In this paper we propose a new approach for cell suppression for protecting tabular data against disclosure of sensitive information.
National Statistical Institutes (NSIs) have the obligation to protect the privacy of individual persons or enterprises against disclosure of potentially sensitive information. For this reason, NSIs protect tabular data against disclosure of sensitive information before they are released. For tabular magnitude data, the starting point of this protection process usually is a sensitivity measure for individual cells. Such a sensitive measure defines when a cell value if considered safe for publication or not. An often used method to protect a table with unsafe cells against disclosure of sensitive information is cell suppression. In the literature it is argued that the standard criterion for deciding whether a table after suppression is safe or not is somewhat inconsistent and a new criterion has been proposed. In addition, a mixed-integer programming problem formulation has been proposed for applying this new criterion. The problem with that formulation is that it is very hard to solve for even moderately sized tables. In the current paper we propose solving a number of smaller and computationally much easier linear programming problems instead of solving one large mixed-integer programming problem.
