Abstract
Focusing on the process of anonymity rather than pursuing the unattainable goal of guaranteed safety.
- Cavoukian, A. and El Emam, K. Dispelling the Myths Surrounding Deidentification: Anonymization Remains a Strong Tool for Protecting Privacy. Information and Privacy Commissioner of Ontario, 2011; http://bit.ly/2nJEcNnGoogle Scholar
- Garfinkel, S.L. De-Identification of Personal Information. National Institute of Standards and Technology, 2015; http://bit.ly/2cz28geGoogle Scholar
- Gellman, R. The deidentification dilemma: A legislative and contractual proposal. 21 Fordham Intell. Prop. Media & Ent. L.J. 33, 2010.Google Scholar
- Hartzog, W. and Solove, D.J. The scope and potential of FTC data protection. 83 Geo. Washington Law Review 2230, 2015.Google Scholar
- Kinney, S.K. et al. Data confidentiality: The next five years summary and guide to papers. J. Privacy and Confidentiality 125 (2009).Google Scholar
- Narayanan, A. and Felten, E.W. No silver bullet: De-identification still doesn't work, 2014; http://bit.ly/1kEPwxVGoogle Scholar
- Narayanan, A. and Shmatikov, V. Robust de-anonymization of large sparse datasets. In Proceedings of the 2008 29th IEEE Symposium on Security and Privacy 111. Google ScholarDigital Library
Index Terms
- The anonymization debate should be about risk, not perfection
Recommendations
On Distributed k-Anonymization
When a database owner needs to disclose her data, she can k-anonymize her data to protect the involved individuals' privacy. However, if the data is distributed between two owners, then it is an open question whether the two owners can jointly k-...
A novel anonymization algorithm: Privacy protection and knowledge preservation
In data mining and knowledge discovery, there are two conflicting goals: privacy protection and knowledge preservation. On the one hand, we anonymize data to protect privacy; on the other hand, we allow miners to discover useful knowledge from ...
Spectral Anonymization of Data
The goal of data anonymization is to allow the release of scientifically useful data in a form that protects the privacy of its subjects. This requires more than simply removing personal identifiers from the data because an attacker can still use ...
Comments