|
Situating Anonymization Within a Privacy Risk Model
February 2012
Stuart S. Shapiro, The MITRE Corporation
ABSTRACT
Privacy risk analysis of complex socio-technical
systems suffers from an inadequate risk model that focuses
primarily on some form of Fair Information Practice Principles
(FIPPs). Anonymization as a privacy risk control suffers from an
emphasis on risk of failure, neglecting the circumstances
surrounding its selection as a risk control in the first place. By
interrelating an enhanced privacy risk model that goes beyond
FIPPs and an integrated anonymization framework, the selection
and implementation of anonymization as a privacy risk control
can be more systematically considered and carried out. The
Science and Technology Directorate of the U.S. Department of
Homeland Security has sponsored development of both an
integrated anonymization framework and an enhanced privacy
risk model to support more effective privacy risk management.
Both of these are described at a high level and their
interoperability illustrated by application to the Google Street
View controversy.
Copyright
Copyright © 2012 IEEE. This material is posted here with permission of the IEEE. Such permission of the IEEE does not in any way imply IEEE endorsement of any of the products or services of The MITRE Corporation. Internal or personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution must be obtained from the IEEE by writing to pubs-permissions@ieee.org. By choosing to view this document, you agree to all provisions of the copyright laws protecting it.
Additional Search Keywords
anonymization, informational privacy, privacy in socio-technical systems, privacy risk
|
