Optimal Privacy-Aware Stochastic Sampling

TL;DR

This paper introduces an optimal stochastic sampling framework that balances data utility and privacy by controlling information leakage through a dynamic, optimization-based approach, especially effective for linear Gaussian processes.

Contribution

It formulates a novel privacy-aware sampling optimization problem, derives optimal policies for general processes, and provides analytical solutions and algorithms for linear Gaussian cases.

Findings

Optimal deterministic reconstruction policy derived for general processes.

Analytical expressions for linear Gaussian processes using conditional means and covariances.

Numerical algorithms demonstrate improved privacy and utility tradeoffs.

Abstract

This paper presents a stochastic sampling framework for privacy-aware data sharing, where a sensor observes a process correlated with private information. A sampler determines whether to retain or discard sensor observations, balancing the tradeoff between data utility and privacy. Retained samples are shared with an adversary who may attempt to infer the private process, with privacy leakage quantified using mutual information. The sampler design is formulated as an optimization problem with two objectives: $\left(\romannumeral1\right)$ minimizing the reconstruction error of the observed process using the sampler's output, $\left(\romannumeral2\right)$ reducing the privacy leakages. For a general class of processes, we show that the optimal reconstruction policy is deterministic and derive the optimality conditions for the sampling policy using a dynamic decomposition method, which enables the sampler to control the adversary's belief about private inputs. For linear Gaussian processes, we propose a simplified design by restricting the sampling policy to a specific collection, providing analytical expressions for the reconstruction error, belief state, and sampling objectives based on conditional means and covariances. Additionally, we develop a numerical optimization algorithm to optimize the sampling and reconstruction policies, wherein the policy gradient theorem for the optimal sampling design is derived based on the implicit function theorem. Simulations demonstrate the effectiveness of the proposed method in achieving accurate state reconstruction, privacy protection, and data size reduction.