Upload
others
View
8
Download
0
Embed Size (px)
Citation preview
Challenges to guarantee the
statistical confidentiality on
publishing public microdata
on education
Brasília-DF | Junho, 2018
▪ Approximation to the microdata access problem.
▪ International recommendations and principles.
▪ Mexican legal dispositions regarding the confidentiality and
accesss to microdata.
▪ How do we commonly deal with this problem?
▪ Taking care of microdata-restrictions.
SUMÁRIO
Approximation to the microdata access problem.
The community of researchers is one of those that can add more value
to statistical data when preparing analyzes that make it possible to
advance and deepen knowledge.
▪ For this reason, it is of interest for the statistical units support the
investigation.
▪ However, the analysis projects require access not only to the
published statistics, but also to the data at the level of the unit for
capturing the statistics in question.
▪ These individualized data, called microdata, are protected from being
supplied to third parties by the so-called statistical secret.
Challenges to guarantee the statistical
confidentiality on publishing public microdata on
education.
Personal data is the most intimate information of a person, it gives
identity within a social group; they define it, they make it unique and
they identify it from the rest of the people. The concept not only
includes identity data, but also aspects such as health status, good
repute, economic and property issues.
The concept of Protection of Personal Data is necessary because the
violation of a personal data can harm its owner, both on his person and
on his property. The facilitator of these violations has been technology.
International recommendations and principles.
The United Nations Organization, points out in the Principles
fundamentals of official statistics, the sixth principle:
“Individual data collected by statistical agencies for statistical
compilation, whether they refer to natural or legal persons, are to
be strictly confidential and used exclusively for statistical
purposes”.
The UN also establishes the following recommendations:
▪ Take measures to prevent direct or indirect disclosure of the
data of people, homes, businesses and other individual
informants.
▪ Develop a framework that incorporates the methods and
procedures that are will continue to facilitate anonymized
microdata to good researchers, preserving the principle of
confidentiality.
The protection of personal data
worldwide: OCDE Guidelines(1980)
Counsil of Europe Convention 108 (1981)
U.N. Resolution 45/95 (1990)
Directive 95/46/CE(1995)
Privacy Framework APEC
(1999)
Letter of the Fundamentals Rights of the
European Union (2000)
Guideliness of Armonization of the Iberoamerican
Network (2007)
International Standards (2009)
Lets start with the dilemma…
▪ In a context in which information is all, the Mexican State has assumed the
responsibility for the protection and guarantee of two important rights:
access to public information and protection of personal data. The
innovative and inherent feature of both rights is part of the strengthening of
Mexico´s regulatory and institutional framework, which motivated the
creation and subsequent consolidation of the National Institute for
Transparency, Access to Information and Personal Data Protection (INAI),
a fundamental institution for our country´s democratic advancement.
▪ The INAI is the Mexican State´s Autonomous Constitutional Body, which
oversees the effective protection of both rights, both at a national and
international level. This leads us to generate close collaboration networks
with other local and international guaranteeing authorities. This, in order to
learn from their good practices and to share our experiences on matters
related to transparency, access to information, personal data protection
and privacy.
▪ Article 4 of the Federal Law of Transparency and Access to public
Information (LFTAIPG) established: The human right of access to
information includes requesting, researching, disseminating, seeking and
receiving information.
All the information generated, obtained, acquired, processed or held by the
regulated entities is public and accessible to anyone under the terms and
conditions set forth in this Act, in international treaties to which the Mexican
State is a party, the Federal Act, the laws of the States and the regulations
applicable in their respective jurisdictions; only exceptionally it may be
classified as temporarily restricted for reasons of public interest and national
security, in the terms provided by this Act.
▪ Article 116. It is considered confidential information that which contains
personal data relating to an identified or identifiable person. Confidential
information will not be subject to any time frame and may only be accessed by
holders thereof, their representatives and Public Servants entitled thereto.
General Law on Protection of Personal Data
in the possession of obligated subjects.
Its purpose is that of establishing the bases, principles and
procedures required to uphold the right of any person to the
protection of his/her personal data held by obligated parties.
Obligated parties under this Law in the federal, state and local
sphere are any authority, entity, agency or body of the Executive,
Legislative and Judiciary Branches, autonomous entities,
political parties, trusts and public funds.
The State will guarantee the privacy
of individuals and must ensure that
third parties do not engage in
behaviors that may affect them
arbitrarily.
Article 6 of the law
establish:
▪ The protection of personal data, far from being seen as a
normative obligation, must be assumed as a commitment of
the public and private sectors to citizens, and to all people, as it
is a human right, enshrined in the Constitution.
▪ The challenge for responsible entities is twofold: on the one
hand, they must be kept up-to-date on technology, in order to
provide users of public and private services with access to
them; and on the other hand, they must guarantee that the
personal data they collect are duly protected.
