We often see company bragging about "anonymizing data", sharing your data is safe as they claim to remove your personal information or lets say the term metadata. However, this only leads to partial anonymity, as companies still usually store and share your data grouped together. This data group can be analyzed, and in many ways, then linked back to you, individually, based on its contents.
So-called anonymized data isn't always anonymous at all. Using machine learning, researchers at Imperial College London and Belgium’s Université catholique de Louvain (UCLouvain) have shown that it's possible to reverse engineer the information to re-identify individuals. In their paper, they describe how 99.98 per cent of USA citizens may well be correctly re-identified in any available ‘anonymized’ dataset by using just 15 characteristics, including age, gender and legal status.
This is pretty standard information for companies to ask for user information. Although they're bound by GDPR guidelines, they’re allowed to sell the information to anyone once it’s anonymised. Our research shows just how easily – and the way accurately – individuals are often traced once this happens," says senior author Dr Yves-Alexandre de Montjoye of Imperial’s Department of Computing.
The only truly anonymized data is not any data, so when asked to test boxes to share data "anonymously" — don’t. Oftentimes you'll be re-identified.