Conformidade com os Requisitos Legais de Privacidade de Dados: Um Estudo sobre T\'ecnicas de Anonimiza\c{c}\~ao

TL;DR

This paper analyzes various data anonymization techniques like aggregation, generalization, perturbation, and k-anonymity to evaluate their effectiveness in complying with privacy laws such as LGPD and GDPR, balancing privacy and data utility.

Contribution

It provides a comparative assessment of anonymization techniques in terms of legal compliance and data utility, highlighting their strengths and limitations.

Findings

Significant variation in effectiveness among techniques

Need to balance privacy and data utility

Certain methods better suited for specific data types

Abstract

The protection of personal data has become a central topic in software development, especially with the implementation of the General Data Protection Law (LGPD) in Brazil and the General Data Protection Regulation (GDPR) in the European Union. With the enforcement of these laws, certain software quality criteria have become mandatory, such as data anonymization, which is one of the main aspects addressed by these regulations. The aim of this article is to analyze data anonymization techniques and assess their effectiveness in ensuring compliance with legal requirements and the utility of the data for its intended purpose. Techniques such as aggregation, generalization, perturbation, and k-anonymity were investigated and applied to datasets containing personal and sensitive data. The analysis revealed significant variations in the effectiveness of each method, highlighting the need to balance privacy and data utility.