▪ Complying with the above will strengthen the confidence of
citizens in public and private institutions, in addition to
improving and increasing access to the services they offer.
The public servants must provide
the Privacy Notice to people from
whom they collect personal data, or
inform them where to consult it, so
that they know the authority
responsible for their data is, in what
system they are stored, the use they
are given and the foundation for the
treatment of them.
The Secretariat of Public
Function request that:
“Confidentiality is one of the
Fundamental Principles of Official
Statistics. It is a top priority issue on
the policy agenda of statistical
offices and an indispensable
element to maintaining the trust
of respondents and thus ensuring
the quality of data”.
How do we commonly deal with this problem in Mexico?
▪ To have a first idea of what is at stake, two extreme forms are
considered:
▪ The first, apparently simple and effective, consists of providing
anonymous microdata.
▪ This practice has two drawbacks:
▪ Anonymization can make data individualized results useless.
▪ The deletion of the identification data already mentioned does not
guarantee that informants can not be recognized completely.
▪ At the other extreme, there is a second form, which is effective in
preserving confidentiality and statistical secrecy.
▪ It consists in the fact that it is the statistical agency itself that
manipulates the individual data under the direction of the
researcher and that provides only the aggregated statistical
results.
▪ This scheme transfers, in principle, the cost to the statistical
agency and for the researcher it represents a restriction because
it can not develop the feeling of the data that only direct contact
with them provides.
How do we commonly deal with this problem in Mexico?
▪ We face a non-trivial problem.
▪ It is about balancing -given the risk tolerance of statistical
authority,
▪ access to microdata (which includes the modalities and
procedures of that access, the cost and its distribution) and, the
risk of a breach of the confidentiality precept (whose probability
also depends on the modality and procedure of access, as well
as the type of data, the legal framework and the reliability of the
researcher).
▪ In the terms proposed, access to microdata is conceived as a
problem of risk management.
Examples of restriction for public microdata: National Plan for
Evaluation of the Learning (Planea): sixth grade, Elementary
and third of low Secondary.
▪ The Secretariat of Public Education has a National
Registration of Students (RNA), per article 12 of the General
Law of Education, the database has all the student names,
ages, genre, from all the schools in the country. This is
collected by each state every year.
▪ This is why should be too important that all public officers
should know and follow the General Law on Protection of
Personal Data in the Possesion of Obligated Subjects.
▪ When we implement a national test, each participant receives
an ID (folio), to review his results later so there is no way to
enter the microdata without it.
Teachers Performance Evaluation:
▪ In accordance with the provisions of articles 52, 53 and 54 of the General
Law of the Professional Teaching Service and the Guidelines to carry out
the performance evaluation of those who perform teaching, direction and
supervision functions in the Basic and Upper Secondary Education, LINEE-
05-2015; The Secretariat of Public Education carries out the publication of
the global results and the individual reports of results of the supporters who
participated in the process of Performance Evaluation in Basic Education,
school year 2015-2016.
▪ With the publications of results, the principles of legality, certainty,
impartiality, objectivity and transparency established in the Professional
Teaching Service are met.
▪ To consult the individual and global results it is necessary that you enter
your Unique Code of Population Registration.
COMIPEMS: is the process of selection of candidates to high
school that takes place in the Metropolitan Area of Mexico City
through a single call.
In this last contest, the participant need to
enter the registration folio and the Unique
Code of Population Registration.
▪ In the different evaluations, the folios (ID codes) are formed differently,
some have 9 digits some have 11. Different digits represent different
things and are done so the Secretariat can identify but at the same time
with the purpose of non public identification.
▪ Since the begin in all the evaluations, all personal data has been
forbiden to published, so the participant cannot be identified at all. All
microdata is only used for analysis inside the Secretariat only.
▪ If the Secretariat has hired an institute to administrate an evaluation, the
institute should follow the Federal Law of Protection of Personal Data in
Posession of the Particulars (LFPDPPP). The Law provides for
sanctions ranging from the warning (equivalent to a wake-up call), to the
imposition of fines from 100 to 320 thousand days of Minimum Wage
General valid, which is equivalent to about 18 million of pesos. Also,
depending on the seriousness of the crime, there could be civil and
criminal liabilities.
▪ Managing Statistical Confidentiality and Microdata Access:
Principles and Guidelines of Good Practice.
▪ UN Economic Commission for Europe, Conference of European
Statisticians,Geneva, 25 October 2006, 99 pp.
▪ Approaches, trends and international recommendations on access
by the community of researchers to microdata.
▪ www.unece.org/stats/documents/tfcm.htm
▪ www.sep.gob.mx
▪ www.comipens.com.mx
▪ www.snrspd.gob.mx
CRÉDITOS
Acesse nossas redes sociais Conheça nossas publicações
Fale com a Presidência/Diretoria
MUITO OBRIGADO(A)!
YOUTUBE
PORTAL INEP portal.inep.gov.br
[email protected](61) 2022-XXXX