The Challenge of Privacy Protection for Statistical Agencies

Duration: 59 mins 15 secs

Share this media item:

Embed this media item:

<iframe width="_width_" height="_height_" src="https://sms.cam.ac.uk/media/2283131/embed" frameborder="0" scrolling="no" allowfullscreen></iframe>

Choose size:

About this item

Available Formats

About this item

Description:	Abowd, J (U.S. Census Bureau, Cornell University) Wednesday 6th July 2016 - 14:30 to 15:30


Created:	2016-07-18 14:30
Collection:	Data Linkage and Anonymisation
Publisher:	Isaac Newton Institute
Copyright:	Abowd, J
Language:	eng (English)
Distribution:	World (downloadable)
Explicit content:	No
Aspect Ratio:	16:9
Screencast:	No
Bumper:	UCS Default
Trailer:	UCS Default


Abstract:	Since the field of statistical disclosure limitation (SDL) was first formalized by Ivan Fellegi in 1972, official statistical agencies have recognized that their publications posed confidentiality risks for the households and businesses who responded. For even longer, agencies have protected the source data for those publications by using secure storage methods and access authorization systems. In SDL, Dalenius (1977) and, in computer science, Goldwasser and Micali (1982) formalized what has become the modern approach to privacy protection in data publication: inferential disclosure limitation/semantic security. The modern approach to physical data security centers on firewall and encryption technologies. And the two sets of risks (disclosure through publication and disclosure through unauthorized access) have become increasingly inter-related. It is important to recognize the distinct issues, however. Secure multiparty computing and the stronger fully homomorphic encryption are formal solutions to the problem of permitting statistical computations without granting access to the decrypted data. Privacy-protected query publication is a formal solution to the problem of insuring that inferential disclosures are bounded and that the bound is respected in all published tables. There are now tractable systems that combine secure multi-party computing with formal privacy protection of the computed statistics (e.g., Shokri and Shmatikov 2015). The challenge to statistical agencies is to learn how these systems work, and move their own protection technologies in this direction. Private companies like Google and Microsoft already do this. Statistical agencies must be prepared to explain the differences in their publication requirements and security protocols that distinguish their chosen data storage methods and publications from those used by private companies. Related Links http://www.brookings.edu/~/media/Projects/BPEA/Spring-2015/2015a_abowd.pdf?la=en - Abowd-Schmutte BPEA Spring 2015

Abstract:

Since the field of statistical disclosure limitation (SDL) was first formalized by Ivan Fellegi in 1972, official statistical agencies have recognized that their publications posed confidentiality risks for the households and businesses who responded. For even longer, agencies have protected the source data for those publications by using secure storage methods and access authorization systems. In SDL, Dalenius (1977) and, in computer science, Goldwasser and Micali (1982) formalized what has become the modern approach to privacy protection in data publication: inferential disclosure limitation/semantic security. The modern approach to physical data security centers on firewall and encryption technologies. And the two sets of risks (disclosure through publication and disclosure through unauthorized access) have become increasingly inter-related. It is important to recognize the distinct issues, however. Secure multiparty computing and the stronger fully homomorphic encryption are formal solutions to the problem of permitting statistical computations without granting access to the decrypted data. Privacy-protected query publication is a formal solution to the problem of insuring that inferential disclosures are bounded and that the bound is respected in all published tables. There are now tractable systems that combine secure multi-party computing with formal privacy protection of the computed statistics (e.g., Shokri and Shmatikov 2015). The challenge to statistical agencies is to learn how these systems work, and move their own protection technologies in this direction. Private companies like Google and Microsoft already do this. Statistical agencies must be prepared to explain the differences in their publication requirements and security protocols that distinguish their chosen data storage methods and publications from those used by private companies.

Related Links

http://www.brookings.edu/~/media/Projects/BPEA/Spring-2015/2015a_abowd.pdf?la=en - Abowd-Schmutte BPEA Spring 2015

Available Formats

Format	Quality	Bitrate	Size
MPEG-4 Video	640x360	1.94 Mbits/sec	862.90 MB	View	Download
WebM	640x360	749.81 kbits/sec	325.48 MB	View	Download
iPod Video	480x270	522.19 kbits/sec	226.61 MB	View	Download
MP3	44100 Hz	249.73 kbits/sec	108.50 MB	Listen	Download
Auto *	(Allows browser to choose a format it supports)

Streaming Media Service Upload

The Challenge of Privacy Protection for Statistical Agencies