...

DataSHIELD server-side functions contain disclosure traps, preventing analysis that could return disclosive information and perform real-time disclosure checks during analysis. Disclosure traps are mapped to current best practice for disclosure checking (Welpton, Richard (2019): SDC Handbook. figshare. Book. https://doi.org/10.6084/m9.figshare.9958520.v1) and are configurable by data custodians in Opal to align with their governance needs and the spectrum of data sensitivity. From DataSHIELD v5 onwards there are several disclosure traps that can be deployed in server-side functions, listed below. A summary of disclosure utilised in each function is available at: Disclosure checks . 

...

The minimum value allowed for k on the k-nearest neighbours method which is used mainly for some of the graphical functions. Default value = 3.

nfilter.

...

levels 

Anchor
nfilterlevels nfilterlevels

The maximum number of the unique levels of a categorical variable that are allowed to be returned to the client. If nfilter.levels is set to 0.33 (its default value), and if a categorical variable (i.e. factor) has X distinct categories then if X is greater than the 33% of the variable's length then the categories (i.e. levels) are not returned to the client. This disclosure filter protects against the disclosure of all the unique values in a numerical variable when it is converted to a factor variable. This option has been deprecated.

...