NIST 800-53 REV 5 • SYSTEM AND INFORMATION INTEGRITY

SI-19(8)Motivated Intruder

Perform a motivated intruder test on the de-identified dataset to determine if the identified data remains or if the de-identified data can be re-identified.

CMMC Practice Mapping

No direct CMMC mapping

NIST 800-171 Mapping

No direct NIST 800-171 mapping

Related Controls

No related controls listed

Supplemental Guidance

A motivated intruder test is a test in which an individual or group takes a data release and specified resources and attempts to re-identify one or more individuals in the de-identified dataset. Such tests specify the amount of inside knowledge, computational resources, financial resources, data, and skills that intruders possess to conduct the tests. A motivated intruder test can determine if the de-identification is insufficient. It can also be a useful diagnostic tool to assess if de-identification is likely to be sufficient. However, the test alone cannot prove that de-identification is sufficient.

Practitioner Notes

Test your de-identification by simulating a "motivated intruder" — someone with publicly available information who actively tries to re-identify individuals in your de-identified dataset.

Example 1: Hire a privacy consultant or internal red team to attempt re-identification using publicly available data (LinkedIn profiles, voter registration records, social media). If they can identify individuals, your de-identification is insufficient.

Example 2: Use automated re-identification risk assessment tools that compare your de-identified dataset against external data sources to estimate the probability of re-identification. If the risk exceeds your threshold (typically 5-10%), apply additional de-identification techniques.

More System and Information Integrity Controls

SI-1 Policy and Procedures SI-2 Flaw Remediation SI-2(1) Central Management SI-2(2) Automated Flaw Remediation Status