The verified neighbor approach to geoprivacy: An improved method for geographic masking
- PMID: 28930296
- DOI: 10.1038/jes.2017.17
The verified neighbor approach to geoprivacy: An improved method for geographic masking
Abstract
Geographic information adds a powerful component to environmental epidemiology studies but can compromise subject confidentiality. Although locations are often masked by perturbing spatial coordinates, existing masks do not ensure that the perturbation area contains a sufficient number of valid surrogates to prevent disclosure, nor are they designed to minimize perturbation while maintaining a specified level of privacy. I introduce a new approach to geoprivacy in which real property parcel data with information about land use are used to develop a pool of verified neighbors. GIS (geographic information system) processing optionally restricts the pool to residences with values of environmental variables similar to those of the subject parcel. A surrogate is then randomly selected from the k members of the pool closest to the subject with k chosen to achieve the desired spatial privacy protection. The method guarantees the specified level of privacy even where population density is uneven while minimizing spatial distortion and changes to the values of environmental variables assigned to subjects. The method is illustrated with an example that found it to be more effective than random perturbation-based methods in both protecting privacy and preserving spatial fidelity to the original locations.
Similar articles
-
Street masking: a network-based geographic mask for easily protecting geoprivacy.Int J Health Geogr. 2020 Jul 6;19(1):26. doi: 10.1186/s12942-020-00219-z. Int J Health Geogr. 2020. PMID: 32631351 Free PMC article.
-
Mapping health data: improved privacy protection with donut method geomasking.Am J Epidemiol. 2010 Nov 1;172(9):1062-9. doi: 10.1093/aje/kwq248. Epub 2010 Sep 3. Am J Epidemiol. 2010. PMID: 20817785 Free PMC article.
-
Daily activity locations k-anonymity for the evaluation of disclosure risk of individual GPS datasets.Int J Health Geogr. 2020 Mar 5;19(1):7. doi: 10.1186/s12942-020-00201-9. Int J Health Geogr. 2020. PMID: 32138736 Free PMC article.
-
Advances in spatial epidemiology and geographic information systems.Ann Epidemiol. 2017 Jan;27(1):1-9. doi: 10.1016/j.annepidem.2016.12.001. Epub 2016 Dec 8. Ann Epidemiol. 2017. PMID: 28081893 Review.
-
Geographically masking health data to preserve confidentiality.Stat Med. 1999 Mar 15;18(5):497-525. doi: 10.1002/(sici)1097-0258(19990315)18:5<497::aid-sim45>3.0.co;2-#. Stat Med. 1999. PMID: 10209808 Review.
Cited by
-
Street masking: a network-based geographic mask for easily protecting geoprivacy.Int J Health Geogr. 2020 Jul 6;19(1):26. doi: 10.1186/s12942-020-00219-z. Int J Health Geogr. 2020. PMID: 32631351 Free PMC article.
-
MaskMyPy: python tools for performing and analyzing geographic masks.Int J Health Geogr. 2025 May 9;24(1):12. doi: 10.1186/s12942-025-00399-6. Int J Health Geogr. 2025. PMID: 40346675 Free PMC article.
-
Working toward effective anonymization for surveillance data: innovation at South Africa's Agincourt Health and Socio-Demographic Surveillance Site.Popul Environ. 2021 Jun;42(4):445-476. doi: 10.1007/s11111-020-00372-4. Epub 2021 Mar 24. Popul Environ. 2021. PMID: 35966940 Free PMC article. No abstract available.
-
Measuring the impact of spatial perturbations on the relationship between data privacy and validity of descriptive statistics.Int J Health Geogr. 2021 Jan 7;20(1):3. doi: 10.1186/s12942-020-00256-8. Int J Health Geogr. 2021. PMID: 33413390 Free PMC article.
-
Addressing the data guardian and geospatial scientist collaborator dilemma: how to share health records for spatial analysis while maintaining patient confidentiality.Int J Health Geogr. 2019 Dec 21;18(1):30. doi: 10.1186/s12942-019-0194-8. Int J Health Geogr. 2019. PMID: 31864350 Free PMC article.
References
Publication types
MeSH terms
LinkOut - more resources
Full Text Sources
Other Literature Sources
