Anonymity is “not suf­fi­cient for pri­vacy when deal­ing with social net­works” is the con­clu­sion from a study that has suc­cess­fully man­aged to de-anonymise large amounts of sani­tised data from Twit­ter and Flickr.

The main les­son of this paper is that anonymity is not suf­fi­cient for pri­vacy when deal­ing with social net­works. […] Our exper­i­ments under­es­ti­mate the extent of the pri­vacy risks of anonymized social net­works. The over­lap between Twit­ter and Flickr mem­ber­ship at the time of our data col­lec­tion was rel­a­tively small. […] As social net­works grow larger and include a greater frac­tion of the pop­u­la­tion along with their rela­tion­ships, the over­lap increases. There­fore, we expect that our algo­rithm can achieve an even greater re-identification rate on larger networks.

There’s been some mer­i­to­ri­ous cov­er­age of this study. This from BBC News:

The pair found that one third of those who are on both Flickr and Twit­ter can be iden­ti­fied from the com­pletely anony­mous Twit­ter graph. This is despite the fact that the over­lap of mem­bers between the two ser­vices is thought to be about 15%.

This from Ars Tech­nica:

It’s not just about Twit­ter, either. Twit­ter was a proof of con­cept, but the idea extends to any sort of social net­work: phone call records, health­care records, aca­d­e­mic soci­o­log­i­cal datasets, etc.

via Schneier