Quiz Entry - updated: 2026.06.07
Why does l-diversity fail to fully prevent inference attacks?
Because counting distinct values ignores meaning, background knowledge, and skew — three gaps that still leak information.
l-diversity guarantees l distinct sensitive values per class, but that's a crude defense for three reasons:
- Lack of semantic diversity — distinct values can be meaningfully the same. "Gastric ulcer," "stomach cancer," and "intestinal disease" satisfy l-diversity but all reveal a gastrointestinal problem.
- Insufficient against background knowledge — an attacker with external facts can still make high-confidence inferences even when l-diversity holds.
- Skewness vulnerabilities — when the sensitive attribute is highly skewed (e.g. 90% of a population has attribute A), even a "diverse" group leaks information, because the probabilities are far from the baseline.
These gaps are exactly what similarity attacks (semantics) and t-closeness / differential privacy (skew, background knowledge) address.
Tip: Diversity counts how many values; it doesn't ask whether they mean the same thing or how common they are. That's where it breaks.