A Primer on Information Theory and Privacy

Electronic Frontier FoundationIf we ask whether a fact about a person identifies that person, it turns out that the answer isn’t simply yes or no. If all I know about a person is their ZIP code, I don’t know who they are. If all I know is their date of birth, I don’t know who they are. If all I know is their gender, I don’t know who they are. But it turns out that if I know these three things about a person, I could probably deduce their identity! Each of the facts is partially identifying.

There is a mathematical quantity which allows us to measure how close a fact comes to revealing somebody’s identity uniquely. That quantity is called entropy, and it’s often measured in bits. Intuitively you can think of entropy being generalization of the number of different possibilities there are for a random variable: if there are two possibilities, there is 1 bit of entropy; if there are four possibilities, there are 2 bits of entropy, etc. Adding one more bit of entropy doubles the number of possibilities.1

Because there are around 7 billion humans on the planet, the identity of a random, unknown person contains just under 33 bits of entropy (two to the power of 33 is 8 billion). When we learn a new fact about a person, that fact reduces the entropy of their identity by a certain amount. There is a formula to say how much: Continue reading.

Related Posts

Internet Explorer’s dominant market share eroding Remember when Internet Explorer ruled the Web, to the tune of about 98% of the browser market share? Those were happy days for Internet Explorer. Unti...
Privacy by Design: The 7 Foundational Principles Privacy by Design is a concept I developed back in the 90’s, to address the ever-growing and systemic effects of Information and Communication Technol...
File-Sharing Software Potential Threat to Health Privacy The personal health and financial information stored in thousands of North American home computers may be vulnerable to theft through file-sharing sof...
It’s not the Gates, it’s the bars To pay so much attention to Bill Gates' retirement is missing the point. What really matters is not Gates, nor Microsoft, but the unethical system of ...
Google Superbowl Ad Explains The Need for Search Privacy Google's ad during yesterday's Superbowl explained in less than a minute how the story of someone's life can be pieced together from their search quer...
Governments May Fake SSL Certificates Today two computer security researchers, Christopher Soghoian and Sid Stamm, released a draft of a forthcoming research paper in which they present ev...

We Recommend These Vendors

Launch an SSD VPS in Europe, USA, Asia & Australia on Vultr's KVM-based Cloud platform starting at $5:00/month (15 GB SSD, 768 MB of RAM).

Deploy an SSD Cloud server in 55 seconds on DigitalOcean. Built for developers and starting at $5:00/month (20 GB SSD, 512 MB of RAM).


Leave a Comment

Your email address will not be published. Required fields are marked *

*