What a Hybrid Legal-Technical Analysis Teaches Us About Privacy Regulation: The Case of Singling Out

Altman, Micah; Cohen, Aloni; Nissim, Kobbi; Wood, Alexandra

doi:10.2139/ssrn.3681729

Cited by 13 publications

(25 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Second, we convert our downcoding attacks into powerful predicate singling-out (PSO) attacks. PSO attacks were recently proposed as a way to demonstrate that a privacy mechanism fails to legally anonymize under the GDPR [2,7]. We introduce a stronger type of PSO attack called compound PSO attacks and prove that minimal hierarchical QIdeidentification enables compound PSO attacks, greatly improving over the prior work.…”

Section: Introductionmentioning

confidence: 88%

“…Predicate singling-out (PSO) attacks were recently introduced in the context of data anonymization under Europe's General Data Protection Regulation (GDPR) [7]. They were proposed as a mathematical test to show that a privacy mechanism fails to legally anonymize data under Europe's General Data Protection Regulation (GDPR) [2,7]. The prior work gives a simple but weak PSO attack against a large class of kanonymous mechanisms.…”

Section: Related Workmentioning

confidence: 99%

“…Predicate singling-out attacks were recently introduced by Cohen and Nissim in the context of data anonymization under Europe's General Data Protection Regulation (GDPR) [7]. They were proposed as a mathematical test to show that a privacy mechanism fails to legally anonymize data under GDPR [2,7]. A mechanism M legally anonymizes under GDPR if it suffices to transform regulated personal data into unregulated anonymous data.…”

Section: Background On Pso Attacksmentioning

confidence: 99%

“…That is, if M(X) is free from GDPR regulation regardless of what X is. If a mechanism enables PSO attacks, then it does not legally anonymize under GDPR [2].…”

Section: Background On Pso Attacksmentioning

confidence: 99%

“…However, the European Union's General Data Protection Regulation (GDPR) restricts the adversary's techniques by protecting only against "means reasonably likely to be used" by an attacker. 2 Likewise, the United State's Family Educational Rights and Privacy Act (FERPA) restricts the adversary's knowledge by protecting only against an attacker lacking "personal knowledge of the relevant circumstances." 3 Contributions We present three attacks on QIdeidentification schemes: two theoretical attacks and one real world reidentification attack.…”

Section: Introductionmentioning

confidence: 99%

See 4 more Smart Citations

Attacks on Deidentification's Defenses

Cohen¹

2022

Preprint

Self Cite

View full text Add to dashboard Cite

Quasi-identifier-based deidentification techniques (QIdeidentification) are widely used in practice, including k-anonymity, -diversity, and t-closeness. We present three new attacks on QI-deidentification: two theoretical attacks and one practical attack on a real dataset. In contrast to prior work, our theoretical attacks work even if every attribute is a quasi-identifier. Hence, they apply to k-anonymity, -diversity, t-closeness, and most other QI-deidentification techniques. * We thank Kobbi Nissim for many helpful discussions; Ryan Sullivan for early discussions on EdX; and Gabe Kaptchuk, anonymous reviewers, and especially Mayank Varia for generous feedback.

show abstract

Section: Introductionmentioning

confidence: 88%

Section: Related Workmentioning

confidence: 99%

Section: Background On Pso Attacksmentioning

confidence: 99%

“…That is, if M(X) is free from GDPR regulation regardless of what X is. If a mechanism enables PSO attacks, then it does not legally anonymize under GDPR [2].…”

Section: Background On Pso Attacksmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Attacks on Deidentification's Defenses

Cohen¹

2022

Preprint

Self Cite

View full text Add to dashboard Cite

show abstract

Using Differential Privacy to Define Personal, Anonymous, and Pseudonymous Data

Huang,

Zheng

2023

IEEE Access

View full text Add to dashboard Cite

Defining personal, anonymous, and pseudonymous data is a vital issue for data protection law. Current approaches adopted by legal regimes are either too absolute to be practical or too vague to be manageable. Differential privacy (DP), as a newly emergent technical tool, can help define the different categories of data by quantifiably measuring identification risks of databases. Through the selection of privacy budget in advance, data controllers can delineate the boundaries among personal, anonymous, and pseudonymous data in an auditable and reviewable way, as well as incorporate the definition into the broader practice of data risk management. This article offers concrete steps of applying this approach in practice, and argues that such an approach not only enhances certainty, consistency, and transparency, but also inspires a new model of interaction between law and technology. Recognizing that this approach is not perfect, the article then discusses some difficulties and directions for future research.

show abstract

Alternative Methodology and Framework for Assessing Differential Privacy Constraints and Consequences From a GDPR Perspective

Prokhorenkov

2022

2022 IEEE 12th Annual Computing and Communication Workshop and Conference (CCWC)

View full text Add to dashboard Cite

What a Hybrid Legal-Technical Analysis Teaches Us About Privacy Regulation: The Case of Singling Out

Cited by 13 publications

References 0 publications

Attacks on Deidentification's Defenses

Attacks on Deidentification's Defenses

Using Differential Privacy to Define Personal, Anonymous, and Pseudonymous Data

Alternative Methodology and Framework for Assessing Differential Privacy Constraints and Consequences From a GDPR Perspective

Contact Info

Product

Resources

About