Data about individuals can be very valuable, not only for those that use the data, such as advertisers, content providers, merchants, retailers, etc., but also for those that collect the data as it can provide for a profitable revenue stream, as well as the consumers themselves whose data is collected as they can benefit from receiving content, advertisements, offers, etc. that are more personalized to their own interests. As a result, there is a large industry focused on capturing personal data from a wide variety of sources, including, but not limited to, transactions, geolocations, demographics, biometrics, data usage, media consumption, etc.
However, while some people welcome the capturing of their personal data for use in personalized offers and content, others are uncomfortable with the capture and usage of data that is personally identifiable to themselves. As a result, some techniques have been created that remove personally identifiable information from a data set, or that combine data for multiple consumers into a single data set, to prevent the usage of personally identifiable information. Such techniques and their benefits and usage can be found in U.S. Pat. No. 8,719,193, entitled “Systems and Methods for Analysis and Linkage Between Different Transaction Data Providers,” by Marianne Iannace; U.S. Patent Publication No. 2014/0025483, entitled “System and Method for Protecting Consumer Privacy in the Measuring of the Effectiveness of Advertisements,” by Curtis Villars, et al.; U.S. Patent Publication No. 2013/0024242, entitled “Protecting Privacy in Audience Creation,” by Curtis Villars et al.; and U.S. patent application Ser. No. 14/333,971, entitled “Method and System for Maintaining Privacy in Scoring of Consumer Spending Behavior,” by Curtis Villars, et al., filed on Jul. 17, 2014, all of which are herein incorporated by reference in their entirety.
One such method involves the use of a “measurement key” to uniquely identify data in a data set, such as data associated with a specific individual in a set of consumer data, where the measurement key is a unique value that is not personally identifiable to the associated person. For example, the measurement key may be a hash of an identification number, such that the hash cannot be converted back into the identification number and is therefore not personally identifiable to the associated individual. In such methods, the measurement key is often a persistent value. Unfortunately, in some instances, a higher degree of privacy protection may be desired, or even required, than is provided by the use of a persistent identifier, especially in jurisdictions where persistent identifiers may be deemed to be personal identifiers.
As a result, a method for generating a dynamic de-identifier has been developed that is designed to protect a set of data to keep it “dynamically anonymous” for as long as desired, as discussed in detail in U.S. Patent Publication No. 2014/0287723, entitled “Mobile Applications for Dynamic De-Identification and Anonymity,” by Malcolm LaFever, et al., which is herein incorporated by reference in its entirety. A dynamic de-identifier can be used in place of a measurement key or other type of persistent identifier to provide for traditional uses of a set of data (e.g., for measuring advertising effectiveness, creation of microsegments or audiences, etc.), while providing for a higher level of privacy protection. However, these methods often use the dynamic de-identifier when providing a single set of data, which already contains personally identifiable information, to a third party with the personally identifiable information removed. Such methods may be ineffective in instances where no personally identifiable information may be possessed at any time, particularly in instances where disparate data sets are to be combined by one or both of the parties without the use of any personally identifiable information or persistent identifiers.
Thus, there is a need for a technical solution to combine two disparate data sets without the use or possession of personally identifiable information in order to achieve a higher level of privacy protection, via the use of dynamic de-identifiers such that no personally identifiable information or persistent identifiers are used during the process.