Improving Opinion Analysis Through Statistical Disclosure Control in eVoting Scenarios

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11032)


This work addresses the problem of Statistical Disclosure Control (SDC) on an electronic voting scenario. Electoral datasets containing voting choices linked to voters demographic profile information, can be used to perform fine-grained analysis of citizen opinion. However, it is strongly required to protect voters’ privacy. Traditional SDC techniques study methods to met some predefined privacy criteria, assuming a trustworthy owner that knows the values of the confidential attributes. Unfortunately, this assumption cannot be made in our scenario, since its dataset contains secret voting choices, which are unknown until they are properly anonymized and decrypted. We propose a protocol and a system architecture to perform SDC in datasets with encrypted attributes, while minimizing the amount of information an attacker can learn about the secret data. The protocol enables the release of electoral datasets, which allow governments and third parties to gain more insight into citizen opinion, and improve decision making processes and public services.


Statistical disclosure control Electronic voting Open data 



The authors would like to thank Xavier Alsina and Alexey Akimov for their collaboration and helpful comments. This work has been partly supported by the Spanish Ministry of Industry, Energy and Tourism (MINETUR) through the “Acción Estratégica Economía y Sociedad Digital (AEESD)” funding plan, through Project ref. TSI-100202-2013-23 “Data-Distortion Framework (DDF).”


  1. 1.
    Bernhard, D., Cortier, V., Galindo, D., Pereira, O., Warinschi, B.: SoK: a comprehensive analysis of game-based ballot privacy definitions. In: Proceedings of the IEEE Symposium on Security and Privacy (S&P), San Jose, CA, pp. 499–516, May 2015Google Scholar
  2. 2.
    Bernhard, D., Warinschi, B.: Cryptographic voting — a gentle introduction. In: Aldini, A., Lopez, J., Martinelli, F. (eds.) FOSAD 2012-2013. LNCS, vol. 8604, pp. 167–211. Springer, Cham (2014). Scholar
  3. 3.
    Chaum, D.: Untraceable electronic mail, return addresses, and digital pseudonyms. Commun. ACM 24(2), 84–88 (1981)CrossRefGoogle Scholar
  4. 4.
    Cramer, R., Gennaro, R., Schoenmakers, B.: A secure and optimally efficient multi-authority election scheme. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 103–118. Springer, Heidelberg (1997). Scholar
  5. 5.
    Delaune, S., Kremer, S., Ryan, M.D.: Verifying privacy-type properties of electronic voting protocols. J. Comput. Secur. 17(4), 435–487 (2009)CrossRefGoogle Scholar
  6. 6.
    Domingo-Ferrer, J., Mateo-Sanz, J.M.: Practical data-oriented microaggregation for statistical disclosure control. IEEE Trans. Knowl. Data Eng. 14(1), 189–201 (2002)CrossRefGoogle Scholar
  7. 7.
    Domingo-Ferrer, J., Torra, V.: Ordinal, continuous and heterogeneous \(k\)-anonymity through microaggregation. Data Min. Knowl. Discov. 11(2), 195–212 (2005)MathSciNetCrossRefGoogle Scholar
  8. 8.
    Fujioka, A., Okamoto, T., Ohta, K.: A practical secret voting scheme for large scale elections. In: Seberry, J., Zheng, Y. (eds.) AUSCRYPT 1992. LNCS, vol. 718, pp. 244–251. Springer, Heidelberg (1993). Scholar
  9. 9.
    Hoeffding, W.: Probability inequalities for sums of bounded random variables. J. Am. Stat. Assoc. 58(301), 13–30 (1963)MathSciNetCrossRefGoogle Scholar
  10. 10.
    Hundepool, A., et al.: Statistical Disclosure Control. Surv. Method. Wiley, Chichester (2012)CrossRefGoogle Scholar
  11. 11.
    Jonker, H., Mauw, S., Pang, J.: Privacy and verifiability in voting systems: methods, developments and trends. Comput. Sci. Rev. 10, 1–30 (2013)CrossRefGoogle Scholar
  12. 12.
    Li, N., Li, T., Venkatasubramanian, S.: \(t\)-closeness: privacy beyond \(k\)-anonymity and \(l\)-diversity. In: Proceedings of the IEEE International Conference on Data Engineering (ICDE), Istanbul, Turkey, pp. 106–115, April 2007Google Scholar
  13. 13.
    Machanavajjhala, A., Gehrke, J., Kifer, D., Venkitasubramaniam, M.: \(l\)-diversity: privacy beyond \(k\)-anonymity. In: Proceedings of the IEEE International Conference on Data Engineering (ICDE), p. 24, Apr 2006Google Scholar
  14. 14.
    Neff, C.A.: A verifiable secret shuffle and its application to E-voting. In: Proceedings of the ACM Conference on Computer and Communications Security (CCS), Philadelphia, PA, USA, pp. 116–125 (2001)Google Scholar
  15. 15.
    Oganian, A., Domingo-Ferrer, J.: On the complexity of optimal microaggregation for statistical disclosure control. UNECE Stat. J. 18(4), 345–354 (2001)Google Scholar
  16. 16.
    Rebollo-Monedero, D., Forné, J., Soriano, M.: \(p\)-probabilistic \(k\)-anonymous microaggregation for the anonymization of surveys with uncertain participation (2016, submitted)Google Scholar
  17. 17.
    Rebollo-Monedero, D., Forné, J., Soriano, M., Puiggalí-Allepuz, J.: \(k\)-anonymous microaggregation with preservation of statistical dependence. Inf. Sci. 342(1), 1–23 (2016)MathSciNetCrossRefGoogle Scholar
  18. 18.
    Samarati, P., Sweeney, L.: Protecting privacy when disclosing information: k-anonymity and its enforcement through generalization and suppression. Technical report, Computer Science Laboratory, SRI International (1998)Google Scholar
  19. 19.
    Truta, T.M., Vinay, B.: Privacy protection: \(p\)-sensitive \(k\)-anonymity property. In: Proceedings of the International Workshop on Privacy Data Management (PDM), p. 94. IEEE Computer Society (2006)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  1. 1.Marfeel Solutions S.L.BarcelonaSpain
  2. 2.Universitat Politècnica de CatalunyaBarcelonaSpain
  3. 3.University of BirminghamBirminghamUK
  4. 4.Scytl Secure Electronic Voting S.A.BarcelonaSpain

Personalised recommendations