A Consensus Privacy Metrics Framework for Synthetic Data
This work addresses the problem of ensuring privacy compliance in synthetic data sharing for data scientists and policymakers, though it is incremental as it consolidates existing knowledge into a framework.
The authors tackled the lack of a standard for measuring privacy in synthetic data by developing a consensus framework through expert panels, finding that current similarity metrics fail to measure identity disclosure and providing precise recommendations for metrics addressing membership and attribute disclosure.
Synthetic data generation is one approach for sharing individual-level data. However, to meet legislative requirements, it is necessary to demonstrate that the individuals' privacy is adequately protected. There is no consolidated standard for measuring privacy in synthetic data. Through an expert panel and consensus process, we developed a framework for evaluating privacy in synthetic data. Our findings indicate that current similarity metrics fail to measure identity disclosure, and their use is discouraged. For differentially private synthetic data, a privacy budget other than close to zero was not considered interpretable. There was consensus on the importance of membership and attribute disclosure, both of which involve inferring personal information about an individual without necessarily revealing their identity. The resultant framework provides precise recommendations for metrics that address these types of disclosures effectively. Our findings further present specific opportunities for future research that can help with widespread adoption of synthetic data.