03 May Researchers Exploit Noise Added to Diffix System to Break Privacy
Researchers from the Imperial College of London recently found that it was possible to use the noise added to the system for privacy to determine an individual’s private attributes with up to 99% accuracy.
Diffix, which was recently commercialized and approved by French data protection authority CNIL to satisfy the full criteria for GDPR, uses technology pioneered by researchers at the Max Planck Institute over several years. However, the Imperial College research team says that even with the limitations of their attack, they were still able to uncover a serious vulnerability in the system.
In a blog post, the researchers still said that no system is perfect and the vulnerability they discovered is only a reminder that privacy protection is an ongoing challenge.