Attention: You are using an outdated browser, device or you do not have the latest version of JavaScript downloaded and so this website may not work as expected. Please download the latest software or switch device to avoid further issues.

ANALYSIS > Data Policy > Explainer: Department of Commerce’s Order on Disclosure Avoidance (DAO 216-26)

Explainer: Department of Commerce’s Order on Disclosure Avoidance (DAO 216-26)

UPDATED JULY 2026
18 Jul 2026
Data Policy

 Download Explainer 

Go to the Fact sheet

Our Position

The Data Foundation takes no position on whether DAO 216-26 should stand. Our role is to clarify the policy-versus-statistics distinction that this debate turns on, to help the community understand what the order does and does not mean, and to convene the agencies, data users, and methodologists around the facts —including hosting a neutral venue for stakeholders to be heard and helping to frame the product-by-product impact assessment the debate needs. We hold the shared goal that unites every serious party to this discussion: the maximum of accurate, usable public data, with the confidentiality of respondents genuinely protected.
 

Current Discourse

An emerging debate since the publication of the order has quickly sorted into camps. Some hear an attack on sound statistical science; others hear a welcome return to numbers the public can readily trust. Reactions have been strong and have come from several directions. Many data-user and statistical-professional organizations have raised concerns, some emphasizing the risk that leaning on suppression and coarsening will mean less usable public data, especially for small areas and small population groups; others focused on the change process, noting that a change of this scope was issued without a public comment period.


Understanding the types of decisions at play

Behind any published statistic that draws on confidential data sit at least two very different kinds of choices.

The first kind of choice is about values, and no formula can answer value-laden questions. The questions are judgments about competing public goods, and reasonable people across a democratic society will weigh them differently. These are POLICY DECISIONS, and they include setting the top-line budget for producing timely, trusted data is itself a policy choice about priorities, one that determines what is even possible on the technical side, how much data can be collected, what can be safely and responsibly protected, and what mechanisms for access and openness will be made available.

The second kind is about technique. These questions have more technically right-or-wrong answers, and answering them well takes specialized training. They are squarely STATISTICAL DECISIONS.
 

Separating the questions and who should answer them

The healthiest arrangement is simple to state and surprisingly easy to lose sight of: accountable policymakers make the policy decisions (which we hope are done openly, and informed by the evidence) and statistical professionals make the statistical decisions.

Policy Questions

  • How much risk to confidentiality Is acceptable?How much accuracy or detail should we trade for protection?
     
  • How much to Invest In the statistical system—the top line budget—for trusted data?
     
  • Who bears the risk, and who benefits?

Statistical Questions

  • GiIen the risk target, which method protects data with the least loss of usefulness?
     
  • How do we build, calibrate, and test the method?
     
  • How do we allocate a given budget to produce statistics efficiently and well?
     
  • How do we implement technique reproducibly, and document It?


The privacy dial

Determining the level of acceptable risk of reidentification is a choice about how much accuracy the public should trade for how much protection. This is a value judgment with real consequences for societal activities like redistricting, funding, research, and trust. Designing the machinery that hits a chosen setting with the least possible loss of usefulness is a statistical question, and an incredibly hard one. The profession itself has put it this way: the American Statistical Association has described the size of that privacy "budget" as "both a policy and social question," one for accountable stakeholders to decide, with statisticians informing the tradeoffs.

Every setting in this privacy dial is a different bargain between accuracy and confidentiality.

Blurred line

This confusion between policy decisions and technical decisions is not new. Disclosure avoidance is genuinely technical and required by law, so its policy content is easy to tuck inside mathematics and computer science. The people most fluent in the valid, reliable methods that are operationally available are statisticians, so the value-laden choices can drift, by default, to the technical experts who happen to be in the room—not because they seek that authority, but because no one else recognizes the choice as theirs to make, especially policy officials who may be less steeped in complex technical details.


Why this framing matters

The costs of getting it wrong run in both directions. When policy choices masquerade as technical ones, the public is quietly shut out of decisions that are really about values, and trust erodes when people later realize a consequential judgment was made without them. When genuinely technical questions are settled by non-specialists or by blanket rules, the result can be poor execution: data that is suppressed when it need not be, or confidentiality that is not actually protected. Clear lines between policy and technical decisions produce better accountability, better methods, and more durable public trust regardless of the substantive path that is chosen. The discipline runs in both directions. Just as a policy choice can hide inside technical work, a policy ambition can outrun what a method can actually deliver at scale. A sound choice, in either direction, must be guided by honest evidence about what the technology can and cannot do. Policy sets the direction; the methods determine what is actually achievable.
 

Applying the frame to DAO 216-26

Seen through this lens, the new Commerce Department order about data protections comes into focus. The order's central move is to steer away from noise infusion and toward grouping, rounding, and withholding. The order’s text offers both a methodological directive and a policy choice about acceptable risk, presenting a decision between balancing accuracy and confidentiality. That is a legitimate kind of decision for accountable policymakers to make. Framing the order as simply "anti-statistics" misunderstands the action; but so too does treating a value judgment as if it were a settled technical finding.

There is a fair question at the edge of this debate: the same law that assigns the agencies their core responsibilities also tasks the agencies themselves with determining the appropriate methods to carry them out, so exactly where a policy choice about acceptable risk ends and a specific method determination begins is genuinely ambiguous. Understood precisely, a choice like this order is best read as a policy determination about how much accuracy and reliability published figures must have — a value judgment about how much alteration of published values is acceptable, which accountable officials may legitimately make — with the treatment of any particular method following from that standard. Whether a given method in fact compromises accuracy is itself partly a technical question on which experts differ; but prioritizing accuracy and weighing it against other goods is a policy call, not a technical finding.

