Date of Original Version



Technical Report

Abstract or Description

Policymakers struggle to determine the proper tradeoffs between data accessibility and data-subject privacy as public records move online. For example, Allegheny County, Pennsylvania recently eliminated the ability to search the county property assessment database using property owners' names. We conducted a user study to determine whether this strategy provides effective privacy protection against a non-expert adversary. We found that removing search by name provides some increased privacy protection, because some users were unable to use other means to determine the address of an individual. However, this privacy protection is limited, and interface usability problems presented a comparable barrier. Our analysis suggests that if policymakers use removal of search by name as a privacy mechanism they should attempt to mitigate usability issues that can hinder legitimate use of public records databases.