Anonos Enables New Ways to Unlock Maximum Data Value



Anonos patented BigPrivacy technology is the ONLY system that enables data analytics use in compliance with evolving regulations like the GDPR.
What BigPrivacy Achieves

BigPrivacy supports alternative legal bases for data use when consent is not a valid legal basis under the EU General Data Protection Regulation (GDPR). BigPrivacy heuristics and artificial intelligence technically enforce policies to adjust the granularity of data exposed in real-time to comply with differing and evolving regulations (GDPR, HIPAA, other) and restrictions.

BigPrivacy enables access to additional, and more accurate, sources of data. Due to the technically controlled separation of information value from identifiers that link back to sensitive data, sources are now able to provide access to and use of more valuable data

BigPrivacy enables broader distribution of enhanced data assets by technically enforcing compliance with restrictions and regulations. Controlling data flows at the source data element level ensures use of the minimum identifying information necessary for each authorized access enabling the creation of new data sets and subsets since access rights are no longer all or nothing. BigPrivacy heuristics and artificial intelligence technically enforce policies to adjust the granularity of data exposed in real-time to comply with differing and evolving regulations and restrictions.

BigPrivacy protects against liability from improper access to and use of data. Whether data is collected directly or received from third parties, joint and several liability and data breach obligations exist without adequate privacy safeguards and compliance with data protection by default requirements. BigPrivacy heuristics and artificial intelligence technically enforce policies to adjust the granularity of data exposed in real-time to comply with differing and evolving regulations and restrictions.

Compliance does not have to be an obstacle to growth. Anonos successfully implements new technology required under evolving regulations like the GDPR to turn compliance into a business facilitator that enables growth.
Anonos BigPrivacy is the first of its kind technology that enforces data flow controls to maximize data use in a privacy respectful, compliant manner.
DECOUPLE DATA:
Patented dynamically changing identifiers decouple data representation from its underlying value, securing and protecting sensitive data elements that could be used to link data back to individuals. BigPrivacy controls unauthorized linking of data (which is the result with static identifiers) without degrading the value of data (which is the result of other solutions).
DE-RISK DATA:
Patented fine-grain controls de-risk data by ensuring that only the minimum level of identifying information necessary to support each authorized data access is exposed. BigPrivacy heuristics and artificial intelligence technically enforce policies to adjust the granularity of data exposed in real-time to comply with differing and evolving regulations and restrictions.
CONTROL SHARING:
Only data elements necessary to support each authorized access are exposed at the time of use, with secure centrally-managed keys. BigPrivacy maximizes information value while minimizing identifiability reconciling conflicts between protecting privacy and data use.

Data flow controls are necessary because traditional contract/policy restrictions do not flow with data over its life cycle.
“With Anonos, I can generate new revenue sources because we can now granularly control how we share data sets.”

Head of business development for Fortune 500 company
Benefits

BigPrivacy improves data-driven innovation by enabling access to and use of additional sources and more accurate information for analytics, artificial intelligence, machine learning and other secondary uses of data.

BigPrivacy maximizes data asset revenue growth by enabling the multi-purpose use of data for all strategic needs. Anonos BigPrivacy is a first-of-its-kind, patented technology platform that enables robust data collection, use and sharing of data in compliance with differing and evolving international (e.g. the EU General Data Protection Regulation, “GDPR”) and domestic (Common Rule, HIPAA) regulatory requirements and contractual restrictions.

BigPrivacy technically enables compliance with data privacy and governance policies and procedures. BigPrivacy heuristics and artificial intelligence technically adjust the granularity of data exposed in real-time to comply with differing and evolving regulations and restrictions.

BigPrivacy complements perimeter, network and endpoint security technologies by protecting data in use to achieve security goals of confidentiality, integrity, and availability of information over the full life cycle of data.

How BigPrivacy Compares to Other Technologies

All other technologies distort and degrade the value of data analytics, artificial intelligence, machine learning and secondary uses of data. They limit access to, and use of, representative data and fail to satisfy security and privacy requirements under industry specific (HIPAA) and jurisdiction specific (GDPR) legal regimes.


“With Anonos, I can greenlight all the projects that business wants to do but have been shelved due to compliance issues.”

Privacy head for top-5 global payments company
Overcome Limitations of Consent: Consent no longer supports lawful data analytics under the GDPR:

  • Anonos patented BigPrivacy technology is the ONLY solution that converts Personal Data to legitimate interest processing so analytics can be done.
  • Other solutions do not enable real-time analytics or use of historical data bases collected using pre-GDPR non-compliant consent.
Global Multi-Jurisdictional Support: The benefits of Anonos BigPrivacy’s ability to control the linkability of a data by leveraging capabilities embodied in the GDPR definitions of Pseudonymisation and Data Protection by Default extend beyond GDPR compliance to enable controls necessary for secondary uses of data underlying the new global digital economy – including complying with emerging data protection laws and established regimes like HIPAA (US) and PIPEDA (Canada).
Ask other vendors how they satisfy GDPR technical requirements for Data Protection by Default and dynamic Pseudonymisation necessary to convert Personal Data to legitimate interest processing.


