Power to the Data Defenders: Human-Centered Disclosure Risk Calibration of Open Data

This paper has been published in proceedings of Symposium on Usable Security and Privacy (USEC) 2023. The authors of this paper are:

Kaustav Bhattacharjee PhD Candidate, Department of Informatics, New Jersey Institute of Technology, USA
Aritra Dasgupta Assistant Professor, Department of Informatics, New Jersey Institute of Technology, USA

Abstract

The open data ecosystem is susceptible to vulnerabilities due to disclosure risks. Though the datasets are anonymized during release, the prevalence of the release-and-forget model makes the data defenders blind to privacy issues arising after the dataset release. One such issue can be the disclosure risks in the presence of newly released datasets which may compromise the privacy of the data subjects of the anonymous open datasets. In this paper, we first examine some of these pitfalls through the examples we observed during a red teaming exercise and then envision other possible vulnerabilities in this context. We also discuss proactive risk monitoring, including developing a collection of highly susceptible open datasets and a visual analytic workflow that empowers data defenders towards undertaking dynamic risk calibration strategies.

Online Access

Paper: USEC 2023 (PDF Version)
NDSS Symposium Paper Page: https://www.ndss-symposium.org/ndss-paper/auto-draft-352/
NDSS Symposium PDF: https://www.ndss-symposium.org/wp-content/uploads/2023/02/usec2023-237256-paper.pdf
arXiv PDF: https://arxiv.org/pdf/2304.11278.pdf

BibTeX Reference

    @inproceedings{bhattacharjee_power2023,
    title = {{Power to the Data Defenders: Human-Centered Disclosure Risk Calibration of Open Data}},
    author = {Bhattacharjee, Kaustav and Dasgupta, Aritra},
    year = {2023},
    booktitle={Symposium on Usable Security and Privacy (USEC) 2023},
    address={San Diego, CA, USA},
    publisher = {Network and Distributed System Security (NDSS) Symposium},
    DOI = {10.14722/usec.2023.237256}
    }