Re-identification Risk

Re-identification risk is one of the most critical threat models in data privacy. Even if direct identifiers are removed, individuals may be identified again through combinations of indirect fields such as age, location, date, and behavior. For that reason, privacy assessment cannot focus only on direct identifiers. Re-identification analysis is a core security layer in data sharing and open-data release. In synthetic data and anonymization projects, this risk should be explicitly measured and documented.