Monthly Archives: November 2025

Personal data sovereignty — anonymisation and aggregation is not enough

Posted on by
Reply

Data that has been anonymised and aggregated it is often regarded as safe and outside privacy laws, but as todays news shows this is not the case, it can still violate personal data sovereignty.

In 1990 when I first wrote about privacy in “Information processing, context and privacy.” I gave various invented scenarios demonstrating how information that was totally anonymised and aggregated still led to problems.

Today’s BBC news article today shows that, thirty-five years on, this is very much a live issue!  During pay negotiations, Lloyds Bank used its access to its own employees’ bank accounts to compare them with other customers to argue that the employees are doing well financially.

The data used by the bank was totally anonymised and aggregated before comparison, and a bank customer expects that such reports will be generated by the bank as part of its financial activities.  However, many Lloyds customer, and especially those that are also their employees, would not be happy for their data to be used to exert leverage over its employees in this way.  No personal data has been leaked or used, so this does not violate the Data Protection Act or similar legislation.  And yet it feels like an invasion of something akin to privacy.

Back in 1990 I regarded this as a wider form of privacy, but more recently I’ve been using the term personal data sovereignty for this notion that we might care about the way our data is used.and have a moral right to be able to know about, understand and deny uses to which we disapprove.

I may be happy for a social media platform to store my photograph and show it on other people’s feeds.  I might also be happy for them to use my photo to train a neural network that is then used to identify faces in images.  Distributed over the billions of weights in the neural network, my own image is lost amongst a myriad of other photos — totally anonymous and aggregated, so no direct privacy risk.  However, I might not be happy if that neural work is subsequently used in military drones to target people or implement mass government surveillance.

It is not sufficient to focus on bare privacy; massive computation of big data means that many socially and ethically challenging issues require us to look wider at personal data sovereignty.