Managing your Private and Public Data: Bringing down Inference Attacks against your Privacy

TL;DR

This paper introduces a practical framework for protecting private data during public release by minimizing inference attacks through optimized data distortion, addressing real-world challenges like prior knowledge and scalability.

Contribution

It presents a convex optimization-based method for privacy-preserving data release, including bounds on prior mismatch impact, quantization techniques, and empirical validation on real datasets.

Findings

Effective privacy-utility tradeoff achieved with limited distortion

Quantization reduces optimization complexity for large datasets

Correlations between political views and TV habits demonstrated

Abstract

We propose a practical methodology to protect a user's private data, when he wishes to publicly release data that is correlated with his private data, in the hope of getting some utility. Our approach relies on a general statistical inference framework that captures the privacy threat under inference attacks, given utility constraints. Under this framework, data is distorted before it is released, according to a privacy-preserving probabilistic mapping. This mapping is obtained by solving a convex optimization problem, which minimizes information leakage under a distortion constraint. We address practical challenges encountered when applying this theoretical framework to real world data. On one hand, the design of optimal privacy-preserving mechanisms requires knowledge of the prior distribution linking private data and data to be released, which is often unavailable in practice. On the other hand, the optimization may become untractable and face scalability issues when data assumes values in large size alphabets, or is high dimensional. Our work makes three major contributions. First, we provide bounds on the impact on the privacy-utility tradeoff of a mismatched prior. Second, we show how to reduce the optimization size by introducing a quantization step, and how to generate privacy mappings under quantization. Third, we evaluate our method on three datasets, including a new dataset that we collected, showing correlations between political convictions and TV viewing habits. We demonstrate that good privacy properties can be achieved with limited distortion so as not to undermine the original purpose of the publicly released data, e.g. recommendations.