End the duopoly

Redaction and Re-identification Risk

This post is part one in a series examining privacy and transparency issues in the context of public access to digital court records, building on my essay “ Digital Court Records Access, Social Justice and Judicial Balancing: What Judge Coffin Can Teach Us .” In its proposed electronic court records access rules , the Maine Supreme Judicial Court (SJC) imposes on litigants new and extensive filing obligations, including requiring litigants to redact certain categories of sensitive personal information. Regardless of what one might think about the wisdom of placing this burden on litigants, it is important to ask what the SJC hopes to achieve by this requirement. Even assuming full compliance, which is doubtful, redaction as a de-identification technique, without more, would be wholly inadequate to protect the privacy of Maine citizens. In today’s big data world, given the sophistication of data handlers, it is well-recognized that de-identification alone is not enough to prevent re-identification of individuals, and the SJC’s reliance on it promotes a false sense of security. The risk of re-identification of individuals from purportedly de-identified databases is significant. As pointed out in my essay, As long ago as 2010, Paul Ohm, a leading privacy scholar, brought […]

Related Posts
1 of 369

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. AcceptRead More