Privacy risk analysis of complex socio-technical systems suffers from an inadequate risk model that focuses primarily on some form of Fair Information Practice Principles (FIPPs).
Situating Anonymization Within a Privacy Risk Model
Download Resources
PDF Accessibility
One or more of the PDF files on this page fall under E202.2 Legacy Exceptions and may not be completely accessible. You may request an accessible version of a PDF using the form on the Contact Us page.
Privacy risk analysis of complex socio-technical systems suffers from an inadequate risk model that focuses primarily on some form of Fair Information Practice Principles (FIPPs). Anonymization as a privacy risk control suffers from an emphasis on risk of failure, neglecting the circumstances surrounding its selection as a risk control in the first place. By interrelating an enhanced privacy risk model that goes beyond FIPPs and an integrated anonymization framework, the selection and implementation of anonymization as a privacy risk control can be more systematically considered and carried out. The Science and Technology Directorate of the U.S. Department of Homeland Security has sponsored development of both an integrated anonymization framework and an enhanced privacy risk model to support more effective privacy risk management. Both of these are described at a high level and their interoperability illustrated by application to the Google Street View controversy.