Reidentification risk estimation using Gaussian-copula-based generative models


Abstract

Data publishers typically apply anonymization techniques to safeguard privacy when sharing data for secondary analysis. However, the current models for estimating reidentification risk fall short of adequately estimating the potential privacy risks of disclosed data. For instance, in this paper, we show that existing risk estimation models fail to precisely estimate population uniqueness risks as they overlook sensitive and other attributes. To address such problems, we present a generative, copula-based model that can precisely estimate the probability of reidentifying a specific individual based on population uniqueness, taking into account quasi-identifying and sensitive attributes. Further, we prove that risk estimation models should include the percentage of high-risk records in the dataset to provide additional insights into the reidentification risks. We applied the model to 12 real-world datasets and our results show over 91\% true positive recognition and less than 19\% error rate for high-risk records. This error rate is notably lower than the current best rate of 40\%. Further, we found that 43\% of Brazilians can be uniquely identified using the five attributes combination and 79\% of the United States population can be uniquely identified using the nine attributes considered. % such as Age, Work-Class, Educational Level, Marital Status, Occupation, Relationship status, Race, Sex, and Country of origin. Our results show that the proposed model shows more than 81\% accuracy in estimating the reidentification risk of high-risk records.
Ask to review this manuscript

Notes for potential reviewers

  • Volunteering is not a guarantee that you will be asked to review. There are many reasons: reviewers must be qualified, there should be no conflicts of interest, a minimum of two reviewers have already accepted an invitation, etc.
  • This is NOT OPEN peer review. The review is single-blind, and all recommendations are sent privately to the Academic Editor handling the manuscript. All reviews are published and reviewers can choose to sign their reviews.
  • What happens after volunteering? It may be a few days before you receive an invitation to review with further instructions. You will need to accept the invitation to then become an official referee for the manuscript. If you do not receive an invitation it is for one of many possible reasons as noted above.

  • PeerJ Computer Science does not judge submissions based on subjective measures such as novelty, impact or degree of advance. Effectively, reviewers are asked to comment on whether or not the submission is scientifically and technically sound and therefore deserves to join the scientific literature. Our Peer Review criteria can be found on the "Editorial Criteria" page - reviewers are specifically asked to comment on 3 broad areas: "Basic Reporting", "Experimental Design" and "Validity of the Findings".
  • Reviewers are expected to comment in a timely, professional, and constructive manner.
  • Until the article is published, reviewers must regard all information relating to the submission as strictly confidential.
  • When submitting a review, reviewers are given the option to "sign" their review (i.e. to associate their name with their comments). Otherwise, all review comments remain anonymous.
  • All reviews of published articles are published. This includes manuscript files, peer review comments, author rebuttals and revised materials.
  • Each time a decision is made by the Academic Editor, each reviewer will receive a copy of the Decision Letter (which will include the comments of all reviewers).

If you have any questions about submitting your review, please email us at [email protected].