1 / 10

Measuring and Managing Re-identification Risk

Measuring and Managing Re-identification Risk. by Khaled El Emam University of Ottawa. Managing Re-id Risk- I. Before data is collected: Scenarios When preparing a protocol For review by ethics boards When formulating new policies and procedures When writing data sharing agreements

kerry
Download Presentation

Measuring and Managing Re-identification Risk

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 29e Confrence internationale des commissaires à la protection de la vie prive

  2. Measuring and ManagingRe-identification Risk by Khaled El Emam University of Ottawa 29e Confrence internationale des commissaires à la protection de la vie prive

  3. Managing Re-id Risk- I • Before data is collected: • Scenarios • When preparing a protocol • For review by ethics boards • When formulating new policies and procedures • When writing data sharing agreements • Tools • Heuristics • Simulations 29e Confrence internationale des commissaires à la protection de la vie prive

  4. Managing Re-id Risk - II • After data is collected: • Scenarios • Providing data to administrators, researchers or government departments • Responding to an access to information request • Tools • Masking • Risk-based anonymization 29e Confrence internationale des commissaires à la protection de la vie prive

  5. Heuristics, Masking, Anon • The 20k rule, 70k rule, 100k rule …. • Decision tools from matching experiments • Around 18 tools for masking on the market • Deciding on a risk threshold for anonymization 29e Confrence internationale des commissaires à la protection de la vie prive

  6. Acceptable Re-id Risk • What databases does an attacker have access to for record linkage ? • What does an attacker know beforehand ? • What is the verification cost ? • How do we account for privacy tradeoffs by the public ? • What is the impact of consent model ? 29e Confrence internationale des commissaires à la protection de la vie prive

  7. Databases • Public information and registries • Commercial but generally available databases • Confidential and proprietary databases 29e Confrence internationale des commissaires à la protection de la vie prive

  8. Verification Cost • At some point the verification cost becomes too high compared to the benefit for the attacker • The proportion of data that is population unique is important • The extent of overall matching success is also important • You can control both through anonymization 29e Confrence internationale des commissaires à la protection de la vie prive

  9. Tradeoffs • The public is willing to trade their privacy for personal benefits/gains • What they tell us is not necessarily how they will behave • To what extent is the public willing to trade their privacy for societal gain ? 29e Confrence internationale des commissaires à la protection de la vie prive

  10. Consent Models • Is the impact on recruitment rates and bias a function of the consent model or how it is implemented ? • There are many factors that influence consent – were all of these controlled for when comparing consent models ? 29e Confrence internationale des commissaires à la protection de la vie prive

More Related