The widespread availability of powerful geocoding tools in commercial Geographic Information Systems (GIS) software and the interest in spatial analysis at the individual level have made address geocoding a widely employed technique in many different fields. However, when locations of individuals and/or households are made public as published maps, the addresses associated with these locations can be determined using a technique known as "reverse geocoding." Therefore, individual-level data can often not be released due to geospatial privacy concerns and/or legal requirements. Techniques to preserve geospatial privacy exist and are collectively referred to as "geographic masking." The goal of this research is to develop robust methods for the protection of geospatial privacy of individual and/or household level data. The research will: 1) investigate the capabilities of reverse gecoding in identifying individuals and/or households based on point locations and associated attribute data; 2) determine which geographic masking techniques are most effective in meeting standards for geospatial privacy protection; and 3) determine the impact of geographic masking techniques on spatial analysis derived from point locations. The overall research design relies upon an empirical evaluation of reverse geocoding and geographic masking using a large sample of residential addresses in twelve different US Counties. Several types of geocoding will be employed, including address point and street geocoding using GIS software as well as commercial geocoding firms. Various existing and newly developed geographic masking techniques will be applied and evaluated for their robustness. This will provide an assessment of the type and magnitude of masking necessary to effectively preserve geospatial privacy. The effect of geographic masking will be determined using several large simulated datasets of typical individual-level data. This will provide insight into which geographic masking techniques provide sufficient levels of geospatial privacy protection, while at the same time maximizing the robustness of spatial-statistical analysis of the masked data.
The increased interest in individual level data in a number of fields and the widespread availability of high quality spatial data and software tools present a major challenge to the protection of geospatial privacy. Current practices in the use of geographic privacy protection techniques do not consider the abilities of software tools, and are not based on theoretical or empirical estimates of the likelihood that geospatial privacy is breached. This research will expand existing privacy concepts to geographic data in order to provide a consistent quantification of the degree to which geospatial privacy is protected. The research will provide specific guidelines for the use of specific geographic masking techniques in the light of the current and future capabilities of reverse geocoding. This will provide much needed confidence in deciding whether and how to release individual-level locational data.
