C-sanitized: a privacy model for document redaction and sanitization

Within the current context of Information Societies, large amounts of information are daily exchanged and/or released. The sensitive nature of much of this information causes a serious privacy threat when documents are uncontrollably made available to untrusted third parties. In such cases, appropriate data protection measures should be undertaken by the responsible organization, especially under the umbrella of current legislations on data privacy. To do so, human experts are usually requested to redact or sanitize document contents. To relieve this burdensome task, this paper presents a privacy model for document redaction/sanitization, which offers several advantages over other models available in the literature. Based on the well-established foundations of data semantics and the information theory, our model provides a framework to develop and implement automated and inherently semantic redaction/sanitization tools. Moreover, contrary to ad-hoc redaction methods, our proposal provides a priori privacy guarantees which can be intuitively defined according to current legislations on data privacy. Empirical tests performed within the context of several use cases illustrate the applicability of our model and its ability to mimic the reasoning of human sanitizers.

💡 Research Summary

This paper introduces a new approach to address privacy threats in the context of information societies, particularly focusing on document redaction and sanitization. The C-sanitized model is designed to reduce the burden on human experts by automating this process while ensuring compliance with current data protection regulations. Based on established principles from data semantics and information theory, the model provides a framework for developing automated tools that can mimic the reasoning of human sanitizers.

The key strength of the C-sanitized model lies in its ability to provide a priori privacy guarantees defined according to existing legal frameworks on data privacy. This feature allows organizations to implement robust data protection measures without relying solely on manual processes, which can be time-consuming and prone to errors. The paper demonstrates through empirical tests across various use cases that the model is effective in automating document sanitization while maintaining high standards of privacy.

The comprehensive approach taken by C-sanitized includes not only technical advancements but also aligns with legal requirements, making it a robust solution for organizations dealing with sensitive information. By leveraging semantic understanding and information theory, the model ensures that automated redaction processes are both efficient and legally compliant, thereby offering a significant improvement over ad-hoc methods used in traditional document sanitization practices.

Overall, the C-sanitized model represents an innovative step towards automating privacy-preserving document handling, providing organizations with a reliable tool to protect sensitive information while adhering to strict legal standards.