隨著「大數據」、「資料探勘」的興盛發展,保護個人隱私的「去識別化」相關技術與標準化的需求也日益受到重視。相關的隱私洩漏事件已清楚證明了資料庫的公開往往隱藏著當事人的資料被識別的風險;為此,各方提出了各種保護個人隱私資料去識別化的實作方法與訂定相關標準;根基於此,國際標準組織(International Organization for Standardization,簡稱ISO)已立項進行「增強隱私之資料去識別化技術」的標準化工作項目。為了平衡個人隱私保護之風險與公開資料分析的效益,本文闡明前述標準化之內涵,並建議在我國「個人資料去識別化過程驗證要求及控制措施」的驗證規範之要求事項與控制措施中宜考慮加入相關規範。
With the progress of "big data" and "data mining", "de-identification" techniques and standards that protect people's privacy had become more and more important. Privacy leak cases had proved the risk that people's data been identified come hand in hand with database opening. To solve this, different parties have come up with a variety of de-identification methods and standards. In order to achieve the balance between the risk of personal privacy violation and the benefit of open data, we formulate the standardization content of de-identification and make suggestions also the additional requirements the government and take to protect personal privacy in data base opening.