Automatic de-identification of Data Download Packages

TL;DR

This paper presents a de-identification software designed to anonymize Data Download Packages (DDPs) containing personal data, ensuring privacy while enabling social science research.

Contribution

The paper introduces a novel de-identification tool tailored for the complex and variable structure of DDPs, addressing privacy concerns in data sharing.

Findings

Effective anonymization of DDPs with diverse formats

Software adapts to different file structures and content types

Maintains data utility for research purposes

Abstract

The General Data Protection Regulation (GDPR) grants all natural persons the right of access to their personal data if this is being processed by data controllers. The data controllers are obliged to share the data in an electronic format and often provide the data in a so called Data Download Package (DDP). These DDPs contain all data collected by public and private entities during the course of citizens' digital life and form a treasure trove for social scientists. However, the data can be deeply private. To protect the privacy of research participants while using their DDPs for scientific research, we developed de-identification software that is able to handle typical characteristics of DDPs such as regularly changing file structures, visual and textual content, different file formats, different file structures and accounting for usernames. We investigate the performance of the software and illustrate how the software can be tailored towards specific DDP structures.