Why Others Can't Enable GDPR Compliant Analytics:

  1. Data Protection by Default vs Privacy by Design: Be wary of vendors who highlight compliance with Privacy by Design but not Data Protection by Default. They are very different. The GDPR mandates the most strict implementation of Privacy by Design called Data Protection by Default which requires real-time, use case specific, fine grain control over use of Personal Data.

  2. Dynamic vs Static Pseudonymisation: If a vendor claims to Pseudonymise data to comply with the GDPR, check if they use static/stateless tokens or dynamically changing tokens. Only the latter satisfy new GDPR requirements that the information value of data be separated from the ability to attribute data back to individuals via the "Mosaic Effect."

  3. Security-Only solutions: Personal Data under the GDPR extends beyond data that is directly linked to data subjects to also include information that is indirectly linkable to data subjects. Encryption, hashing, static/stateless tokenization, data masking, and other security techniques help protect against unauthorized re-identification using direct identifiers. They do nothing to protect against unauthorized re-identification via "linkage attacks" by correlating indirect (quasi) identifiers as required under the GDPR definition of Personal Data.

  4. Anonymisation: This word means something very different under EU law. If a vendor claims they make your data "anonymous" that likely means you are only able to do aggregated analysis and do not have the ability to relink to individuals.
Use Cases

General Data Protection Regulation (GDPR)

Many companies “scramble” to conduct data inventory assessments and data protection impact assessments without realizing that inventories and assessments do nothing to support new legal bases required under the GDPR to continue making desired use of personal data. Requirements for GDPR-compliant consent is impossible to satisfy for iterative data analytics (Analytics), Artificial Intelligence (AI) or Machine Learning (ML) because successive analysis, correlations and computations are not capable of being described with specificity and unambiguity at the time of consent. In addition, the GDPR has no “grandfather” provision allowing for continued use of data collected using non-compliant consent prior to the effective date of the GDPR. To process GDPR-compliant Analytics, AI and ML, and to continue legally using historical data bases containing EU personal data, new technology is required that supports alternate (non-consent) GDPR-compliant legal bases.

Anonos BigPrivacy is the only technology that can satisfy alternate (non-consent) legal bases for GDPR-compliant Analytics, AI, and ML and enable ongoing legal use of historical data. The Anonos BigPrivacy platform embodies 5 granted patents covering core capabilities necessary to support GDPR requirements for Pseudonymisation and Data Protection by Default.

Even in situations where a company is not required to comply with EU regulations, compliance with GDPR requirements is evidence of state-of-the-art initiatives to serve as a good steward of data thereby engendering maximum trust with customers.



Digital Intelligence/Marketing and Sales

Sharing “Digital Intelligence” data (i.e., capturing, integrating and analyzing data to drive measurement, optimization, and execution of marketing and sales tactics and strategies) can create significant liability. In the U.S., this is exemplified by the $2.2 Million fine imposed by the FTC on Vizio for sharing indirectly identifying information (IP addresses) with a third party for Analytics purposes. In the EU, data controllers and processors are jointly and severally liable for failure of one another to comply with new GDPR requirements, including obligations to support direct, one-on-one relationships with, and expansive new rights of, individual data subjects. However, the GDPR provides a means for data controllers to share data with third parties (for Analytics, AI, ML and other legitimate purposes) who do not have relationships with data subjects, if such third parties “are not able to identify data subjects.”

Anonos BigPrivacy is the only technology that can enable lawful (under U.S., EU and other legal regimes) collection, transformation, integration, and use of data to support real-time privacy-respectful aggregate analysis of data (both structured and unstructured) while retaining context to enable re-linking of aggregate data to source (identifying) information under controlled conditions. The Anonos BigPrivacy platform embodies 5 granted patents covering core capabilities necessary to enable lawful collection, transformation, integration, and use of data.
Other Use Cases
Click each to learn more...

What Industry Leaders Are Saying About Anonos

Jules Polonetsky
Future of Privacy Forum
Chief Executive Officer


"Anonos shows there are smart technical and policy solutions that can ensure we gain the benefits of new data uses while avoiding the risks."
Martin Abrams
Information Accountability Foundation
Executive Director & Chief Strategist


"Anonos makes effective controls possible that break the stalemate between responsible use and data obscurity."
John Wilbanks
Sage Bionetworks
Chief Commons Officer


"The potential to bring technical and organization approaches into data privacy debates that desperately need new concepts."