Data Protection Toolkit Use Case Analysis

Four people sit at a table in front of computers displaying programming code

Using qualitative methods to evaluate the Data Protection Toolkit’s usefulness and identify possible improvements

Client

National Center for Science and Engineering Statistics
Dates

July 2023 – January 2024

Problem

The federal government needs to enable agencies across the government to improve their implementation of statistical disclosure limitations and/or tiered data access.

As part of the National Secure Data Service Demonstration (NSDS-D) activities, NORC implemented a use case analysis of the Federal Committee on Statistical Methodology's Data Protection Toolkit. The toolkit was created to support the implementation of statistical disclosure limitation and tiered access models to support compliance with federal data protection laws and standards and provide guidance for upholding trust in federal statistical agencies’ ability to protect individuals’ privacy. Its sections include best practices for data protection, an inventory of methods and models for data protection, case studies, and resources. It is intended to help expand access to federal datasets while protecting data confidentiality.

The toolkit is referenced multiple times in the final report of recommendations for an eventual NSDS by the congressionally mandated Advisory Committee on Data for Evidence-Building (ACDEB). This project fulfills the report’s recommendation to gather input and feedback on how to build out the toolkit (page 113).

Solution

NORC conducted qualitative interviews to identify current data protection practices and potential toolkit enhancements.

NORC conducted over a dozen in-depth interviews with data users, ensuring representation from federal and state government, academia, and the private sector. An expert facilitator explored each respondent’s role, the organization’s approach to data protection, current resources used to support data and confidentiality protection, and experiences with the toolkit.

Result

Respondents from both federal agencies and non-federal organizations are aware of and invested in the need for making data available while preserving privacy and confidentiality.

Federal agencies employ multiple techniques to avoid disclosure of private and confidential information when disclosing or releasing data. They use a tiered access model for handling external researcher data access requests. The federal agencies interviewed are balancing the desire to make more data available to the public, while protecting confidential information. Non-federal organizations employ similar techniques to avoid disclosure of private and confidential information. Respondents from state governments noted the importance of meeting both state legislative requirements around data release and data confidentiality and federal collection requirements for the state-based federal surveys. New differential privacy practices were concerning to non-federal respondents as they were perceived as unnecessary and would ultimately reduce data usability.

Federal agency staff described the toolkit as helpful, saying it provided a source for standard information to share across agencies. Respondents envisioned using the toolkit to learn and understand new data concepts such as differential privacy. Respondents wondered if there would be additional information in the toolkit on different data types.

After the completion of the use case analysis, NORC worked with NCSES to expand the content on the DPT Site for CDOs and Federal Policy Council Officials. NORC also is beginning to work on expanding the DPT content to build Reading Rooms for all roles and to further develop the Assessing Data Quality section of the toolkit.