To address the lack of standardized re-identification risk assessment methodologies for anonymized datasets—hindering compliance verification with privacy regulations such as the GDPR—this study proposes a practical, deployable risk assessment framework. Methodologically, it pioneers the adaptation of the EBIOS (Expression des Besoins et Identification des Objectifs de Sécurité) risk analysis paradigm from cybersecurity to privacy contexts, integrating real-world attack-pattern-driven threat modeling with an attribute-level exposure quantification model to jointly evaluate attack feasibility and individual impact. Key contributions include: (1) the first EBIOS-based privacy risk assessment workflow; (2) a computable, tiered attribute exposure model; and (3) ready-to-use operational guidelines and tooling support. Empirical validation demonstrates that the framework enables organizations to conduct compliant, reproducible assessments of anonymization effectiveness.

To prove that a dataset is sufficiently anonymized, many privacy policies suggest that a re-identification risk assessment be performed, but do not provide a precise methodology for doing so, leaving the industry alone with the problem. This paper proposes a practical and ready-to-use methodology for re-identification risk assessment, the originality of which is manifold: (1) it is the first to follow well-known risk analysis methods (e.g. EBIOS) that have been used in the cybersecurity field for years, which consider not only the ability to perform an attack, but also the impact such an attack can have on an individual; (2) it is the first to qualify attributes and values of attributes with e.g. degree of exposure, as known real-world attacks mainly target certain types of attributes and not others.