Increasing Transparent and Accountable Use of Data by Quantifying the Actual Privacy Risk in Interactive Record Linkage
share
Record linkage refers to the task of integrating data from two or more databases without a common identifier. MINDFIRL (MInimum Necessary Disclosure For Interactive Record Linkage) is a software system that demonstrates the tradeoff between utility and privacy in interactive record linkage. Due to the need to access personally identifiable information (PII) to accurately assess whether different records refer to the same person in heterogeneous databases, privacy is a major concern in interactive record linkage. MINDFIRL supports interactive record linkage while minimizing the privacy risk by (1) using pseudonyms to separate the identifying information from the sensitive information, (2) dynamically disclosing only the minimum necessary information incrementally, as needed on-demand at the point of decision, and (3) quantifies the risk due to the needed information disclosure to support transparency, the reasoning, communication, and decisions on the privacy and utility trade off. In this paper we present an overview of the MINDFIRL system and the k-Anonymized Privacy Risk (KAPR) score used to measure the privacy risk based on the disclosed information. We prove that KAPR score is a norm meeting all the desirable properties for a risk score for interactive record linkage.
READ FULL TEXT