Quiz Entry - updated: 2026.07.05
Why do multi-source data and growing datasets make real-world anonymization so hard to maintain?
Joining sources can re-enable linkage attacks even if each is safe alone, and adding new records over time can break previously valid equivalence classes.
Two of the toughest real-world challenges:
- Multi-source anonymization. Anonymizing several sources simultaneously is exponentially harder. Data joined across systems may re-enable linkage attacks even when each source was individually anonymized — the combination leaks what the parts didn't.
- Growing datasets. Real data isn't static. As new records arrive, equivalence classes that once satisfied k-anonymity can become invalid or re-identifying, requiring continuous re-anonymization.
On top of this, public data and breaches keep expanding what attackers know, eroding an anonymity guarantee that was valid at publication time. Anonymity is a moving target.
Tip: "Anonymized once" is a myth in a living system. Plan for re-anonymization the way you plan for re-indexing or re-balancing.
Go deeper:
Robust De-anonymization (Narayanan & Shmatikov, 2008) — joining sources re-enables linkage attacks.
Data re-identification (Wikipedia) — anonymity erodes as external data accumulates.