[e2e] was double blind, now reproduceable results
Karen R. Sollins
sollins at csail.mit.edu
Wed May 26 12:18:50 PDT 2004
With respect to anonymizing and releasing data, let me recommend to
you a few pages of a CSTB report, "Information Technology Research
for Federal Statistics", National Academy Press, 2000. See
http://www7.nationalacademies.org/cstb/pub_federalstatistics.html.
The focus in that report was to a large extent on data about people,
so privacy was often considered paramount, but I believe the
techniques and state of technology with respect to statistics are
applicable here as well. I recommend to you pp. 34 - 40, the section
titled "Limiting Disclosure" in Chapter 2, "Research Opportunities".
The conclusion to draw from their examples is that at least in the
domains over which they were looking, it is not well understood how
to truly hide the information one wants to hide. Rather than
possibly misrepresenting the story to you, I recommend you read it
for yourselves.
Karen
At 10:21 AM -0700 5/26/04, Joe Touch wrote:
>RJ Atkinson wrote:
>
>>
>>On May 26, 2004, at 11:52, Joe Touch wrote:
>>
>>>Impossible is the case I was referring to. Certainly IF transforms are
>>>possible then they should be used and the data made available. However,
>>>some data sources aren't comfortable with these transforms, since there
>>>may be data correlation that ends up compromising the transform.
>>>
>>>Notably those that correlate data to existing Internet routing tables -
>>>if you found something that preserved not only prefixes but also the
>>>aggregation, and published it, you'd have to publish the routing tables
>>>similarly transformed. However, since the untransformed routing tables
>>>are available publicly anyway, you've compromised your transform.
>>
>> Whether the transform is compromised would depend greatly on which
>>particular routing tables one was working with.
>
>Yes. Bob was saying that there exists. I'm claiming there are cases
>where there does not exist - i.e., not for all.
>
>The issue is what to do with a paper published in the case I'm
>considering; we all know what to do when you CAN safely anonymize.
>
>However, note that you don't always know when it's safe - just
>because _you_ can't correlate the info doesn't mean someone else
>can't.
>
>Joe
>
>
>
>Content-Type: application/pgp-signature; name="signature.asc"
>Content-Description: OpenPGP digital signature
>Content-Disposition: attachment; filename="signature.asc"
>
>Attachment converted: Macintosh HD:signature.asc ( / ) (0011E338)
--
Karen R. Sollins, Ph.D.
Principal Research Scientist
MIT CSAIL, The Stata Center
32 Vassar St., 32-G818
Cambridge, MA 02139, USA
V: +1 617 253 6006
F: +1 617 253 2673
E: sollins at csail.mit.edu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.postel.org/pipermail/end2end-interest/attachments/20040526/32b3be22/attachment.html
More information about the end2end-interest
mailing list