Multi-user Pufferfish Privacy

TL;DR

This paper explores how to achieve individual privacy in multi-user data aggregation using pufferfish privacy, focusing on calibrating Laplace noise to ensure indistinguishability despite user changes.

Contribution

It derives sufficient conditions for pufferfish privacy in multi-user systems using the Kantorovich method, improving data utility for Bernoulli variables.

Findings

Conditions for privacy are based on user-specific statistics.

Noise calibration ensures privacy even with user replacement.

Results applicable to adding or removing user groups.

Abstract

This paper studies how to achieve individual indistinguishability by pufferfish privacy in aggregated query to a multi-user system. It is assumed that each user reports realization of a random variable. We study how to calibrate Laplace noise, added to the query answer, to attain pufferfish privacy when user changes his/her reported data value, leaves the system and is replaced by another use with different randomness. Sufficient conditions are derived for all scenarios for attaining statistical indistinguishability on four sets of secret pairs. They are derived using the existing Kantorovich method (Wasserstain metric of order $1$). These results can be applied to attain indistinguishability when a certain class of users is added or removed from a tabular data. It is revealed that attaining indifference in individual's data is conditioned on the statistics of this user only. For binary (Bernoulli distributed) random variables, the derived sufficient conditions can be further relaxed to reduce the noise and improve data utility.