The Five Safes as a Privacy Context
James Bailie, Ruobin Gong
TL;DR
The paper addresses the privacy-utility tradeoff faced by national statistical offices (NSOs) in data dissemination. It reframes the Five Safes as a contextual integrity specialization for statistical dissemination and then contextualizes differential privacy (DP) within this framework. The authors provide a CI-to-Five Safes mapping, discuss DP as a holistic tool for safety over data and outputs, and analyze its limitations in capturing the full contextual normative landscape. The work offers a principled lens for NSOs to balance data utility with privacy, guiding DP design and regulatory alignment within social and legal norms.
Abstract
The Five Safes is a framework used by national statistical offices (NSO) for assessing and managing the disclosure risk of data sharing. This paper makes two points: Firstly, the Five Safes can be understood as a specialization of a broader concept $\unicode{x2013}$ contextual integrity $\unicode{x2013}$ to the situation of statistical dissemination by an NSO. We demonstrate this by mapping the five parameters of contextual integrity onto the five dimensions of the Five Safes. Secondly, the Five Safes contextualizes narrow, technical notions of privacy within a holistic risk assessment. We demonstrate this with the example of differential privacy (DP). This contextualization allows NSOs to place DP within their Five Safes toolkit while also guiding the design of DP implementations within the broader privacy context, as delineated by both their regulation and the relevant social norms.