High-quality test data that is useful for effective testing is often available on users’ site. However, sharing data owned by users with software vendors may raise privacy concerns. Techniques are needed to enable data sharing among data owners and the vendors without leaking data privacy. Evolving programs bring additional challenges because data may be shared multiple times for every version of a program. When multiple versions of the data are cross-referenced, private information could be inferred. Although there are studies addressing the privacy issue of data sharing for testing and debugging, little work has explicitly addressed the challenges when programs evolve. In this paper, we examine kb-anonymity that is recently proposed for anonymizing data for a single version of a program, and identify a potential privacy risk if it is repeatedly applied for evolving programs. We propose kbe-anonymity to address the insufficiencies of kb-anonymity and evaluate our model on three Java programs. We demonstrate that kbe -anonymity can successfully address the potential risk of kb-anonymity, maintain sufficient path coverage for testing, and be as efficient as kb-anonymity.