Working with sensitive personal data is difficult at best of times, and anonymising such data properly devilishly tricky.
At Aircloak we have built a software layer that dynamically anonymises the answers to SQL queries on the fly. We believe that the proof is in the pudding. Anyone can claim they are safely anonymising data, but very few understand what it actually entails. Deleting names or social security numbers is far from sufficient.
The challenge works pretty much like a normal bug bounty only that in this case you get paid for breaking the anonymisation rather than for finding security bugs. We pay up to 5000USD per successful attack.
To make it easier for you, and harder for us, you also get full access to the raw unanonymized datasets that we are claiming to protect as well as the ability to run as many queries as you want through our system.
If you are interested you can find more information here https://challenge.aircloak.com.
By way introduction, my name is Sebastian and I am the CTO at Aircloak. I am more than happy to answer any questions you might have whether they be about our system, our stack, or anything else that you might find interesting.
If a moderator can delete this one, please do.
Thanks