Dublin, Ireland, March 30, 2022– Trūata, the privacy-enhanced data analytics solutions provider, has announced the issuance of a new patent from the United States Patent and Trademark Office (USPTO), further strengthening the foundations of its intellectual property.
The USPTO has issued U.S Patent No. 11,263,347 entitled: “A system and method for improving security of personally identifiable information”. The patent is directed to a system and method which enables a user’s location information to be maintained in a data storage retrieval system in such a way that it protects the user from being uniquely identified by that information.
“Mobility data is one of the most sensitive types of data being handled in today’s world”, said Yangcheng Huang, Director of Software for Data & Analytics at Trūata. “While mobility data can provide deep insights into human behaviors for research and commercial purposes, it can also put people’s privacy at risk. Different types of location-stamped data can disclose user identities with relative ease, even after the direct identifiers are masked, replaced or removed. This patent helps address that risk by preventing the ability to identify individuals in that dataset.”
The collection of location data is now inherent in all kinds of devices, from smartphones to connected cars, and has become of great interest to both governments and data-driven organizations. More recently, organizations are seeing the potential to drive growth and innovation by leveraging geolocation analytics to inform business decisions. In line with this shift, the global location analytics industry, which was valued at $11.80 billion in 2020, is anticipated to hit $36.22 billion by 2028.
However, as the industry grows so do the privacy concerns around mobility data, with more recent studies highlighting just how easy it is to identify an individual from such data. In fact, with just four points of time and place information, it is possible to uniquely identify 95% of individuals; therefore, simply removing names, mobile device identifiers, IP addresses, or email addresses from those records isn’t sufficient to make geolocation tracking data anonymous.
While location data is miscategorized by many as being “private”, regulations specifically require data controllers and processors to handle such data with the same level of concern as they would with any category of personal data. According to the General Data Protection Regulation (GDPR), “personal data” is defined as “any information relating to an identified or identifiable natural person . . . who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person” and “the controller and the processor shall implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk.” Therefore, in the EU, location data that can be used to identify an individual must be stored in a computer system that meets the stringent technical requirements under the GDPR.
Legal protections for location data also exist in several state and federal laws in the United States. Additionally, the Network Advertising Initiative (NAI) provides self-regulation for location data in its Code of Conduct. In general, such regulations and codes of conduct have recently exhibited a shift in focus towards mobility data in an attempt to address technological innovations and developments where affirmative consent falls short, for example with autonomous vehicles, facial recognition, connected devices and other commercial instances where data is being utilized.
“One of the most powerful aspects of location data is its ability to derive insights on interest and intent, empowering businesses to make predictions about future behaviors. But mobility data must of course be treated carefully from a privacy perspective, and the technology that this patent covers is enabling us to develop solutions that address these concerns by protecting the privacy of location data without impeding its utility”, said Michael Ingrassia, President and General Counsel.
This patent grant further establishes Trūata as a leader in privacy-enhancing technologies, pioneering new approaches that enable organizations to protect data while unlocking its value for growth and innovation.
Trūata is the privacy-enhanced data analytics solutions provider that specializes in privacy risk assessment, de-identification, and true anonymization of data. The company enables businesses to unlock powerful insights with its suite of proprietary solutions, while complying with the highest global data protection standards to build trust and transparency with their customers. Trūata was one of the first companies in the EU to achieve independently accredited ISO 27701 certification, an international standard for data privacy management. Trūata is headquartered in Dublin, with offices in London and New York.