Speaker
Description
Statistical institutes face a major challenge when transitioning from suppressive to perturbative disclosure control methods: how to objectively calibrate protection parameters. While the Cell Key Method (CKM) effectively protects frequency tables by adding controlled noise, selecting optimal parameters remains a serious challenge. We present an evidence-based framework for calibrating CKM's three main parameters through systematic risk-utility trade-off analysis.
Our five-step methodological framework transforms parameter selection from subjective decision to objective process by: (1) defining reasonable parameter search domains; (2) selecting representative calibration datasets; (3) measuring disclosure risk through an estimation of attacker inference probability; (4) assessing utility impact across multiple randomization scenarios; and (5) visualizing risk-utility trade-offs to identify optimal parameter combinations based on institutional risk tolerance.
Experimental results on synthetic datasets show how our approach make the decision easier for the user by identifying the best set of parameters. Implementation at Insee has enabled the transition from suppression-based protection to CKM for public release of frequency tables, increasing data utility while maintaining required confidentiality protection.
