Comment by yfontana

A while ago I worked on a system handling call records for a large telco. Call records were considered sensitive information at that company, and distributed only where definitely needed. I'm sure security wasn't bulletproof, but there were regular audits to check that employees and contractors didn't store records in places they weren't supposed to.

One of the main functions of the system that I worked on was to create various anonymous and/or aggregated versions of the data, which could be distributed and used more widely (for stuff like fraud detection, network provisioning, marketing...).