Passa alle informazioni sul prodotto
1 su 9

PayPal, credit cards. Download editable-PDF and invoice in 1 second!

GB/T 42460-2023 English PDF (GBT42460-2023)

GB/T 42460-2023 English PDF (GBT42460-2023)

Prezzo di listino $290.00 USD
Prezzo di listino Prezzo scontato $290.00 USD
In offerta Esaurito
Spese di spedizione calcolate al check-out.
Delivery: 3 seconds. Download true-PDF + Invoice.
Get QUOTATION in 1-minute: Click GB/T 42460-2023
Historical versions: GB/T 42460-2023
Preview True-PDF (Reload/Scroll if blank)

GB/T 42460-2023: Information security technology -- Guide for evaluating the effectiveness of personal information de-identification
GB/T 42460-2023
GB
NATIONAL STANDARD OF THE
PEOPLE’S REPUBLIC OF CHINA
ICS 35.030
CCS L 80
Information security technology - Guide for evaluating the
effectiveness of personal information de-identification
ISSUED ON: MARCH 17, 2023
IMPLEMENTED ON: OCTOBER 01, 2023
Issued by: State Administration for Market Regulation;
Standardization Administration of the People's Republic of China.
Table of Contents
Foreword ... 3
Introduction ... 4
1 Scope ... 5
2 Normative references ... 5
3 Terms and definitions ... 5
4 Grading of personal information de-identification effectiveness ... 7
5 Evaluation process for effectiveness of personal information de-identification ... 8
6 Evaluation implementation ... 9
6.1 Evaluation preparation ... 9
6.2 Qualitative evaluation ... 10
6.3 Quantitative evaluation ... 10
6.4 Formation of evaluation conclusions ... 11
6.5 Communication and negotiation ... 11
6.6 Evaluation process documentation management ... 11
Annex A (informative) Examples for direct identifiers ... 13
Annex B (informative) Examples for quasi-identifiers ... 14
Annex C (informative) Identification of quasi-identifier ... 15
Annex D (informative) Examples for de-identification effectiveness evaluation based
on K-anonymity model ... 17
Bibliography ... 25
Information security technology - Guide for evaluating the
effectiveness of personal information de-identification
1 Scope
This document provides guidelines for grading and evaluating the effectiveness of
personal information de-identification.
This document applies to personal information de-identification activities. It is also
applicable to personal information security management, supervision and evaluation.
2 Normative references
The following referenced documents are indispensable for the application of this
document. For dated references, only the edition cited applies. For undated references,
the latest edition of the referenced document (including any amendments) applies.
GB/T 25069-2022, Information security techniques -- Terminology
GB/T 35273-2020, Information security technology -- Personal information security
specification
GB/T 37964-2019, Information security technology -- Guide for de-identifying
personal information
3 Terms and definitions
For the purposes of this document, the terms and definitions defined in GB/T 25069-
2022, GB/T 35273-2020, GB/T 37964-2019 as well as the followings apply.
3.1 personal information
Various information related to identified or identifiable natural persons recorded
electronically or otherwise.
NOTE: Anonymized information is not included.
[Source: GB/T 35273-2020, 3.1, modified]
3.2 personal information subject
The natural person identified or associated with the personal information.
3.9 completely public sharing
Once the data is released, it is difficult to recall, and it is generally released directly
through the Internet.
[Source: GB/T 37964-2019, 3.12]
3.10 controlled public sharing
The use of data is constrained by the data use protocol.
[Source: GB/T 37964-2019, 3.13]
3.11 enclave public sharing
Share within physical or virtual jurisdictions. Data cannot be exported outside the
territory.
[Source: GB/T 37964-2019, 3.14]
3.12 re-identification risk; identifiability
The probability that the subject of personal information can be identified from the data.
3.13 equivalence class
A collection of rows in microdata where all quasi-identifier attribute values have the
same value.
3.14 acceptable risk threshold
The set re-identification risk threshold value.
NOTE: When the re-identification risk is greater than this value, mitigation measures (including
de-identification processing) and emergency measures need to be taken to keep the risk within a
controllable range.
4 Grading of personal information de-identification effectiveness
Based on whether the data can directly identify the subject of personal information, or
how likely it is to identify the subject of personal information, the identifiability of
personal information is graded into four levels, see Table 1, used to distinguish the
effectiveness of de-identification of personal information.
Table 1 -- 4 levels of personal information identifiability
Grading Grading basis
c) Form an evaluation team, including personal information protection compliance
experts, de-identification technical experts, and relevant business experts.
d) Carry out preliminary research, including detailed research on the data usage
environment.
e) Determine the evaluation basis, including relevant laws, regulations and standards.
f) Determine the re-identification risk calculation scheme and acceptable risk
threshold:
1) The re-identification risk calculation scheme considers both the dataset and the
context in which it is used. It can be based on K anonymous model or
differential privacy model, etc.
2) The acceptable risk threshold meets the corresponding safety requirements and
meets the application needs.
g) Develop an evaluation plan.
6.2 Qualitative evaluation
Qualitative evaluation includes:
a) Identify the identifier according to 5.3 in GB/T 37964-2019. Form a list of
identifiers (including direct identifiers and quasi-identifiers).
b) Determine whether the dataset contains identifiers in the identifier list. If it does
not contain any identifiers, it is rated as level 4 and the evaluation ends; otherwise
continue.
c) Determine whether the dataset has eliminated direct identifiers from the identifier
list. If it contains the direct identifiers in the list, it is rated as level 1, and the
evaluation ends; otherwise, further quantitative evaluation is carried out.
6.3 Quantitative evaluation
Quantitative evaluation includes:
a) Quantitatively calculate the re-identification risk. Carry out re-identification risk
calculation according to the re-identification risk calculation scheme determined
in 6.1f).
b) Compare the calculated re-identification risk results with acceptable risk
thresholds. If the re-identification risk result is less than the acceptable risk
threshold, it is rated as level 3; otherwise, it is rated as level 2, and the evaluation
ends.
See Annex D for the re-identification risk calculation scheme and evaluation example
based on the K-anonymity model.
6.4 Formation of evaluation conclusions
The formation of evaluation conclusions includes:
a) Combining the results of qualitative and quantitative evaluations, a grading
conclusion for de-identification effectiveness is formed.
b) The conclusion is approved by management officials.
6.5 Communication and negotiation
During the evaluation process, maintain communication with relevant parties
(including data providers, data receivers, etc.) and record the communication content,
including:
a) Confirmation of understanding of data sharing purpose and data sharing
environment;
b) Establishment of notification mechanism for major data environment changes;
c) Mutual exchange of information and views on re-identification risk metrics;
d) Opinions expressed by interested parties on the risk of re-identification;
e) Plan for regular/irregular reassessment.
6.6 Evaluation process documentation management
Evaluation process documentation management includes the following.
a) Evaluation process documents include the basis, reference and generated process
documents and result documents during...
Visualizza dettagli completi