Census offices are squeezed between users demanding ever more data and concerns about data confidentiality and privacy. They respond by releasing data either in a tightly controlled setting or in a securely anonymised form to prevent identification. These two routes have been chosen for two separate products from the 1991 British Census of Population: the Samples of Anonymised Records and the linked census Longitudinal Study. In this paper the implications of the two policies are compared. In broad terms, ease of access in the former route is traded for fullness of information in the second. In the final sections of the paper, the risks of identification disclosure in both datasets are assessed. /// Les officiels du recensement sont presses entre les utilisateurs exigeant plus de donnees que jamais, et l'inquietude a l'egard de les menaces d'atteinte a la vie privee et a son caractere confidentiel. En reponse, les officiels mettent les donnees en circulation soit dans un environment etroitment controlle, ou alors sous une forme rendue sure et anonyme afin de prevenir toute identification. Ceux sont les deux routes choisies pour deux produits distinct du Recensement de la Population britannique en 1991: les echantillons de donnees rendue anonymes et l'etude enchaine Longitudinal Study (etude longitudinale). Dans cet article, les implications des deux methodes sont comparees. Generalement parlant, la facilite d'acces de la premiere route est troquee contre la richesse d'information de la seconde. Dans les dernier paragraphes, les risques de revelation d'identite sont evalues dans les deux dossiers.
[1]
Ivan P. Fellegi,et al.
On the Question of Statistical Confidentiality
,
1972
.
[2]
J. Schlörer.
Confidentiality of Statistical Records: A Threat-Monitoring Scheme for On Line Dialogue
,
1976,
Methods of Information in Medicine.
[3]
Privacy, the information gatherers
,
1977
.
[4]
Fulton Pn,et al.
Population estimates and projections
,
1978
.
[5]
Peter J. Denning,et al.
The tracker: a threat to statistical database security
,
1979,
TODS.
[6]
Dorothy E. Denning,et al.
Cryptography and Data Security
,
1982
.
[7]
J. Goyder,et al.
The Decline in Survey Response: A Social Values Interpretation
,
1985
.
[8]
1981 Census Post-enumeration Survey
,
1985
.
[9]
Research Policy and Review 23. The View of Academic Social Scientists on the 1991 UK Census of Population: A Report of the Economic and Social Research Council Working Group
,
1988,
Environment & planning A.
[10]
G. Paass.
Disclosure Risk and Disclosure Avoidance for Microdata
,
1988
.
[11]
A study on the future of the census of population : alternative approaches
,
1989
.
[12]
Data protection and data access : reports from ten countries on data protection and data access in social research, with an annotated international bibliography
,
1990
.
[13]
W. Keller,et al.
Disclosure control of microdata
,
1990
.
[14]
George T. Duncan,et al.
Enhancing Access to Microdata while Protecting Confidentiality: Prospects for the Future
,
1991
.
[15]
C. Marsh,et al.
The sample of anonymised records.
,
1991,
ESRC Data Archive bulletin.
[16]
C. J. Skinner,et al.
On identification disclosure and prediction disclosure for microdata
,
1992
.