Skip to main content

Research Repository

Advanced Search

Principles- versus rules-based output statistical disclosure control in remote access environments

Ritchie, Felix; Elliot, Mark

Principles- versus rules-based output statistical disclosure control in remote access environments Thumbnail


Mark Elliot


In recent years, the level of detail in confidential data made available to social scientists has increased dramatically. Much of this has been due to the growth in secure data access facilities, which allow access to the most detailed data under strictly controlled conditions.
One element of that control is checking to ensure that statistical outputs do not present any residual disclosure risk. Traditionally this has been managed by specifying rules for researchers to follow, but it is increasingly recognised that a ‘principles-based’ approach can be both more secure and more cost-effective.
The principles-based approach requires a higher level of expertise from the facility managers, and places the subjective assessment of risk at the forefront of decision-making; these two factors often make facility managers uncomfortable. In addition, knowledge of this approach is concentrated amongst a relatively small community, whereas the rules-based model has been the dominant approach for half a century; facility managers may not be aware that there is an alternative perspective.
This paper reviews the arguments for the two different approaches. The two are not mutually exclusive: both take simple rules as a starting point, but the rules-based approach also finishes there. This has advantages in some circumstances, but this paper demonstrates that the value of the principles-based approach increases with the sensitivity of the data and gives more freedom to the researchers to innovate.
The paper considers how the two approaches can be implemented. It notes that, although the principles-based model requires greater initial investment by both the facility managers and researchers, the necessary training can bring substantial auxiliary benefits to the facility manager. The paper therefore concludes that a principles-based approach has advantages in many circumstances, and it is essential for the remote research data centres which dominate access solutions for the most sensitive data.


Ritchie, F., & Elliot, M. (2015). Principles- versus rules-based output statistical disclosure control in remote access environments. IASSIST quarterly / International Association for Social Science Information Service and Technology, 2015(Summer), 5-13

Journal Article Type Article
Acceptance Date Apr 1, 2015
Publication Date Jun 1, 2015
Deposit Date Feb 25, 2016
Publicly Available Date Feb 25, 2016
Journal IASSIST Quarterly
Print ISSN 0739-1137
Peer Reviewed Peer Reviewed
Volume 2015
Issue Summer
Pages 5-13
Keywords data access, data security, statistical disclosure control, principles-based, rules-based, output SDC, researcher management, remote access
Public URL
Publisher URL
Additional Information Additional Information : Also available as Economics Working Paper Series No. 1501


You might also like

Downloadable Citations