1 / 19

Disclosure Risk and Grid Computing

Disclosure Risk and Grid Computing. Mark Elliot, Kingsley Purdam, Duncan Smith and Stephan Pickles CCSR, University of Manchester Mark.Elliot@manchester.ac.uk Cathie Marsh Centre for Census and Survey Research, University of Manchester. Overview. What is disclosure risk?

connor-howard
Download Presentation

Disclosure Risk and Grid Computing

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Disclosure Risk and Grid Computing Mark Elliot, Kingsley Purdam, Duncan Smith and Stephan Pickles CCSR, University of Manchester Mark.Elliot@manchester.ac.uk Cathie Marsh Centre for Census and Survey Research, University of Manchester

  2. Overview • What is disclosure risk? • The confidentiality and e-science research programme • Confidentiality and Grid computing project • Data Environment analysis • Disclosure risk experiments

  3. The Disclosure Risk Problem:Type I: Identification Identification file Name Address Sex Age .. Sex Age .. Income .. .. Target file Target variables ID variables Key variables

  4. The Disclosure Risk Problem:Type II: Attribution

  5. The Disclosure Risk Problem:Type II: Attribution

  6. The Confidentiality and e-Science research program: key questions • What new data possibilities does grid computing provide and what confidentiality implications do they have? (1st NCeSS PDP) • How could the grid computing be used to enable disclosure risk assessment and control? (2nd NCeSS PDP) • How could grid computing enable a data intruder? • What are the possibilities and issues provided by remote access? (CLEF project and further funding)

  7. Confidentiality and the Grid Project Aims • To develop methods for classifying the data environment • To investigate the risk associated with release of multiple overlapping datasets • To produce prototype disclosure risk assessment software for assessing risk of multiple

  8. Data Data Everywhere… • Massive and exponential increase in data; Mackey and Purdam(2002); Purdam and Elliot(2003,2005). • These studies have led to the setting up of the data monitoring service. • Singer(1999) noted three behavioural tendencies: • Collect more information on each population unit • Replace aggregate data with person specific databases • Given the opportunity collect personal information • Purdam and Elliot (2003) add: • Link data whenever you can

  9. “New data” • One of the key potentials for e-social science is the possibility of bringing together different data sources through linking and fusing. • However, this is precisely the disclosure risk situation.

  10. Data Environment Analysis • The increasing availability of personal information has impacts on the disclosure control problem in 4 ways: • Decrease in sensitivity of information • Decrease in value to an intruder • Increase in probability of intruder access to key data • Increase in amount of key data intruder has access to

  11. Data Environment Analysis • Need to move with the technology from: • One shot analyses of individual datasets • Ongoing analyses of the data environment • The question is not “How safe is my data” but “How disclosive is the data environment?”. • A process of data monitoring is one aspect of this.

  12. DEA provides a measure of the amount and type of individual information in • the public domain • restricted access datasets and • commercially available data • Metadata are generated through • form analysis • metadata questionnaires • web-crawling software. • Ultimately the process could be automated and tailored to specific grid computing systems.

  13. DEA Interface

  14. The DEA meta-data provides an understanding of: • what variables are available • under what coverage, • which could be linked with the anonymised release sets

  15. The potential value of DEA: • it provides a potential to enable more appropriate understanding and classification of the total real risk of disclosive events. • it gives description of the de facto attitude of our culture towards personal data, thus enabling us to make more informed decisions on such subjects as privacy and data protection law.

  16. Risk Experiments • Experiment 1: Assessed the impact on data intruder’s ability to link microdata records arising from co-presence of population aggregate data. • Experiment 2: Assessed the impact on an intruders ability to make attribution inferences arising from population data arising from the co-presence of microdata samples.

  17. Headline findings • Adding aggregate data increases the linkability of two microdata sets. • Adding microdata to the mix significantly increases the accuracy of attributions, once the sample fraction rises above 5%. • i.e. the more data concerning a given population existing in a given data environment the greater the disclosure risk.

  18. Concluding Remarks • Grid computing provides the potential for unprecedented access to high quality individual level data. • However, as the amount of data on individual population units stored on computing systems increases, so does the threat to anonymised data releases.

  19. Such data release may come to a halt as it becomes impossible to maintain sufficient data quality whilst meeting ever more stringent disclosure control constraints. It is vital that: • creative data access solutions are developed. • Grounded measures of data utility are developed. • data environment analysis is developed as an alternative to bureaucratic control

More Related