Skip to content

MASWE-0109: Lack of Anonymization or Pseudonymisation Measures

Content in BETA

This content is in beta and still under active development, so it is subject to change any time (e.g. structure, IDs, content, URLs, etc.).

Send Feedback

Overview

The absence of unlinkability techniques like data abstraction, anonymization, and pseudonymization can enable the identification and tracking of users across different services and over time. Anonymization, through methods like randomization or generalization, irreversibly de-identifies individuals by removing or altering data, such as obfuscating location or scrambling sensitive attributes. In contrast, pseudonymization replaces identifiable data with tokens or hashed values, making it more secure but still technically reversible under certain conditions.

This lack of privacy safeguards can result in unauthorized profiling, targeted advertising without consent, and potential legal liabilities due to non-compliance with privacy regulations.

Modes of Introduction

  • Lack of Anonymization or Pseudonymization Measures: Failure to remove direct identifiers, such as user ID or name, from data before server-side collection, or to manipulate the data to prevent linkage to real-world identities. This also includes not implementing protocols like Private Information Retrieval or Oblivious HTTP (OHTTP) to enhance privacy.

Impact

  • Violation of User Privacy: Users may not be aware that their personal information is being collected for tracking purposes, leading to privacy infringement.
  • Compliance and Legal Risks: Breach of data protection laws and regulations (like GDPR), resulting in legal consequences and fines.

Mitigations

  • Use Anonymisation and Pseudonymisation: Ensure techniques like anonymisation and pseudonymisation are implemented to prevent user identification.