Designing for Privacy and its Legal Framework by Aurelia Tamò-Larrieux

Author:Aurelia Tamò-Larrieux
Language: eng
Format: epub
ISBN: 9783319986241
Publisher: Springer International Publishing

6.4.2 Generalization

Another method that data controllers can use to ensure that Alice’s data remains anonymous is generalization. Generalization techniques dilute attributes of data subjects and thereby prevent Alice to be singled out. They do this by modifying the scale or order of magnitude of collected data.143 For instance, one could replace the city name with the region name, or only record the month rather than the exact date. Such entries can be generalized ex ante (i.e., asking Alice when creating an account only for approximate age or age range instead of precise birth dates) or ex post, by applying mechanisms such as k-anonymity and l-diversity. In this case, the basic mechanism is to group a single data subject with k others, thereby suppressing key attributes that may act as quasi-identifiers.144 This goal is achieved by generalizing or suppressing certain sensitive values in the datasets.145 Such techniques prevent the singling out of particular data subjects if the value of k is large enough, thereby reducing the linkability to specific individuals.146 Yet, k-anonymity does not prevent inference attacks (i.e., attacks in which the attacker has specific knowledge of a data subject in a dataset).147 To limit such attacks, l-diversity techniques extend k-anonymity148 by limiting the “occurrence of equivalence classes with poor attribute variability;” however, the method is still vulnerable to probabilistic inference attacks.149

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.