Database Reconstruction Is Not So Easy and Is Different from Reidentification

01/24/2023
by   Krishnamurty Muralidhar, et al.
0

In recent years, it has been claimed that releasing accurate statistical information on a database is likely to allow its complete reconstruction. Differential privacy has been suggested as the appropriate methodology to prevent these attacks. These claims have recently been taken very seriously by the U.S. Census Bureau and led them to adopt differential privacy for releasing U.S. Census data. This in turn has caused consternation among users of the Census data due to the lack of accuracy of the protected outputs. It has also brought legal action against the U.S. Department of Commerce. In this paper, we trace the origins of the claim that releasing information on a database automatically makes it vulnerable to being exposed by reconstruction attacks and we show that this claim is, in fact, incorrect. We also show that reconstruction can be averted by properly using traditional statistical disclosure control (SDC) techniques. We further show that the geographic level at which exact counts are released is even more relevant to protection than the actual SDC method employed. Finally, we caution against confusing reconstruction and reidentification: using the quality of reconstruction as a metric of reidentification results in exaggerated reidentification risk figures.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
09/08/2022

Reconstruction Attacks on Aggressive Relaxations of Differential Privacy

Differential privacy is a widely accepted formal privacy definition that...
research
07/08/2019

Differential Privacy in the 2020 Decennial Census and the Implications for Available Data Products

In early 2021, the US Census Bureau will begin releasing statistical tab...
research
02/15/2022

Defending against Reconstruction Attacks with Rényi Differential Privacy

Reconstruction attacks allow an adversary to regenerate data samples of ...
research
04/12/2019

Towards Formalizing the GDPR's Notion of Singling Out

There is a significant conceptual gap between legal and mathematical thi...
research
03/17/2021

Accuracy Gains from Privacy Amplification Through Sampling for Differential Privacy

Recent research in differential privacy demonstrated that (sub)sampling ...
research
10/04/2017

Differentially Private Database Release via Kernel Mean Embeddings

We lay theoretical foundations for new database release mechanisms that ...

Please sign up or login with your details

Forgot password? Click here to reset