The recent explosion in demands for microdata from researchers and policy makers, especially when the data collection is paid for with public funds, has increased concerns about confidentiality protection. Confidentiality of responses is a serious commitment made by data-collecting agencies to participants in the study. A similar commitment is expected of any agency that disseminates the data to researchers and policy makers. Along with the increased demands for microdata, a number of commercial databases with the identifying information such as names and addresses and demographic information have also become accessible. These databases raise the concern that an intruder can potentially link the anonymous survey data released by the data collection agencies for public use with the commercial databases to identify one or more respondents to the survey. This research proposal has three primary objectives: (1) To assess the risk of disclosure using data from four test-bed national probability surveys covering a wide variety of topics. The risk will be addressed using two broad classes of intruder models. Type I, where an individual, personally known to the intruder, is known by the intruder to be in the survey; and Type II, where an intruder with access to an external database with names and addresses is seeking to identify respondents in the survey and hence gain access to confidential information; (2) To develop and evaluate new methods to avoid disclosure, and (3) To develop strategies for replacing variables in public-use data sets deemed to increase the risk of disclosure by summary variables that allow users to adjust or control for these variables without knowing their actual values.