Balancing disclosure risk and data utility
Confidentiality is breached when a person, group or an organisation is re-identified through a data release or when information can be attributed to them. The likelihood of this happening, or risk of disclosure, is not easily determined. Implicit in this is that the consequences of disclosure are always damaging (to some extent) to the individual or organisation. It is difficult to ascertain the degree of damage; mostly because people differ in the importance they place on information (i.e. what may be considered highly confidential to one person is of no consequence to another). The ABS assumes all information it collects to be potentially sensitive and manages it accordingly.
A key challenge for data custodians is to provide data with maximum utility for users but still maintain the confidentiality of the information. Every data release carries some risk of disclosure, so the benefits of each release (i.e. its utility or usefulness for research and statistical purposes) must substantially outweigh its risks and be clearly understood. This balancing of risk and utility is something everyone does on a daily basis (for example, when they choose to drive a car). Similarly, data custodians need to approach disclosure risk by managing it, rather than trying to eliminate it.
Managing disclosure risk becomes a question of assessing not only the data itself, but also the context in which the data are released. Once the context is clearly understood, it is much easier to determine how to protect against the threat of disclosure. The Five Safes Framework provides a structure for assessing and managing disclosure risk that is appropriate to the intended data use.
This framework has been adopted by the Australian Bureau of Statistics (ABS), several other Australian government agencies as well as national statistical organisations such as the Office of National Statistics (UK) and Statistics New Zealand.
The Five Safes Framework
The Five Safes Framework takes a multi-dimensional approach to managing disclosure risk. Each ‘safe’ refers to an independent but related aspect of disclosure risk. The framework poses specific questions to help assess and describe each risk aspect (or safe) in a qualitative way. This allows data custodians to place appropriate controls, not just on the data itself, but on the manner in which data are accessed. The framework is designed to facilitate safe data release and prevent over-regulation
The five elements of the framework are:
- Safe People
- Safe Projects
- Safe Settings
- Safe Data
- Safe Outputs
You can find out more about the Five Safes on the Australian Bureau of Statistics website