How were "anonymized" Netflix viewing records re-identified, and what does the case teach about anonymization?
Researchers matched the anonymized Netflix ratings dataset against public IMDb reviews — a handful of ratings plus approximate dates uniquely identified individuals, showing that removing names is not enough.
In 2006 Netflix released 100 million "anonymized" movie ratings for a public competition (the Netflix Prize). In 2008, Narayanan and Shmatikov demonstrated a linkage attack: by cross-referencing with publicly posted IMDb reviews, they re-identified specific users.
Why so few data points were enough:
- Movie-rating data is sparse and high-dimensional — almost everyone's exact combination of films, ratings, and dates is unique.
- Knowing just a few of a person's ratings (e.g., from their public IMDb profile) was enough to pinpoint their entire "anonymous" Netflix history — including films they'd rated privately.
The lesson: "anonymized" does not mean "safe." If rich, distinctive data can be cross-referenced against any external dataset, re-identification is often possible. This is the same linkage principle behind Sweeney's birth-date/ZIP/gender result — and it's why modern privacy leans on techniques like differential privacy rather than naive de-identification.
Tip: When a company says data is "anonymized," ask: what external data could it be linked against, and how unique is each record? Uniqueness is the enemy of anonymity.
Go deeper:
Data re-identification (Wikipedia) — the Netflix/Narayanan-Shmatikov linkage attack and the Sweeney result.