How to change the mind of a Government
Since 2007 a governmental agency linked to the Brazilian Ministry of Education has been publishing “microdata” from official education censuses with the goal of ensuring transparency. In 2018 however the government passed a new law which establishes restrictions on how government agencies can publish information. LGPD’s goal is to ensure some baseline privacy for individuals within those datasets.
The government’s problem is the usual one: how to maintain transparency and uphold privacy at the same time. The former goes against long established tradition and any change is met with severe resistance; meanwhile the new LGPD, which comes effectively into force in August of 2021, potentially has serious legal consequences for agencies that are found to be in contempt.
In this talk I will outline how the theory of Quantitative Information Flow which was developed to provide a rigorous framework to measure information leakage was used to probe the Brazilian Education Censuses. Using this theory applied to these datasets showed that the defences proposed by the Ministry were prone to serious vulnerabilities, in some cases leading to complete re-identification under reasonably modest attacks. The consequence is that our work has provided the agency with rigorously formalized risk analysis, which will help it make informed decisions.