Litcius/Paper detail

Towards formalizing the GDPR’s notion of singling out

Aloni Cohen, Kobbi Nissim

2020Proceedings of the National Academy of Sciences87 citationsDOIOpen Access PDF

Abstract

). We argue that PSO security is a mathematical concept with legal consequences. Any data-release mechanism that purports to "render anonymous" personal data under the GDPR must prevent singling out and, hence, must be PSO secure. We analyze the properties of PSO security, showing that it fails to compose. Namely, a combination of more than logarithmically many exact counts, each individually PSO secure, facilitates predicate singling out. Finally, we ask whether differential privacy and k-anonymity are PSO secure. Leveraging a connection to statistical generalization, we show that differential privacy implies PSO security. However, and in contrast with current legal guidance, k-anonymity does not: There exists a simple predicate singling out attack under mild assumptions on the k-anonymizer and the data distribution.

Topics & Concepts

Differential privacyComputer scienceComputer securityPredicate (mathematical logic)AnonymityTheoretical computer scienceAlgorithmProgramming languagePrivacy-Preserving Technologies in DataCryptography and Data SecurityPrivacy, Security, and Data Protection