In the context of identity disclosure, we are concerned with managing three kinds of risks: prosecutor risk, journalist risk, and marketer risk. These three types of risks can be measured objectively. In a previous knowledgebase article we described the difference between prosecutor and journalist risk (see here).
When the risk of re-identification is measured, the following conditions hold true numerically:
- prosecutor risk will be equal to or larger than journalist risk
- journalist risk will be equal to or larger than marketer risk
- prosecutor risk will be equal to or larger than marketer risk
These relationships are important because they mean if a data custodian manages prosecutor risk (i.e., ensure that prosecutor risk is below some pre-defined threshold), then that would imply that the journalist risk and the prosecutor risk are also, by definition, lower than the threshold. This also means that managing prosecutor risk also manages journalist and marketer risk at the same time, and managing journalist risk manages marketer risk at the same time.
Practically, it means that if, say, prosecutor risk and marketer risk are both relevant for you, all you need to do really is manage prosecutor risk and marketer comes along automatically. This is the case as long as the same threshold is used for both kinds of risk. If different risk values are used then managing one risk does not necessarily mean that another is managed.
The author(s) retain all copyright to this knowledgebase article. Please include a citation to the web page if you reuse this material. More information is available at our lab web site: http://www.ehealthinformation.ca/.