Privacy Risks of Sharing Data from Environmental Health Studies

Boronow, Katherine E.; Perovich, Laura J.; Sweeney, Latanya; Yoo, Ji Su; Rudel, Ruthann A.; Brown, Phil; Brody, Julia Green

doi:10.1289/ehp4817

Cited by 17 publications

(12 citation statements)

References 45 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We have implemented PeQES using the Rust-based Fortanix Enclave Development Platform 3 . The prototype implementation of the PeQES platform is available under an open source license 4 .…”

Section: Methodsmentioning

confidence: 99%

See 1 more Smart Citation

PeQES: A Platform for Privacy-enhanced Quantitative Empirical Studies

Meißner,

Engelmann,

Kargl

et al. 2021

Preprint

View full text Add to dashboard Cite

Empirical sciences and in particular psychology suffer a methodological crisis due to the non-reproducibility of results, and in rare cases, questionable research practices. Pre-registered studies and the publication of raw data sets have emerged as effective countermeasures. However, this approach represents only a conceptual procedure and may in some cases exacerbate privacy issues associated with data publications. We establish a novel, privacy-enhanced workflow for pre-registered studies. We also introduce PeQES, a corresponding platform that technically enforces the appropriate execution while at the same time protecting the participants' data from unauthorized use or data repurposing. Our PeQES prototype proves the overall feasibility of our privacy-enhanced workflow while introducing only a negligible performance overhead for data acquisition and data analysis of an actual study. Using trusted computing mechanisms, PeQES is the first platform to enable privacyenhanced studies, to ensure the integrity of study protocols, and to safeguard the confidentiality of participants' data at the same time. CCS CONCEPTS• Security and privacy → Domain-specific security and privacy architectures; Privacy protections; Privacy-preserving protocols; Trusted computing.

show abstract

“…We have implemented PeQES using the Rust-based Fortanix Enclave Development Platform 3 . The prototype implementation of the PeQES platform is available under an open source license 4 .…”

Section: Methodsmentioning

confidence: 99%

“…This practice is sometimes complemented with the publication of primary data sets to verify analyses and to foster reuse [13]. This practice yields new privacy issues [3], though (e.g., de-anonymization and re-identification attacks against study participants).…”

Section: Introductionmentioning

confidence: 99%

PeQES: A Platform for Privacy-enhanced Quantitative Empirical Studies

Meißner,

Engelmann,

Kargl

et al. 2021

Preprint

View full text Add to dashboard Cite

show abstract

“…Additionally, in conjunction with existing data sets such as tax and real estate data or voter lists, new volunteer-collected data sets may enable re-identification of individuals or their locations via data triangulation (Golle, 2006). Even when researchers anonymize environmental health data by removing overt identifiers such as names and addresses, risks to re-identification of participants remain (Boronow et al, 2020).…”

Section: Data Confidentialitymentioning

confidence: 99%

Perspective: The Power (Dynamics) of Open Data in Citizen Science

2021

View full text Add to dashboard Cite

In citizen science, data stewards and data producers are often not the same people. When those who have labored on data collection are not in control of the data, ethical problems could arise from this basic structural feature. In this Perspective, we advance the proposition that stewarding data sets generated by volunteers involves the typical technical decisions in conventional research plus a suite of ethical decisions stemming from the relationship between professionals and volunteers. Differences in power, priorities, values, and vulnerabilities are features of the relationship between professionals and volunteers. Thus, ethical decisions about open data practices in citizen science include, but are not limited to, questions grounded in respect for volunteers: who decides data governance structures, who receives attribution for a data set, which data are accessible and to whom, and whose interests are served by the data use/re-use. We highlight ethical issues that citizen science practitioners should consider when making data governance decisions, particularly with respect to open data.

show abstract

“…Researchers have shown that robust de-anonymization is possible in many domains, such as social networks (Narayanan, Shi, & Rubinstein, 2011;Narayanan & Shmatikov, 2009), participants in social media studies (Ayers, Caputi, Nebeker, & Dredze, 2018), genetic data (Craig, 2016;Ellenbogen & Narayanan, 2019;Erlich, Shor, Peer, & Carmi, 2018;Gymrek, McGuire, Golan, Halperin, & Erlich, 2013;Homer et al, 2008), environmental health studies (Boronow et al, 2020), location data (De Montjoye, Hidalgo, Verleysen, & Blondel, 2013Golle & Partridge, 2009;Zang & Bolot, 2011), browsing histories (Su, Shukla, Goel, & Narayanan, 2017), and even writing style (Narayanan et al, 2012). The key finding of all this research, including theoretical evidence (Datta, Sharma, & Sinha, 2012), is that high-dimensional data is inherently vulnerable to deanonymization.…”

Section: De-anonymization Attacks On Data Setsmentioning

confidence: 99%

Emerging Privacy Issues in Times of Open Science

B¹,

Bösch²,

Herbert³

et al. 2021

Preprint

View full text Add to dashboard Cite

The open science movement has taken up the important challenge to increase transparency of statistical analyses, to facilitate reproducibility of studies, and to enhance reusability of data sets. To counter the replication crisis in the psychological and related sciences, the movement also urges researchers to publish their primary data sets alongside their articles. While such data publications represent a desirable improvement in terms of transparency and are also helpful for future research (e.g., subsequent meta-analyses or replication studies), we argue that such a procedure can worsen existing privacy issues that are insufficiently considered so far in this context. Recent advances in de-anonymization and re-identification techniques render privacy protection increasingly difficult, as prevalent anonymization mechanisms for handling participants' data might no longer be adequate. When exploiting publicly shared primary data sets, data from multiple studies can be linked with contextual data and eventually, participants can be de-anonymized. Such attacks can either re-identify specific individuals of interest, or they can be used to de-anonymize entire participant cohorts. The threat of de-anonymization attacks can endanger the perceived confidentiality of responses by participants, and ultimately, lower the overall trust of potential participants into the research process due to privacy concerns.

show abstract

Privacy Risks of Sharing Data from Environmental Health Studies

Cited by 17 publications

References 45 publications

PeQES: A Platform for Privacy-enhanced Quantitative Empirical Studies

PeQES: A Platform for Privacy-enhanced Quantitative Empirical Studies

Perspective: The Power (Dynamics) of Open Data in Citizen Science

Emerging Privacy Issues in Times of Open Science

Contact Info

Product

Resources

About