Moreover, anonymity represents the best way to protect privacy and personal data, as has been affirmed on several occasion by the European Commission and the European Council.
The key point of the article is the sentence "cannot be associated". In which cases can be deemed that data cannot be associated with a subject? Must this be a physical or a technological impossibility? Whether this has to be absolute or relative, has already been clarified by the Recommendation of the Council of Europe No. R (97) 5 on medical data protection, where it is stated that information cannot be considered identifiable if identification requires an unreasonable amount of time and manpower. On the contrary, the definition of "personal data" as stated by Italian Law, is "any information relating to natural or legal persons, bodies or associations that are or can be identified, even indirectly, by reference to any other information including a personal identification number", while the definition given by the European directive is the following: "any information relating to an identified or identifiable natural person ('data subject'); an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to his physical, physiological, mental, economic, cultural or social identity". In both definitions the criterion is not only the reference but also the possibility to refer information to a data subject. This referability is measured in relation to time, cost and technical means necessary to achieve it. The value and sensitivity of the information should also be taken into account. For example, medical data should require a high level of protection. Relating the information and the subject, to which it refers is a technical possibility; however its legality depends on legal and contractual boundaries. The referability has to be reasonable. Relativity is also central to the definition: data can be anonymous for some, but not for others. Likewise for functionality, data can be anonymous for certain uses, but others not so. In conclusion, as personal data can be legally processed only for specified purposes by authorised persons, data can be anonymous only for certain people under predefined conditions. Therefore anonymity in processing of personal data is not an absolute concept: it is, instead, a relative and functional concept, measured through reasonableness. Anonymity and privacy Anonymity can be considered as instrumental to several Constitutional rights, as the right of free speech or the right to privacy (which is the one here concerned). As a matter of fact when we remove the connection between a piece of information and a given individual, such individual enjoys privacy protection over that piece of information. Anonymity can therefore be used to enforce privacy.
It is worth to mention that under Italian privacy legislation (art. 3 of legislative decree 196/03), it is required that a software is conceived in such a manner as to the processing of personal data is reduced to the minimum and the use of anonymous data is due when considered feasible. The stress here is clearly both on the "privacy by design" approach (which can be termed as well "anonymity by design") and on the adoption of Privacy Enhancing Technologies (PET), or Privacy Preserving Technologies (PPT) as some scholars favour. Note that the said art. 3 cannot be considered as introducing a mere principle but shall be regarded as containing a directly applicable rule. Moreover, anonymity represents the best way to protect privacy and personal data, as has been affirmed on several occasion by the European Commission and the European Council. Think of large statistical researches on aggregated data or to the management of electronic file records: all activities which could not be considered admissible when non performed through means ensure a reasonable anonymity. Conclusions In Italian legal system, but this could be probably said also for other legislations, different notions of anonymity co-exist. The first conception anonymity appears to be strictly connected to the etymology of the word and tends to refer to writings and information basically conceived in opposition to the concept of identification. The further elaboration of this concept has progressively changed the previous approach, connecting the anonymity to the circulation of data and to the right to self-determination guaranteed to the individual. This process is not complete. It would be necessary to measure anonymity. The standard is the reasonableness. When the anonymity is reasonable? The reasonableness is an objective or a subjective standard? Who determines the reasonableness of anonymity? These are the questions on which the legal reflection should focus its attention. References
|
This concept of anonymity as namelessness, as the origin of the word reveals, by definition excludes the identity of the subject to which it refers. Anonymity is a concept, which evokes an absolute lack of connection between a fact or an act and a person.
In the Italian law (Legislative Decree 30 June 2003, No. 196) the anonymous data are defined as being data which in origin or after being processed "cannot be associated with an identified or identifiable data subject". Data can be originally anonymous or can be treated so as be made anonymous.
As we assumed that privacy should be intended as an individual right of deciding over one's personal data, we also suggest that the right to privacy could be intended as the right of deciding over anonymity in relation to one's personal data.