It also helps to be precise about what "accuracy" means in the context of disclosure avoidance. Coarsening and suppression have a real virtue, which the order emphasizes: they do not publish altered values — a coarsened figure is true, just less detailed, and a suppressed figure is simply absent rather than perturbed. But choosing them does not make the underlying tension disappear. The tradeoff between protecting confidentiality and preserving usefulness is a mathematical feature of releasing data about small groups; moving away from noise does not dissolve that tradeoff so much as relocate it — into coarser geographies, fewer published cells, or withheld tables. Recognizing this is not an argument for or against the order. It is simply what lets everyone weigh the same choice honestly.

What remains squarely statistical is everything about carrying the choice out: how the agencies implement the permitted approaches; how they assess, product by product, what grouping and withholding can and cannot protect; how they measure the confidentiality risk that remains; and how they communicate the resulting uncertainty, so that a user in a small town or a small population group understands what the numbers can and cannot bear. The order also adds an implementation step that is not, strictly, a statistical one. Before any Census Bureau or BEA product is released, it must pass an individualized legal review conducted by the agency director together with the Office of the General Counsel, against the specific confidentiality statute that governs it. Much of the order's real-world effect will be decided here. How much this matters will turn on details still to be set in the implementation guidance, above all whether a product is cleared once or re-reviewed with each release. 

The data and privacy communities can pursue productive questions such as: 

  • Was the policy choice made transparently? 
     
  • Was it informed by the agencies' evidence about what is technically feasible and what it will cost in usefulness? 
     
  • And is the implementation being left to the professionals who know how to execute well? 

Those questions are answerable, and they point toward cooperation rather than conflict.


What do we know right now?

  1. Commerce has described the order's primary intent as prioritizing the accuracy
    and objectivity of published data for users, while continuing to meet confidentiality obligations. Whether the order achieves that goal in practice and at what cost in granularity for small areas and small populations is the empirical question that implementation and independent analysis will answer.
     
  2. Commerce has assured that no statistical products are being discontinued because of this order. As of this writing (July 2026), the agencies are developing implementation guidance, expected in the coming weeks, and existing data products are expected to continue to be made available in compliance with the order, using the confidentiality protections that remain available. That forthcoming guidance will be the authoritative source on how specific products are handled, and what the impact of the orderʼs requirements will be on the availability, level of detail, and release schedules of individual products.
     
  3. Open questions remain: the full list of products affected; how exemptions apply, Including reimbursable products and formula-grant cross-tabs; treatment of already-released data; and the extend of congressional oversight inquiries.


What good practice looks like

The bipartisan U.S. Commission on Evidence-Based Policymaking, the Foundations for Evidence-Based Policymaking Act, the Public Trust Regulation that reinforces Statistical Policy Directive No. 1, the scientific-integrity commitments of recent administrations of both parties, and, most recently, the statistical profession's own 2026 roadmap for modernizing the federal statistical system all converge on the same picture:

  • Policy choices about acceptable risk are made openly by accountable officials and informed by statistical evidence and the people who use the data.
     
  • The statistical implementation and the measurement and disclosure of risk and uncertainty rest with the expert agencies.
     
  • The methods used and their effects on the data should be documented and explained, so the public can understand and trust what was done.

A decision reached this way can command confidence regardless of which methods it favors. A decision reached opaquely, or with the policy and technical roles confused, invites mistrust even when the underlying choice is sound.

This is also why process matters as much as substance. When a change to how statistics protect confidentiality carries broad, rulemaking-scale consequences, the good-practice instincts above point toward an open comment process and a published, product-by-product assessment of how the change affects both data usefulness and disclosure risk, so that accountable officials, the expert agencies, and the data users who depend on these products can all see the tradeoffs before they are locked in. None of that dictates which methods should win. It is simply how a consequential choice earns trust, whatever it decides.

Congress, in fact, already sketched a more systematic way to make these calls. The Evidence Act directs OMB to issue standards for categorizing how sensitive each data product is and how accessible it can safely be, with public risk assessments behind release decisions (44 U.S.C. § 3582). That rule has not yet been issued, so for now these judgments are being made without the transparent, risk-based framework the law envisioned, which is part of why so much weight now falls on method choice and case-by-case legal review. 

The argument over how federal statistics protect confidentiality will be far more productive once we stop treating it as a single question; there are clearly two dimensions. One is about values and belongs, transparently, to accountable policymakers informed by expertise. The other is about technique and belongs to the statisticians.

The Data Foundation works at exactly this seam between data policy and statistical practice, and has since its founding. Our interest is that the choice is recognized for what it is, made in the open, informed by the best evidence, and carried out by the professionals best equipped to implement.


About the Data Foundation

The Data Foundation is a Washington, DC-based, non-profit, non-partisan organization. We are a trusted authority on the use of open, accessible data to fuel a more efficient, effective, and accountable government; spark innovation; and provide insights to the countryʼs most pressing challenges. We conduct research, facilitate collaborative thought leadership, and promote advocacy programs that advance practical policies for the creation and use of accessible, trustworthy data and evidence. For more than a decade, the Data Foundation has been bringing attention to key issues facing the data community. We bring together non-traditional partners and stakeholders to devise practical solutions, which culminate in new policies and approaches for innovating and using data and evidence. The impacts from our work have been tremendous, culminating in enactment of milestone legislation, stronger communities for implementing transparency and data initiatives, and demonstrations of new strategies for innovating with government data. DataFoundation.org

image

DATA FOUNDATION
1100 13TH STREET NORTHWEST
SUITE 800, WASHINGTON, DC
20005, UNITED STATES

INFO@DATAFOUNDATION.ORG

This website is powered by
ToucanTech