Can Two Walk Together: Privacy Enhancing Methods and Preventing Tracking of Users

04/06/2020
by   Moni Naor, et al.
0

We present a new concern when collecting data from individuals that arises from the attempt to mitigate privacy leakage in multiple reporting: tracking of users participating in the data collection via the mechanisms added to provide privacy. We present several definitions for untrackable mechanisms, inspired by the differential privacy framework. Specifically, we define the trackable parameter as the log of the maximum ratio between the probability that a set of reports originated from a single user and the probability that the same set of reports originated from two users (with the same private value). We explore the implications of this new definition. We show how differentially private and untrackable mechanisms can be combined to achieve a bound for the problem of detecting when a certain user changed their private value. Examining Google's deployed solution for everlasting privacy, we show that RAPPOR (Erlingsson et al. ACM CCS, 2014) is trackable in our framework for the parameters presented in their paper. We analyze a variant of randomized response for collecting statistics of single bits, Bitwise Everlasting Privacy, that achieves good accuracy and everlasting privacy, while only being reasonably untrackable, specifically grows linearly in the number of reports. For collecting statistics about data from larger domains (for histograms and heavy hitters) we present a mechanism that prevents tracking for a limited number of responses. We also present the concept of Mechanism Chaining, using the output of one mechanism as the input of another, in the scope of Differential Privacy, and show that the chaining of an ε_1-LDP mechanism with an ε_2-LDP mechanism is lne^ε_1+ε_2+1/e^ε_1+e^ε_2-LDP and that this bound is tight.

READ FULL TEXT

page 1

page 2

page 3

page 4

research
11/29/2018

Amplification by Shuffling: From Local to Central Differential Privacy via Anonymity

Sensitive statistics are often collected across sets of users, with repe...
research
01/10/2022

Optimal and Differentially Private Data Acquisition: Central and Local Mechanisms

We consider a platform's problem of collecting data from privacy sensiti...
research
10/29/2021

Combining Public and Private Data

Differential privacy is widely adopted to provide provable privacy guara...
research
04/15/2019

Differential Privacy for Eye-Tracking Data

As large eye-tracking datasets are created, data privacy is a pressing c...
research
06/17/2021

Interval Privacy: A Framework for Data Collection

The emerging public awareness and government regulations of data privacy...
research
03/07/2019

Impact of Social Learning on Privacy-Preserving Data Collection

We study a model where a data collector obtains data from users through ...
research
12/02/2019

Estimating Numerical Distributions under Local Differential Privacy

When collecting information, local differential privacy (LDP) relieves t...

Please sign up or login with your details

Forgot password? Click here to reset