Topic 3. Making re-identification results public and scientific publication.

Post 1

The information should not be made public if the researcher is unable to get consent from those who are in the dataset.

Post 2

They should always be made public unless proprietary or sensitive information (ie specific type of encryption) is included. Release the information. Try not to get arrested. Someone will probably sue you.

Post 3

In cases where harm could be done to the individuals included in the dataset, the researchers should provide a cushion time before publishing their methods so that the organization has time to update their data protocols.

Post 4

Results should be released when it is clear that the data holders will not change their course.

Post 5

The risks are any of those involved with identifying individuals - personal harm, risk of property loss, risk of personal nuisance, etc. As for when it's ok to release re-identification results,I don't have an answer to this one yet.

Post 6

The re-identification methods should be shared with the general public because it is best for the greater good. If methods aren't published then steps can't be taken to better de-identify data in the future. When the methods are released, there is always the risk that someone with malicious intent can re-identify the data, but any determined person could theoretically re-identify the data themselves if they really wanted to.

Post 7

Results should be released when the information contained in the data is important to the safety of others. Results should not be published if the data contains proprietary information.

Post 8

Re-identification results and methods are best released after the researcher has already worked to get the problem fixed. If the methods were released prematurely, then the data of individuals could be permanently exposed. The conflict is between minimizing the current vulnerability and maximizing future protection.

Post 9

The balance is to minimize harm while maximizing the greater good. Results, in general, should not be made public for the good of the re-identified individuals; however, the methods should so as to expose vulnerabilities.

Post 10

This is where the greater good comes in. You release the results (with consent) and the methods, with the Hope that the government and Health entities will change the way they release data. If you don't release the results and methods, there will be no imperative to change, and if you are after the greater good, and permanently improving this data privacy, then you have to release your findings

Post 11

Assuming that the subjects have consented and are informed of the data and the methods, as well as imminent publication, researchers should release all the methods and results. Withholding that information is only a temporary barrier to entry, and releasing the methods allows effective countermeasures to be developed.

Post 12

You should release the data in waves so that more powerful parties can try to fix the problem before the public can get ahold of the data. I don't see a good reason to release personal information.

Post 13

Results might be released when they demonstrate that there is a significant risk of reidentification, about which the public is unaware. The problem is that publishing reidentification experiments effectively reidentifies the data not just for the researcher, but for everyone, so the information that was supposedly private is now fully public. Results should be released when the benefits of informing the public outweigh the cost of reidentifying the data set in question.

Post 14

Results should be released when there is a good reason to do so, like public safety.