In the UK, the transparency agenda is forcing data stewardship organisations to review their dissemination policies and to consider whether to release data that is currently only available to a restricted community of researchers under licence as open data. Here we describe the results of a study providing evidence about the risks of such an approach via a simulated attack on two social survey datasets. This is also the first systematic attempt to simulate a jigsaw identification attack (one using a mashup of multiple data sources) on an anonymised dataset. The information that we draw on is collected from multiple online data sources and purchasable commercial data. The results indicate that such an attack against anonymised end user licence (EUL) datasets, if converted into open datasets, is possible and therefore we would recommend that penetration tests should be factored into any decision to make datasets (that are about people) open.
Agarwal, A., K. Hosanagar, and M.D. Smith. 2011. “Location, Location, Location: An Analysis of Profitability of Position in Online Advertising Markets.” Journal of Marketing Research 48: 1057–1073. Doi: http://dx.doi.org/10.1509/jmr.08.0468.
Backstrom, L., C. Dwork, and J. Kleinberg. 2007. “Wherefore Art Thou r3579x?: Anonymized Social Networks, Hidden Patterns, and Structural Steganography.” In Proceedings of the 16th international conference on World Wide Web, 8–12 May 2007, Banff, AB, Canada. 181–190. Available at: http://dl.acm.org/citation.cfm?id=1242598 (accessed 9 November 2015).
Bar-Ilan, J., K. Keenoy, M. Levene, and E. Yaari. 2009. “Presentation Bias Is Significant in Determining User Preference for Search Results-A User Study.” Journal of the American Society for Information Science and Technology 60: 135–149. Doi: http://dx.doi.org/10.1002/asi.20941.
Elliot, M.J. 2009. “Using Targeted Perturbation of Microdata to Protect Against Intelligent Linkage.” In Proceedings of UNECE Work Session on Statistical Confidentiality, 17–19 December 2007, Manchester. Available at: http://www.unece.org/index.php?id=14503#/ (accessed 14 December 2014).
Elliot, M.J. and A. Dale. 1999. “Scenarios of Attack: the Data Intruder’s Perspective on Statistical Disclosure Risk.” Netherlands Official Statistics 14: 6–10. Available at: http://bit.ly/1ScX0cS (accessed 9 November 2015).
Ma, Z.M., G. Pant, and O.R.L. Sheng. 2010. “Examining Organic and Sponsored Search Results: A Vendor Reliability Perspective.” Journal of Computer Information Systems 50: 30–38. Available at: http://bit.ly/1MSpcni (accessed 9 November 2015).
Malin, B. and L. Sweeney. 2004. “How (Not) to Protect Genomic Data Privacy in a Distributed Network: Using Trail Re-Identification to Evaluate and Design Anonymity Protection Systems.” Journal of Biomedical Informatics 37: 179–192. http://dx.doi.org/10.1016/j.jbi.2004.04.005.
Narayanan, A. and V. Shmatikov. 2008. “Robust De-Anonymization of Large Sparse Datasets.” In Proceedings of the 2008 IEEE Symposium on Security and Privacy, 18–21 May 2008, Berkeley/Oakland, CA, USA. 111–125. Doi: http://dx.doi.org/10.1109/SP.2008.33.
Narayanan, A. and V. Shmatikov. 2009. “De-Anonymizing Social Networks.” In Proceedings of the 2009 IEEE Symposium on Security and Privacy, 17–20 May 2009, Berkeley/Oakland, CA, USA. 173–187. Doi: http://dx.doi.org/10.1109/Sp.2009.22.
Whipple, E.C., K.L. Allgood, and E.M. Larue. 2012. “Third-Year Medical Students’ Knowledge of Privacy and Security Issues Concerning Mobile Devices.” Medical Teacher 34: e532–e548. Doi: http://dx.doi.org/10.3109/0142159X.2012.670319.