Linkage Attacks Expose Identity Risks in Public ECG Data Sharing

TL;DR

This study demonstrates that ECG biometric data can be re-identified with high accuracy even under realistic adversarial conditions, exposing significant privacy risks in public data sharing.

Contribution

It provides a realistic evaluation of ECG privacy risks with partial adversarial knowledge, highlighting the inadequacy of simple anonymization techniques.

Findings

Achieved 85% re-identification accuracy

Maintained 14.2% overall misclassification rate

Identified limitations of basic anonymization methods

Abstract

The increasing availability of publicly shared electrocardiogram (ECG) data raises critical privacy concerns, as its biometric properties make individuals vulnerable to linkage attacks. Unlike prior studies that assume idealized adversarial capabilities, we evaluate ECG privacy risks under realistic conditions where attackers operate with partial knowledge. Using data from 109 participants across diverse real-world datasets, our approach achieves 85% accuracy in re-identifying individuals in public datasets while maintaining a 14.2% overall misclassification rate at an optimal confidence threshold, with 15.6% of unknown individuals misclassified as known and 12.8% of known individuals misclassified as unknown. These results highlight the inadequacy of simple anonymization techniques in preventing re-identification, demonstrating that even limited adversarial knowledge enables effective identity linkage. Our findings underscore the urgent need for privacy-preserving strategies, such as differential privacy, access control, and encrypted computation, to mitigate re-identification risks while ensuring the utility of shared biosignal data in healthcare applications.