New Guidelines on Protection of Tabular Data at Statistics Finland Annu Nissinen [email protected] Joint UNECE/Eurostat Work Session on Statistical Data Confidentiality Ottawa, Canada, 28-30 October.
Download ReportTranscript New Guidelines on Protection of Tabular Data at Statistics Finland Annu Nissinen [email protected] Joint UNECE/Eurostat Work Session on Statistical Data Confidentiality Ottawa, Canada, 28-30 October.
New Guidelines on Protection of Tabular Data at Statistics Finland Annu Nissinen [email protected] Joint UNECE/Eurostat Work Session on Statistical Data Confidentiality Ottawa, Canada, 28-30 October 2013 Outline of the presentation 1. Protection of tabular data at Statistics Finland: pre-2012 situation 2. What has been done to improve our procedures on SDC 3. Current situation: where are we now and what’s next Annu Nissinen 30/10/2013 2 Starting point in the end of 2011 Internal guidelines on the protection of tabular data written in 2000-2002 What has happened in ten years? Legislation has changed, data protection methods and tools have developed SDC practices at different departments of the agency have developed and adopted their own standards. The suitability of all those methods was not sure. Outdated, far from optimal methods existed. → Updating of the guidelines was needed Annu Nissinen 30/10/2013 3 Starting point in the end of 2011 Do we have enough resources? As a state authority, Statistics Finland is dependent on public money → Setting limits to research and development work → Can we have up-to-date and optimal protection methods available? How can we improve the situation with this starting point? Annu Nissinen 30/10/2013 4 Renewal of the guidelines Two working groups to renew the guidelines First task was to find out how the old guidelines were working in practice Problems with the old guidelines: Not pragmatic Only few examples of very general sensitivity rules and protection methods Partially too open to interpretations Not even give a clear answer to which statistics they were to be applied Annu Nissinen 30/10/2013 5 Renewal of the guidelines Challenges met by the working groups: No obligation for the departments or units to write down their protection methods → almost impossible to evaluate or compare the different methods in use Collection of tacit knowledge isn’t easy High expectations towards the renewal: “After renewal, all problems considering SDC will be solved (in theory and in practise).” Annu Nissinen 30/10/2013 6 The new guidelines How do the new guidelines improve the situation? 1. Solving problems caused by the old guidelines The guidelines are clearer and more pragmatic and they should lead departments to check their current SDC methods and update them if needed 2. Preventing new problems The SDC instructions need to be written and available The departments are obliged to draft a formal list of the statistics in their responsibility needing protection against statistical disclosure Annu Nissinen 30/10/2013 7 Current situation New guidelines exist and the next step is applying them in statistics production There’s a window of opportunity for changes in SDC practises due to other big changes in operating environment Change takes time inside a big organisation Resources for the change in practises? Inside the agency the new guidelines can be seen as unwelcome extra red tape and unnecessary increase in the workload... ... or a possibility to improve the quality of statistics Annu Nissinen 30/10/2013 8 Has the situation improved? Adoption of the new guidelines (and possibly new SDC practises) still in process Crucial success factors: Right “marketing” Right allocation of required resources Annu Nissinen 30/10/2013 9