I can’t think of a sensible way to hash that permanently anonymizes. So I’d be really interested to hear about the details of the proposed “hashing” algorithm.
An example of a nightmare scenario: an employer “hashes” the name on your job application (or finds your Facebook account ID and hashes that) and then pairs it up with “anonymized” healthcare data available through a third party. And doesn’t hire you because one of your relatives (or even worse, one of your Facebook :“friends”) has some unpleasant disease. So the hashing details really matter.
How on earth do they think they can protect long-term anonymity through a hashing algorithm? Whether I’m Ed Roland, or FE9F3746A924, the effects are pretty much the same, as long as somebody can hash Ed Rowland + whatever secondary details they use to generate the hash. And I can’t think of any secondary details that both Facebook and a health provider would have that pretty much anyone else can’t get too.
There’s a story in there that really needs to be told!
