Global Disclosure Risk Measures and k-Anonymity Property for Microdata

In today’s world, governmental, public, and private institutions systematically release data which describes individual entities (commonly referred as microdata). Those institutions are increasingly concerned with possible misuses of the data that might lead to disclosure of confidential information. Moreover, confidentiality regulation requires that privacy of individuals represented in the released data must be protected. To protect the identity of individual entities from the microdata a large number of disclosure control methods have been proposed in the literature (such as sampling, simulation, data swapping, microaggregation, etc.). To compare different approaches to achieve data protection, various disclosure risk measures have been proposed in the literature. We introduced in our earlier papers a customized global disclosure risk measure that varied between a minimal and maximal value. In the mean time, Samarati and Sweeney have introduced a property, called k-anonymity, which must be satisfied by a microdata to guarantee the protection of individual entities [Samarati 2001, Sweeney 2002a]. In this paper we describe our disclosure risk measures, the k-anonymity property, and then we compare their advantages and disadvantages. The global disclosure risk measures offer more information about the level of protection and they can be customized based on the specific privacy requirements for a given microdata. On the other end, k-anonymity property can be obtained automatically with efficient algorithms, while the usage of the global disclosure risk measures still involves human intervention.