Situating anonymization within a privacy risk model

Author

Shapiro, Stuart S.

Author_Institution

Homeland Security Syst. Eng. & Dev. Inst., MITRE Corp., Bedford, MA, USA

fYear

2012

fDate

19-22 March 2012

Firstpage

1

Lastpage

6

Abstract

Privacy risk analysis of complex socio-technical systems suffers from an inadequate risk model that focuses primarily on some form of Fair Information Practice Principles (FIPPs). Anonymization as a privacy risk control suffers from an emphasis on risk of failure, neglecting the circumstances surrounding its selection as a risk control in the first place. By interrelating an enhanced privacy risk model that goes beyond FIPPs and an integrated anonymization framework, the selection and implementation of anonymization as a privacy risk control can be more systematically considered and carried out. The Science and Technology Directorate of the U.S. Department of Homeland Security has sponsored development of both an integrated anonymization framework and an enhanced privacy risk model to support more effective privacy risk management. Both of these are described at a high level and their interoperability illustrated by application to the Google Street View controversy.

Keywords

data privacy; risk analysis; fair information practice principles; google street view controversy; inadequate risk; integrated anonymization; privacy risk analysis; privacy risk control; privacy risk management; privacy risk model; socio technical systems; Google; Licenses; Modeling; Privacy; Risk management; Vehicles; anonymization; informational privacy; privacy in socio-technical systems; privacy risk;

fLanguage

English

Publisher

ieee

Conference_Titel

Systems Conference (SysCon), 2012 IEEE International

Conference_Location

Vancouver, BC

Print_ISBN

978-1-4673-0748-2

Type

conf

DOI

10.1109/SysCon.2012.6189494

Filename

6189494