Abstract
Statistical agencies that provide microdata for public use strive to keep the risk of disclosure of confidential information negligible. Assessing the magnitude of the risk of disclosure is not easy, however. Whether a data user or intruder attempts to obtain confidential information from a public-use file depends on the perceived costs of identifying a record, the perceived probability of success, and the information expected to be gained. In this article, a decision-theoretic framework for risk assessment that includes the intruder's objectives and strategy for compromising the data base and the information gained by the intruder is developed. Two kinds of microdata disclosure are distinguished—disclosure of a respondent's identity and disclosure of a respondent's attributes as a result of an unauthorized identification. A formula for the risk of identity disclosure is given, and a simple approximation to it is evaluated.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
