[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Election Data

On Sat, Jul 26, 2008 at 17:25, seth vidal <skvidal fedoraproject org> wrote:
Sufficient anonymization would mean the data would end up being:


Well, no.  You would have:

ballot 001: {Jones : 10, Smith : 9, Adams : 0}
ballot 002: {Jones : 6, Smith : 0, Adams 10}

Maybe a particular individual could identify his ballot if only one ballot was like the one he cast.  But then only _he_ knows that's his ballot.  There's no privacy disclosure issue here.

Now, there is an issue that he could sell his vote in this case.  But I don't imagine that's a serious problem for you.
Seriously, there's no good way to anonymize it enough w/o making it useless.


More to the point, no one would believe it was sufficiently anonymized.

You don't have to "believe" the data is anonymized.  You can prove it.  If there's any information that identifies the identity of the voter, it's not anonymized.

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]