Estimating Re-identification Risk by Means of Formal Conceptualization

Risk-based methodologies for de-identification provide solutions to ensure privacy. These are based on the availability of sound metrics to estimate the risk of re-identification. Two issues associated with classical risk estimation are, on the one hand, the adequacy of the metric and, on the other hand, its static nature -that is, any change in the database to reduce the risk could imply recomputing the metrics, for example, by removing compromised data (data with a high probability of re-identification). This paper presents a semantic-based risk estimation -by means of Formal Concept Analysis- that allows to estimate a priori the risk of compromised data deletion.