The National Academies Press

Currently Skimming:

4 Risks of Access: Potential Confidentiality Breaches and Their Consequences
Pages 50-62

The Chapter Skim interface presents what we've algorithmically identified as the most significant single chunk of text within every page in the chapter.
Select key terms on the right to highlight them within pages of the chapter.

From page 50... ... A pledge of confidentiality stipulates that publicly available data-whether summary data or microdata and including any data added from administrative records or other surveys -- will be anonymized or otherwise masked to ensure that they cannot be used to identify a specific person, household, or organization, either directly or indirectly by statistical inference. Such a pledge also means that more readily identifiable data will be made available for research purposes only through restricted access modalities that impose legal obligations and penalties to minimize the risk that researchers with access to such data might disclose them to others. Read the entire page →
From page 51... ... Although much of this report focuses on statistical disclosure -- re-identification of respondents or their attributes by matching survey data stripped of direct identifiers with information available outside the survey -- these sections serve as a reminder that statistical disclosure is by no means the only, and perhaps not even the most important, way in which confidentiality breaches might occur. They also serve as a reminder that public perceptions that personal data are being misused may be as potent a deterrent to participation by potential survey respondents as an actual breach of confidentiality. Read the entire page →
From page 52... ... , but most of the evidence comes from a series of surveys commissioned by the Census Bureau in the 1990s. In the 1990 census, for example, people who were concerned about confidentiality and saw the census as an invasion of privacy were significantly less likely to return their census form by mail than those who had fewer privacy and confidentiality concerns (Singer, Mathiowetz, and Couper, 1993; Couper, Singer, and Kulka, 1998) Read the entire page →
From page 53... ... have also documented that it has become increasingly difficult for the Census Bureau to obtain Social Security numbers. In the Survey of Income and Program Participation, there was an increase in refusals to provide them from 12 percent in the 1995 panel to 25 percent in the 2001 panel; in the Current Population Survey, there was an increase in refusals from approximately 10 percent in 1994 to almost 23 percent in 2003. Read the entire page →
From page 54... ... Public awareness of confidentiality breaches in nongovernment surveys may adversely affect perceptions of the risks arising from participation in government surveys. That is, public knowledge of a breach of confidentiality by an employee of a government benefit agency or private insurance company may increase concern about such breaches by federal statistical agencies, such as the Census Bureau. Read the entire page →
From page 55... ... Although there is no evidence of respondents having been harmed as a result of such negligence, it is important for government data collection agencies and private survey organizations to be alert to these issues, provide employee guidelines for appropriate data management, and ensure that the guidelines are observed. Confidentiality may also be breached as a result of illegal intrusions into the data. Read the entire page →
From page 56... ... . The confidentiality protection afforded by certificates is prospective; researchers may not obtain protection for study results after data collection has been completed. Read the entire page →
From page 57... ... These implementing regulations will be critically important in translating a statutory right into clear rules that protect research participants across all federal agencies. The regulations are expected to define both the reach of protection for confidential statistical records and the opportunity for research access. Read the entire page →
From page 58... ... Fulfillment of the potential for research access to data sharing under CIPSEA will ultimately also require companion legislation that would permit the Census Bureau to share tax information that it receives from the Internal Revenue Service (IRS) with the Bureau of Labor Statistics and the Bureau of Economic Analysis in order to reconcile the business lists built by the three agencies. Read the entire page →
From page 59... ... Statistical disclosure involves using data available outside the survey to breach the protection thought to have been 1 In that same speech, former Census Bureau Director Kenneth Prewitt apologized on behalf of the agency for its activities in connection with the internment of Japanese Americans. For a detailed history of Census Bureau cooperation with national security activities during World War II, see Seltzer and Anderson (2000) Read the entire page →
From page 60... ... In Chapter 2 we noted some of the factors that may increase statistical disclosure risk and harm for respondents in government-sponsored surveys, including factors that are integral to the survey design and factors that are external to data collection agencies and researchers. In addition, there is a growing concern by data collection agencies (see below) Read the entire page →
From page 61... ... Statistical agencies and survey organizations understandably worry that wider access to ever more complex datasets, in an era of cheap, capacious computing technology and many outside data sources for match Read the entire page →
From page 62... ... We also recommend research that improves estimation of disclosure risk and procedures for monitoring the actual frequency of disclosure. Finally, we recommend continuing consultation with data users and data providers about all of these issues. Read the entire page →

From page 50...

