Quantifying Privacy Violations.

Understanding privacy in a data storage environment has become of increasing interest to the data management and user communities over the past decade. Previous work has produced a number of definitions with greater or lesser specificity. The value of a particular definition can only be understood in light of how it helps us understand when a privacy violation occurs. This paper builds upon earlier work that defines privacy using a four-dimensional taxonomy with an inherent sense of increasing privacy exposure. This taxonomy is extended to formally capture the notions of (a) privacy violations, (b) the severity of a privacy violation, and (c) the likelihood of data providers ceasing to provide data due to privacy exposures. The privacy violation model developed here provides an operational framework to characterize and estimate privacy violation in a relational database system. It also allows one to calculate the consequences to the data provider of widening privacy policies. We describe a quantitative analysis of violations that captures discrepancies between the data collector's stated policies and practices in comparison to the data providers' data preferences. We demonstrate this analysis using a simple example and show how the accumulation of privacy violations can have a detrimental effect upon the data collector.