Hans-Peter Hafner
Evidence-based, context-sensitive, user-centred, risk-managed SDC planning: Designing data access solutions for scientific use
Hafner, Hans-Peter; Lenz, Rainer; Ritchie, Felix; Welpton, Richard
Abstract
Disclosure control planning is characterised by over-reliance on theoretical models, inappropriate disclosure scenarios, worst-case planning, confusion over subjective versus objective risk management, and an unwillingness to consider the evidence base. This is most striking in the case of access to sensitive data for scientific purposes: most research on SDC has little or no value for this group. This is because confidentiality for scientific users is best managed by a range of procedural and technical options, of which statistical methods are both the least important and the least desirable.
In the last ten years or so, this procedural perspective has become increasingly dominant amongst the designers and managers of data access systems for the social sciences. However, the research management community has been less successful in getting this message out to other stakeholders.
This paper summarises the case for an evidence-based holistic approach to data access management. In particular, it considers
- the universality of the ‘intruder’ model, despite a substantial body of evidence that an ‘idiot’ model is more realistic, relevant, useful, and better aligned with legal requirements
- the focus on quantifiable measures of risk, when uncertainty is the true problem
- the legal, institutional and practical definition of ‘identification’
- assessing genuine user and stakeholder needs
- the low importance of statistical factors in the design of data access systems
- engrained institutional attitudes to risk
The common themes are use of evidence, integration of statistical and non-statistical approaches, the effective use of limited resources, and the importance of grounding strategy in realistic expectations of risk and uncertainty.
Citation
Hafner, H., Lenz, R., Ritchie, F., & Welpton, R. (2015, October). Evidence-based, context-sensitive, user-centred, risk-managed SDC planning: Designing data access solutions for scientific use. Paper presented at UNECE/Eurostat work session on statistical data confidentiality - 2015
Presentation Conference Type | Conference Paper (unpublished) |
---|---|
Conference Name | UNECE/Eurostat work session on statistical data confidentiality - 2015 |
Start Date | Oct 5, 2015 |
End Date | Oct 7, 2015 |
Publication Date | Sep 5, 2015 |
Peer Reviewed | Not Peer Reviewed |
Keywords | data access, confidentaility, privacy, SDC, big data |
Publisher URL | http://www1.unece.org/stat/platform/download/attachments/109248612/Session%204%20-%20Various%20%28Hafner%20et%20al.%29.pdf |
Related Public URLs | http://www1.unece.org/stat/platform/download/attachments/109248612/Session%204%20-%20Various.pptx |
Additional Information | Title of Conference or Conference Proceedings : UNECE/Eurostat Worksession on Statistical Data Confidentiality |
Files
Session 4 - Hafner et al.pdf
(379 Kb)
PDF
You might also like
Spontaneous recognition: An unneccessary control on data access?
(2017)
Book Chapter
Open data: Who needs it?
(2017)
Presentation / Conference
Lessons learned in training ‘safe users’ of confidential data
(2017)
Presentation / Conference
The "Five Safes": A framework for planning, designing and evaluating data access solutions
(2017)
Presentation / Conference
Spontaneous recognition: An unnecessary control on data access?
(2017)
Journal Article