Methods of Ensuring Confidentiality - PowerPoint PPT Presentation

1 / 39
About This Presentation
Title:

Methods of Ensuring Confidentiality

Description:

Minimize suppression of totals. Use consistent pattern month to month. Automate the process ... MINIMIZE THE NUMBER OF SUPPRESSED CELLS. SW Array. N Array. Step Seven ... – PowerPoint PPT presentation

Number of Views:61
Avg rating:3.0/5.0
Slides: 40
Provided by: MarkRo71
Learn more at: https://www.eia.gov
Category:

less

Transcript and Presenter's Notes

Title: Methods of Ensuring Confidentiality


1
Methods of Ensuring Confidentiality
  • Michael Griffey
  • Energy Information Administration
  • February 2000

2
DISCLOSURE AVOIDANCE
  • Procedures to ensure that confidential company
    identifiable data are not disclosed in tables
    where company specific responses may be
    proprietary and prohibited from public disclosure
    by law.

3
OBJECTIVES
  • To provide useful statistical information to data
    users
  • To assure that the responses of individuals are
    protected

4
TYPES OF DATA
  • Microdata -Records containing information for a
    single person, establishment etc.
  • Frequency - Tables that show percentage of
    population with certain characteristics.
  • Magnitude - Tables showing
  • aggregates of reported
  • values.

5
SENSITIVE DATA VALUE
  • A data item which could be used to calculate
    another companys data

6
CELL SUPPRESSIONA disclosure avoidance technique
in which the sensitive data in the publication is
replaced with a W.
  • PRIMARY SUPPRESSION
  • Suppression of sensitive data is called primary
    suppression

7
COMPLEMENTARY SUPPRESSION
  • The suppression of nonsensitive cells to prevent
    users from calculating the sensitive cells.

8
IDENTIFYING SENSITIVE DATA
  • Threshold Rule - for example nlt5.
  • n,k rule
  • p-percent rule
  • Linear Equations - pq rule
  • Special Rules
  • Quality Suppression

9
P PERCENT RULE
R T - X1 - X2 T Total Value of a cell. X1
Value of largest unit. X2 Value of 2nd largest
unit. P Percent of protection
required. Suppress if R less than (p/100)X1
10
USING NOISE FOR DISCLOSURE LIMITATION
  • Perturb each respondents data, e.g. to perturb
    by about 10, multiply by close to 1.1 or 0.9.
  • Sensitive cells contain the most noise and are
    flagged to warn the user.
  • Noise can be used with raking to preserve utility
    of the data.

11
NOISE PROCEDURES
  • Assign noise factor/multiplier to each unit in
    universe in a systematic way.
  • Whenever unit is in survey, multiply all survey
    values by assigned noise factor.
  • Noise added prior to tabulation.
  • Overall distribution of the multipliers should be
    symmetric about 1.
  • All establishments for same company should be
    perturbed in same direction.

12
NOISE - ADVANTAGES
  • Simpler than cell suppression/not table specific.
  • If normally many complementary suppressions,
    provides more information.
  • Allows easier fulfillment of requests for special
    tabulations, customized data products, and user
    defined tables.

13
NOISE - DISADVANTAGES
  • Insufficient protection for single-unit cells.
    Respondent concern about confidentiality.
  • Respondent/users perception of data quality.
  • Affects all estimates, not just those at risk.
  • Not required if survey has little suppression.

14
PETROLEUM MARKETING SUPPRESSION PROGRAM
  • Monthly publication
  • 8,100 cells contained in 50 tables
  • Four data dimensions
    Geography Sales Type
    Product Seller Type


15
Initial Linear Sensitivity Formula
16
p/q Rule
  • S(T) x1 - (p/q) (T-x1-x2)
  • Sensitive if S(X) is nonnegative.
  • x1 largest reported value in cell
  • x2 second largest reported value
  • p/q input sensitivity parameter
  • T cell total

17
Complementary Suppression Objectives
  • Minimize number of cells suppressed
  • Suppress small volume cells
  • Minimize suppression of totals
  • Use consistent pattern month to month
  • Automate the process
  • Dont suppress key items

18
Two 4-Dimensional Arrays
  • SW array - Holds status of suppression switches
    for each cell.
  • N array - Holds corresponding volumes for each
    cell in SW array.

19
Step OneIDENTIFY SUPPRESSED CELLS
SW Array
N Array
20
Step TwoIDENTIFY CELLS FOR ADDITIONAL
SUPPRESSION
SW Array
N Array
21
Step ThreeSUPPRESS A CELL AS A COMPLEMENT
SW Array
N Array
22
Step FourSELECT ADDITIONAL CELLS FOR SUPPRESSION
SW Array
N Array
23
Step FiveUPDATE SUPPRESSION FLAGS
SW Array
N Array
24
Step SixMINIMIZE THE NUMBER OF SUPPRESSED CELLS
SW Array
25
Step SevenCONTINUOUS REVIEW OF ALL TABLES
SW Array
N Array
26
Step EightFINAL TABLE
27
NO DATA ADJUSTMENT (1)
28
NO DATA ADJUSTMENT (2)
29
WITH DATA ADJUSTMENT (1)
30
WITH DATA ADJUSTMENT (2)
31
RESID SALES TO END USERS
32
RECOMMENDED PRACTICES (1)
  • Publish rules,
  • not parameters.
  • Do not disclose sample members
  • Be aware of coalitions
  • Use only subadditive primary disclosure rules

33
RECOMMENDED PRACTICES (2)
  • Consult with respondents and users
  • Inform respondents of confidentiality provisions
  • Use consistent policies throughout the
    organization
  • Do not reveal parameter values.
  • Audit tables to ensure protection

34
RECOMMENDED PRACTICES (3)
  • Omit names from
  • analysis files
  • Use only number codes
  • to link respondents to questionnaires
  • Destroy questionnaires after responses entered
    into computer

35
OTHER CONFIDENTIALITY ISSUES
  • Embargo of data.
  • Data sharing.
  • Granting access through licensing or Research
    Data Centers.

36
INTERAGENCY CONFIDENTIALITY DATA ACCESS GROUP
(ICDAG)
  • Formed by FCSM to
  • -promote goals of SPWP22.
  • -increase sharing of disclosure methods.
  • Sixteen statistical agencies are members.
  • Developing audit software.
  • Developed a Web site of papers.

37
ICDAG AUDIT SOFTWARE
  • Issued task for development of software using
    linear programming and SAS code.
  • Will measure quality of suppression using
    measures such as protection range.
  • Will audit tables up to five dimensions.
  • Must perform on different platforms, i.e. OS390,
    UNIX, and PCs.

38
THE END
39
METHODS OF ENSURING CONFIDENTIALITY
  • Michael Griffey
  • Energy Information Administration
  • February 2000
Write a Comment
User Comments (0)
About PowerShow.com