... A pledge of confidentiality stipulates that publicly available data-whether summary data or microdata and including any data added from administrative records or other surveys -- will be anonymized or otherwise masked to ensure that they cannot be used to identify a specific person, household, or organization, either directly or indirectly by statistical inference. Such a pledge also means that more readily identifiable data will be made available for research purposes only through restricted access modalities that impose legal obligations and penalties to minimize the risk that researchers with access to such data might disclose them to others.

Read the entire page →

From page 51...

... Although much of this report focuses on statistical disclosure -- re-identification of respondents or their attributes by matching survey data stripped of direct identifiers with information available outside the survey -- these sections serve as a reminder that statistical disclosure is by no means the only, and perhaps not even the most important, way in which confidentiality breaches might occur. They also serve as a reminder that public perceptions that personal data are being misused may be as potent a deterrent to participation by potential survey respondents as an actual breach of confidentiality.

Read the entire page →

From page 52...

... , but most of the evidence comes from a series of surveys commissioned by the Census Bureau in the 1990s. In the 1990 census, for example, people who were concerned about confidentiality and saw the census as an invasion of privacy were significantly less likely to return their census form by mail than those who had fewer privacy and confidentiality concerns (Singer, Mathiowetz, and Couper, 1993; Couper, Singer, and Kulka, 1998)

Read the entire page →

From page 53...

... have also documented that it has become increasingly difficult for the Census Bureau to obtain Social Security numbers. In the Survey of Income and Program Participation, there was an increase in refusals to provide them from 12 percent in the 1995 panel to 25 percent in the 2001 panel; in the Current Population Survey, there was an increase in refusals from approximately 10 percent in 1994 to almost 23 percent in 2003.

Read the entire page →

From page 54...

... Public awareness of confidentiality breaches in nongovernment surveys may adversely affect perceptions of the risks arising from participation in government surveys. That is, public knowledge of a breach of confidentiality by an employee of a government benefit agency or private insurance company may increase concern about such breaches by federal statistical agencies, such as the Census Bureau.

Read the entire page →

From page 55...

... Although there is no evidence of respondents having been harmed as a result of such negligence, it is important for government data collection agencies and private survey organizations to be alert to these issues, provide employee guidelines for appropriate data management, and ensure that the guidelines are observed. Confidentiality may also be breached as a result of illegal intrusions into the data.

Read the entire page →

From page 56...

... . The confidentiality protection afforded by certificates is prospective; researchers may not obtain protection for study results after data collection has been completed.

Read the entire page →

From page 57...

... These implementing regulations will be critically important in translating a statutory right into clear rules that protect research participants across all federal agencies. The regulations are expected to define both the reach of protection for confidential statistical records and the opportunity for research access.

Read the entire page →

From page 58...

... Fulfillment of the potential for research access to data sharing under CIPSEA will ultimately also require companion legislation that would permit the Census Bureau to share tax information that it receives from the Internal Revenue Service (IRS) with the Bureau of Labor Statistics and the Bureau of Economic Analysis in order to reconcile the business lists built by the three agencies.

Read the entire page →

From page 59...

... Statistical disclosure involves using data available outside the survey to breach the protection thought to have been 1 In that same speech, former Census Bureau Director Kenneth Prewitt apologized on behalf of the agency for its activities in connection with the internment of Japanese Americans. For a detailed history of Census Bureau cooperation with national security activities during World War II, see Seltzer and Anderson (2000)

Read the entire page →

From page 60...

... In Chapter 2 we noted some of the factors that may increase statistical disclosure risk and harm for respondents in government-sponsored surveys, including factors that are integral to the survey design and factors that are external to data collection agencies and researchers. In addition, there is a growing concern by data collection agencies (see below)

Read the entire page →

From page 61...

... Statistical agencies and survey organizations understandably worry that wider access to ever more complex datasets, in an era of cheap, capacious computing technology and many outside data sources for match

Read the entire page →

From page 62...

... We also recommend research that improves estimation of disclosure risk and procedures for monitoring the actual frequency of disclosure. Finally, we recommend continuing consultation with data users and data providers about all of these issues.

Read the entire page →

← Previous Chapter Skim

Next Chapter Skim →

This material may be derived from roughly machine-read images, and so is provided only to facilitate research.
More information on Chapter Skim is available.

4 Risks of Access: Potential Confidentiality Breaches and Their Consequences Pages 50-62

4 Risks of Access: Potential Confidentiality Breaches and Their Consequences
Pages 50-62