Finding the Sweet Spot for Data Anonymization: A Mechanism Design Perspective

TL;DR

This paper presents a two-tier mathematical framework combining game theory and contract theory to optimize data anonymization and incentivization strategies, enhancing privacy protection and data sharing efficiency.

Contribution

It introduces a novel combined game-theoretic and contract-theoretic approach for analyzing and mitigating de-anonymization attacks in data sharing.

Findings

Organizations can optimally choose anonymization levels.

Data collector benefits from incentivizing data sharing.

Framework applies to both single-time and repeated sharing scenarios.

Abstract

Data sharing between different organizations is an essential process in today's connected world. However, recently there were many concerns about data sharing as sharing sensitive information can jeopardize users' privacy. To preserve the privacy, organizations use anonymization techniques to conceal users' sensitive data. However, these techniques are vulnerable to de-anonymization attacks which aim to identify individual records within a dataset. In this paper, a two-tier mathematical framework is proposed for analyzing and mitigating the de-anonymization attacks, by studying the interactions between sharing organizations, data collector, and a prospective attacker. In the first level, a game-theoretic model is proposed to enable sharing organizations to optimally select their anonymization levels for k-anonymization under two potential attacks: background-knowledge attack and homogeneity attack. In the second level, a contract-theoretic model is proposed to enable the data collector to optimally reward the organizations for their data. The formulated problems are studied under single-time sharing and repeated sharing scenarios. Different Nash equilibria for the proposed game and the optimal solution of the contract-based problem are analytically derived for both scenarios. Simulation results show that the organizations can optimally select their anonymization levels, while the data collector can benefit from incentivizing the organizations to share their data.