GR2ASP: Guided re-identification risk analysis platform

Abstract

[en] Data privacy has been gaining considerable momentum in the recent years. The combination of numerous data breaches with the increasing interest for data sharing is pushing policy makers to impose stronger regulations to protect user data. In the E.U, the GDPR, in place since since May 2018, is forcing countless small companies to de-identify their datasets. Numerous privacy policies developed in the last two decades along with several tools are available for doing so. However, both the policies and the tools are relatively complex and require the user to have strong foundations in data privacy. In this paper, I describe the development of GR 2 ASP, a tool aimed at guiding users through de-identifying their dataset in an intuitive manner. To do so, the user is shielded from almost all the complexity inherent to data privacy, and interacts with simplified notions. Our tool differentiates itself from state-of-the-art similar tools by providing explainable recommendations in an intuitive interface, and having a human-in-the-loop approach towards data de-identification. We therefore think that it represents a considerable improvement over currently available tools, and we expect it to be frequently used, especially in the context of the SMOOTH project for which it has been commissioned.