Topology of Privacy: Lattice Structures and Information Bubbles for Inference and Obfuscation
Information has intrinsic geometric and topological structure, arising from relative relationships beyond absolute values or types. For instance, the fact that two people share a meal describes a relationship independent of the meal's ingredients. Multiple such relationships give rise to relations and their lattices. Lattices have topology. That topology informs the ways in which information may be observed, hidden, inferred, and dissembled. Dowker's Theorem establishes a homotopy equivalence between two simplicial complexes derived from a relation. From a privacy perspective, one complex describes individuals with common attributes, the other describes attributes shared by individuals. The homotopy equivalence produces a lattice. An element in the lattice consists of two components, one being a set of individuals, the other being a set of attributes. The lattice operations join and meet each amount to set intersection in one component and set union followed by a potentially privacy-puncturing inference in the other component. Privacy loss appears as simplicial collapse of free faces. Such collapse is local, but the property of fully preserving both attribute and association privacy requires a global condition: a particular kind of spherical hole. By looking at the link of an identifiable individual in its encompassing Dowker complex, one can characterize that individual's attribute privacy via another sphere condition. Even when long-term attribute privacy is impossible, homology provides lower bounds on how an individual may defer identification, when that individual has control over how to reveal attributes. Intuitively, the idea is to first reveal information that could otherwise be inferred. This last result highlights privacy as a dynamic process. Privacy loss may be cast as gradient flow. Harmonic flow for privacy preservation may be fertile ground for future research.
READ FULL TEXT