Group based anonymization is the most widely studied approach for privacy preserving data
publishing. Privacy models/definitions using group based anonymization includes k-anonymity,
l-diversity, and t-closeness, to name a few. The goal of this paper is to raise a fundamental
issue on the privacy exposure of the approaches using group based anonymization. This has been
overlooked in the past. The group based anonymization approach by bucketization basically hides
each individual record behind a group to preserve data privacy. If not properly anonymized,
patterns can actually be derived from the published data and be used by the adversary to breach
individual privacy. For example, from the medical records released, if patterns such as people
from certain countries rarely suffer from some disease can be derived, then the information can
be used to imply linkage of other people in an anonymized group with this disease with higher
likelihood. We call the derived patterns from the published data the foreground knowledge. This
is in contrast to the background knowledge that the adversary may obtain from other channels as
studied in some previous work. Finally, our experimental results show that the attack is realistic
in the privacy benchmark dataset under the traditional group based anonymization approach.
Submit an article or tip