Quantifying the Re-identification Risk of Event Logs for Process Mining

Abstract: Event logs recorded during the execution of business processes constitute a valuable source of information. Applying process mining techniques to them, event logs may reveal the actual process execution and enable reasoning on quantitative or qualitative process properties. However, event logs often contain sensitive information that could be related to individual process stakeholders through background information and cross-correlation. We therefore argue that, when publishing event logs, the risk of such re-… Show more

“…Protecting the privacy of individuals in event logs is difficult, as sequential event data is highly vulnerable to re-identification [42]. In fact, when assuming some background information, privacy leakages exists in the vast majority of presumably anonymous event logs that are used in the process mining community [42].…”

“…Protecting the privacy of individuals in event logs is difficult, as sequential event data is highly vulnerable to re-identification [42]. In fact, when assuming some background information, privacy leakages exists in the vast majority of presumably anonymous event logs that are used in the process mining community [42]. As events are linked together through a case, and often the traces in an event log are highly unique, already very limited background knowledge on some attributes or events can reveal the identity of an individual.…”

Responsible Process Mining

“…Protecting the privacy of individuals in event logs is difficult, as sequential event data is highly vulnerable to re-identification [42]. In fact, when assuming some background information, privacy leakages exists in the vast majority of presumably anonymous event logs that are used in the process mining community [42].…”

“…Protecting the privacy of individuals in event logs is difficult, as sequential event data is highly vulnerable to re-identification [42]. In fact, when assuming some background information, privacy leakages exists in the vast majority of presumably anonymous event logs that are used in the process mining community [42]. As events are linked together through a case, and often the traces in an event log are highly unique, already very limited background knowledge on some attributes or events can reveal the identity of an individual.…”

Responsible Process Mining

“…Thus, the uniqueness of cases in an event log can indicate the risk of reidentification. It was shown in [52] that there is serious potential for privacy leaks in published event log data, as the vast majority of public research event logs contain many unique cases.…”

“…Pika et al [36] studied the impact of anonymization on process mining in healthcare without providing a concrete mechanism. In this line, Rafiei et al [40] provide privacy quantifications for both the disclosure risk and the utility loss and Nuñez von Voigt et al [52] quantify the re-identification risk resulted from the disclosure of event logs based on individual uniqueness. Both do not provide a solution.…”

“…A recent study on privacy re-identification risks in event logs showed that there are serious privacy leakages in the vast majority of the event logs used widely in the community [52]. This highlights the need to develop techniques for event logs with an emphasis on privacy and confidentiality preservation.…”

Privacy and Confidentiality in Process Mining: Threats and Research Challenges

PRIPEL: Privacy-Preserving Event Log Publishing Including Contextual Information