Re-identification of home addresses from spatial locations anonymized by Gaussian skew

Cassa, Christopher A; Wieland, Shannon C; Mandl, Kenneth D

Author(s)

Cassa, Christopher A.; Wieland, Shannon Christine; Mandl, Kenneth D.

Download1476-072X-7-45.pdf (945.9Kb)

PUBLISHER_CC

Terms of use

Creative Commons Attribution http://creativecommons.org/licenses/by/2.0

Metadata

Show full item record

Abstract

Background: Knowledge of the geographical locations of individuals is fundamental to the practice of spatial epidemiology. One approach to preserving the privacy of individual-level addresses in a data set is to de-identify the data using a non-deterministic blurring algorithm that shifts the geocoded values. We investigate a vulnerability in this approach which enables an adversary to re-identify individuals using multiple anonymized versions of the original data set. If several such versions are available, each can be used to incrementally refine estimates of the original geocoded location. Results: We produce multiple anonymized data sets using a single set of addresses and then progressively average the anonymized results related to each address, characterizing the steep decline in distance from the re-identified point to the original location, (and the reduction in privacy). With ten anonymized copies of an original data set, we find a substantial decrease in average distance from 0.7 km to 0.2 km between the estimated, re-identified address and the original address. With fifty anonymized copies of an original data set, we find a decrease in average distance from 0.7 km to 0.1 km. Conclusion: We demonstrate that multiple versions of the same data, each anonymized by non-deterministic Gaussian skew, can be used to ascertain original geographic locations. We explore solutions to this problem that include infrastructure to support the safe disclosure of anonymized medical data to prevent inference or re-identification of original address data, and the use of a Markov-process based algorithm to mitigate this risk.

Date issued

2008-08

URI

http://hdl.handle.net/1721.1/58920

Department

Harvard University--MIT Division of Health Sciences and Technology; Massachusetts Institute of Technology. Department of Civil and Environmental Engineering

Journal

International Journal of Health Geographics

Publisher

BioMed Central Ltd

Citation

International Journal of Health Geographics. 2008 Aug 12;7(1):45

Version: Final published version

ISSN

1476-072X

Collections

MIT Open Access Articles

DSpace@MIT