Anonymisation tool

The anonymisation tool is used to give substance to transparency and the necessary protection of the individuals, companies and institutions to whom documents relate.

Transparency because it enables the organisation to share information according to regulations such as the Woo. For the resident about whom there is data in documents to be published, use means that there is no privacy violation and the organisation thus complies with the AVG. The same applies to the protection of personal data of the organisation's employees.

The applicant of a Woo request receives the information she asked for, either in anonymised version or partially masked on a different basis. For the departments within the organisation responsible for handling a Woo request and/or publishing information, it means complying with laws and regulations. Use of the software reduces turnaround time and therefore contributes to being able to provide requested information within the legal deadlines.

The risk impact of the algorithm is low. This applies to individuals (citizens, employees of buying organisations). The algorithm searches specifically for (personal) data and masks or designates them regardless of the further content of documents. A proposal is made for anonymising a text fragment to an employee, there are no automatic decisions. In addition, the tool has the option of manually masking information that cannot be made public for other reasons. With this, for example, a text fragment containing strategic information can be marked to protect one's own organisation or a partner organisation (government, company or institution). The basis for anonymising or masking is indicated in the box.

The software works on the basis of a setup document. Through this setup document and various mechanisms, the organisation can tailor the algorithm use to its own situation. A proposal is made for anonymising a text fragment to an employee. No automated decisions are involved.

The algorithm searches specifically for (personal) data and marks or designates it regardless of the further content of documents. The employee handles the suggestions and indicates where they are correct, corrects where it should. Optionally, this work can also be reviewed within the software by a second person. For the resident, this means that the organisation is demonstrably and proportionately working to eliminate (the risk of) privacy breaches and thus comply with the AVG.

To reduce the risk of documents being insufficiently anonymised, a check is always performed by an employee. This involves a full check where the software can be used intuitively to check or modify/enrich. If there were no human control when anonymising documents, various risks could arise, especially as a result of disclosing or publishing privacy-sensitive data. This tool in conjunction with humans, helps prevent this:

Violation of privacy laws:

The inadvertent disclosure of personal data may constitute a violation of privacy laws, such as the EU's AVG. This can lead to significant fines and legal penalties.

Identity theft:

Disclosing personally identifiable information (PII) such as name, address and BSN can lead to identity theft and financial fraud.

Damage to reputation:

Both the reputation of the individuals whose information has been leaked and that of the organisation responsible for the leak can be seriously damaged.

Loss of trust:

The confidence of the public and affected stakeholders in the organisation may decrease, leading to a decline in engagement and support.

Personal damage:

Individuals may suffer emotional and psychological damage if their personal data is made public.

Exploitation and misuse:

Disclosed data can be used for malicious purposes, such as strike, harassment or discrimination.

Human monitoring helps to mitigate these risks by providing additional assessment and confirmation that anonymisation processes have been adequately carried out before information is made public.

General data protection regulation (AVG)

Environment Act

General Administrative Law Act (AWB)

Disclosure Act

Open Government Act (Woo)

Electronic Publications Act (Wep)

At the beginning of use, a setup document was compiled by organisation and supplier. This contains preferences of the organisation regarding anonymisation. This set is merged with Octobox's Basic Model, which by default looks for persons traceable data, such as Citizen Service Numbers, Bank Account Numbers, phone numbers, e-mail addresses, dates, residential addresses and postal codes.

The organisation may have a preference not to mask out certain names (minister, director) and others. Staff names may be missing from the Basic Model and added in advance. Another preference the organisation may indicate is, for example, the format in which an e-mail address is made unrecognisable.

Based on smart rules, the software searches through the texts of every document in the offered file. Certain texts, words or character combinations are recognised as traceable data, such as Citizen Service Numbers, Bank Account Numbers, telephone numbers, e-mail addresses, dates, residential addresses and postal codes.

The software can be set to the degree of certainty in which a condition is met. For the employee, the screen indicates which text fragments should be lacquered with certainty, and which meet the established smart rule to a lesser extent. Through the screen, the employee can approve or reject the proposals, and also amend for approval. The collaborator can also mark text itself and make it eligible for varnishing, including adding a basis.

It is possible for a second collaborator to check the work of the first. Once all (pages of all) documents in the file have been reviewed, the final version is created, in a suitable format for publication.