Thoughts on the Future

The future will surely bring challenges to statistical confidentiality. Some challenges will be familiar, much like the ones described in Chapter 1. But as the lead quotation suggests, we must prepare for exponential change in our responsibilities, the technology we employ, and the problems we face. Specifically, we must prepare for dramatic changes both in information technology and in our social, economic and political environment. This chapter lays out our view of how these changes will multiply the tensions between the demand for the protections of confidentiality and the demand for access to data. Interestingly, much of what we discuss was only hinted at two decades ago by Duncan and Pearson (1991). Their glimpse to the future is today’s reality. Anticipating tomorrow requires a new and expanded forecast.

[1]  Cynthia Dwork,et al.  Calibrating Noise to Sensitivity in Private Data Analysis , 2006, TCC.

[2]  Chris Clifton,et al.  Tools for privacy preserving distributed data mining , 2002, SKDD.

[3]  John S Brownstein,et al.  No place to hide--reverse identification of patients from published maps. , 2006, The New England journal of medicine.

[4]  Alessandro Acquisti,et al.  Privacy and Security of Personal Information - Economic Incentives and Technological Solutions , 2004, Economics of Information Security.

[5]  Ashwin Machanavajjhala,et al.  Worst-Case Background Knowledge for Privacy-Preserving Data Publishing , 2007, 2007 IEEE 23rd International Conference on Data Engineering.

[6]  Silvia Polettini,et al.  Maximum entropy simulation for microdata protection , 2003, Stat. Comput..

[7]  Jon M. Kleinberg,et al.  Challenges in mining social network data: processes, privacy, and paradoxes , 2007, KDD '07.

[8]  William E. Winkler,et al.  Re-identification Methods for Masked Microdata , 2004, Privacy in Statistical Databases.

[9]  Rakesh Agrawal,et al.  Privacy-preserving data mining , 2000, SIGMOD 2000.

[10]  Cynthia Dwork,et al.  Ask a Better Question, Get a Better Answer A New Approach to Private Data Analysis , 2007, ICDT.

[11]  Johannes Gehrke,et al.  Interactive anonymization of sensitive data , 2009, SIGMOD Conference.

[12]  Alexandre V. Evfimievski,et al.  Limiting privacy breaches in privacy preserving data mining , 2003, PODS.

[13]  William E. Winkler,et al.  Masking and Re-identification Methods for Public-Use Microdata: Overview and Research Problems , 2004, Privacy in Statistical Databases.

[14]  R. Little,et al.  Selective Multiple Imputation of Keys for Statistical Disclosure Control in Microdata , 2003 .

[15]  Dan Suciu,et al.  The Boundary Between Privacy and Utility in Data Publishing , 2007, VLDB.

[16]  George T. Duncan,et al.  Optimal Disclosure Limitation Strategy in Statistical Databases: Deterring Tracker Attacks through Additive Noise , 2000 .

[17]  George Duncan,et al.  Privacy By Design , 2007, Science.

[18]  Scott Menard,et al.  Childhood Maltreatment, Subsequent Antisocial Behavior, and the Role of Monoamine Oxidase A Genotype , 2006, Biological Psychiatry.

[19]  R. Benedetti,et al.  Individual Risk of Disclosure Using Sampling Design Information , 2004 .

[20]  David Brin,et al.  The Transparent Society , 1998 .

[21]  Nabil R. Adam,et al.  Security-control methods for statistical databases: a comparative study , 1989, ACM Comput. Surv..

[22]  George T. Duncan,et al.  Disclosure-Limited Data Dissemination , 1986 .

[23]  Mark Elliot,et al.  Scenarios of attack: the data intruder's perspective on statistical disclosure risk , 1999 .

[24]  Robert F. Boruch,et al.  Assuring the Confidentiality of Social Research Data , 1979 .

[25]  G. Paass Disclosure Risk and Disclosure Avoidance for Microdata , 1988 .

[26]  Damien McAullay,et al.  Remote access methods for exploratory data analysis and statistical modelling: Privacy-Preserving Analytics® , 2008, Comput. Methods Programs Biomed..

[27]  S. Fienberg,et al.  A Bayesian Approach to Data Disclosure: Optimal Intruder Behavior for Continuous Data , 1997 .

[28]  H. Greely Collecting Biomeasures in the Panel Study of Income Dynamics: Ethical and Legal Concerns , 2009, Biodemography and social biology.

[29]  M. Mcluhan Understanding Media: The Extensions of Man , 1964 .

[30]  Chris Clifton,et al.  Privacy-Preserving Data Mining , 2006, Encyclopedia of Database Systems.

[31]  Christine M. O'Keefe,et al.  A Remote Analysis Server - What Does Regression Output Look Like? , 2008, Privacy in Statistical Databases.

[32]  Cynthia Dwork,et al.  Wherefore art thou r3579x?: anonymized social networks, hidden patterns, and structural steganography , 2007, WWW '07.

[33]  L. Pickle,et al.  Current practices in cancer spatial data analysis: a call for guidance , 2005, International journal of health geographics.

[34]  George T. Duncan,et al.  Enhancing Access to Microdata while Protecting Confidentiality: Prospects for the Future , 1991 .

[35]  Jerome P. Reiter,et al.  Multiple Imputation for Statistical Disclosure Limitation , 2003 .