Send message to Author

Short abstract:

At the frontiers of Data protection, Synthetic data offers new technical perspectives for reducing privacy risks when sensitive personal data is being processed. However this PET's agency can be questioned. Indeed, will SD, make obsolete various privacy requirements or prompt their reconfiguration?

Long abstract:

Synthetic Data (SD) is a term that is making headlines. From applying to credit data to perform analysis to health data for research purposes, SD offers new technical perspectives for reducing privacy risks when sensitive personal data is being processed. Indeed, SD refers to the artificial reproduction of personal data without the identifying components. In this regard, SD artificially reproduce the properties and content of real data sets to create relevant and useful anonymous data. This technical feat of strength was even the focus of one of the IPEN’s seminar in 2021 (IPEN - Internet Privacy Engineering Network, a body created by the European Data Protection Supervisor to promote privacy enhancing technologies).

This PET is set to be a significant tool to allow the circulation of anonymous sensitive data in order to boost research, transparency and efficiency. Indeed, data protection regulations are supposed to be respected and even foster by SD.

The present research will address this dreamlike technical solution for data protection by questioning its pretensions with regard to various legal requirements. In this regards, we seek to answer this question: will SD make obsolete various privacy requirements or prompt their reconfiguration? Taking for example the health sector, we will demonstrate, that the shift toward SD data will have significant impact for various regulations without answering all privacy concerns.