Towards Formalizing the GDPR's Notion of Singling Out
April 12, 2019 Β· Declared Dead Β· π Proceedings of the National Academy of Sciences of the United States of America
"No code URL or promise found in abstract"
Evidence collected by the PWNC Scanner
Authors
Aloni Cohen, Kobbi Nissim
arXiv ID
1904.06009
Category
cs.CY: Computers & Society
Cross-listed
cs.CR
Citations
101
Venue
Proceedings of the National Academy of Sciences of the United States of America
Last Checked
4 months ago
Abstract
There is a significant conceptual gap between legal and mathematical thinking around data privacy. The effect is uncertainty as to which technical offerings adequately match expectations expressed in legal standards. The uncertainty is exacerbated by a litany of successful privacy attacks, demonstrating that traditional statistical disclosure limitation techniques often fall short of the sort of privacy envisioned by legal standards. We define predicate singling out, a new type of privacy attack intended to capture the concept of singling out appearing in the General Data Protection Regulation (GDPR). Informally, an adversary predicate singles out a dataset $X$ using the output of a data release mechanism $M(X)$ if it manages to find a predicate $p$ matching exactly one row $x \in X$ with probability much better than a statistical baseline. A data release mechanism that precludes such attacks is secure against predicate singling out (PSO secure). We argue that PSO security is a mathematical concept with legal consequences. Any data release mechanism that purports to "render anonymous" personal data under the GDPR must be secure against singling out, and hence must be PSO secure. We then analyze PSO security, showing that it fails to self-compose. Namely, a combination of $Ο(\log n)$ exact counts, each individually PSO secure, enables an attacker to predicate single out. In fact, the composition of just two PSO-secure mechanisms can fail to provide PSO security. Finally, we ask whether differential privacy and $k$-anonymity are PSO secure. Leveraging a connection to statistical generalization, we show that differential privacy implies PSO security. However, $k$-anonymity does not: there exists a simple and general predicate singling out attack under mild assumptions on the $k$-anonymizer and the data distribution.
Community Contributions
Found the code? Know the venue? Think something is wrong? Let us know!
π Similar Papers
In the same crypt β Computers & Society
π
π
The Cartographer
R.I.P.
π»
Ghosted
Artificial Intelligence: the global landscape of ethics guidelines
R.I.P.
π»
Ghosted
The role of artificial intelligence in achieving the Sustainable Development Goals
R.I.P.
π»
Ghosted
Green AI
R.I.P.
π»
Ghosted
Principles alone cannot guarantee ethical AI
R.I.P.
π»
Ghosted
Tackling Climate Change with Machine Learning
Died the same way β π» Ghosted
R.I.P.
π»
Ghosted
Federated Learning: Strategies for Improving Communication Efficiency
R.I.P.
π»
Ghosted
In-Datacenter Performance Analysis of a Tensor Processing Unit
R.I.P.
π»
Ghosted
Deep Convolutional Neural Networks for Computer-Aided Detection: CNN Architectures, Dataset Characteristics and Transfer Learning
R.I.P.
π»
Ghosted