A criterion for privacy protection in data collection and its attainment via randomized response procedures (Q1711578): Difference between revisions

With huge amounts of data that are being collected by various sources, protection of privacy and maintaining confidentiality of data of individuals has attracted the attention of statisticians who proposed several techniques and measures in recent literature. Two such criteria known as \(\rho_1\)-to-\(\rho_2\) privacy for Randomized Response (RR) surveys of categorical variables and \(\beta\)-factor privacy are found to be `logically sound and practical'. Let \(p_1\) and \(p_2\) denote the prior and posterior intruder probabilities for a characteristic of a respondent. For two given functions \(h_l\) and \(h_u\), we say that a privacy breach occurs if \(p_1<h_l(p_1)\) and \(p_2>h_u(p_1)\). In this paper, the authors develop these ideas further by proposing a more general privacy criterion. A canonical form of criterion for strict privacy protection is developed. This also gives practical guidance for the choice of \(h_l\) and \(h_u\). All the randomized responses that possess the required privacy are characterized. Furthermore, the class of all admissible privacy preserving procedures are also characterized. Finally, for a simple RR technique, it is shown that a particular optimality property holds.