Buying private data without verification

We consider the problem of designing a survey to aggregate non-verifiable information from a privacy-sensitive population: an analyst wants to compute some aggregate statistic from the private bits held by each member of a population, but cannot verify the correctness of the bits reported by participants in his survey. Individuals in the population are strategic agents with a cost for privacy, ie, they not only account for the payments they expect to receive from the mechanism, but also their privacy costs from any information revealed about them by the mechanism's outcome---the computed statistic as well as the payments---to determine their utilities. How can the analyst design payments to obtain an accurate estimate of the population statistic when individuals strategically decide both whether to participate and whether to truthfully report their sensitive information' We design a differentially private peer-prediction mechanism [Miller et al. 2005] that supports accurate estimation of the population statistic as a Bayes-Nash equilibrium in settings where agents have explicit preferences for privacy. The mechanism requires knowledge of the marginal prior distribution on bits bi, but does not need full knowledge of the marginal distribution on the costs ci, instead requiring only an approximate upper bound. Our mechanism guarantees ε-differential privacy to each agent i against any adversary who can observe the statistical estimate output by the mechanism, as well as the payments made to the n-1 other agents j ≠ i. Finally, we show that with slightly more structured assumptions on the privacy cost functions of each agent [Chen et al. 2013], the cost of running the survey goes to 0 as the number of agents diverges.

[1]  David C. Parkes,et al.  Peer prediction without a common prior , 2012, EC '12.

[2]  Aaron Roth,et al.  Take It or Leave It: Running a Survey When Privacy Comes at a Cost , 2012, WINE.

[3]  Kobbi Nissim,et al.  Redrawing the boundaries on purchasing data from privacy-sensitive individuals , 2014, ITCS.

[4]  Aaron Roth,et al.  Privacy and mechanism design , 2013, SECO.

[5]  G. Brier VERIFICATION OF FORECASTS EXPRESSED IN TERMS OF PROBABILITY , 1950 .

[6]  Nicholas R. Jennings,et al.  Mechanism design for the truthful elicitation of costly probabilistic estimates in distributed information systems , 2011, Artif. Intell..

[7]  Boi Faltings,et al.  Incentives for expressing opinions in online polls , 2008, EC '08.

[8]  Aaron Roth,et al.  Asymptotically truthful equilibrium selection in large congestion games , 2013, EC.

[9]  David M. Pennock,et al.  Collective revelation: a mechanism for self-verified, weighted, and truthful predictions , 2009, EC '09.

[10]  Boi Faltings,et al.  Mechanisms for Making Crowds Truthful , 2014, J. Artif. Intell. Res..

[11]  Cynthia Dwork,et al.  Calibrating Noise to Sensitivity in Private Data Analysis , 2006, TCC.

[12]  David C. Parkes,et al.  A Robust Bayesian Truth Serum for Small Populations , 2012, AAAI.

[13]  Paul Resnick,et al.  Eliciting Informative Feedback: The Peer-Prediction Method , 2005, Manag. Sci..

[14]  Boi Faltings,et al.  Robust Incentive-Compatible Feedback Payments , 2006, TADA/AMEC.

[15]  Stephen Chong,et al.  Truthful mechanisms for agents that value privacy , 2011, EC.

[16]  D. Prelec A Bayesian Truth Serum for Subjective Data , 2004, Science.

[17]  Arpita Ghosh,et al.  Privacy and coordination: computing on databases with endogenous participation , 2013, EC '13.

[18]  Yu-Han Lyu,et al.  Approximately optimal auctions for selling privacy when costs are correlated with data , 2012, EC '12.

[19]  Tim Roughgarden,et al.  Private matchings and allocations , 2013, SIAM J. Comput..

[20]  Aaron Roth,et al.  Mechanism design in large games: incentives and privacy , 2012, ITCS.

[21]  Boi Faltings,et al.  Minimum payments that reward honest reputation feedback , 2006, EC '06.

[22]  Aaron Roth,et al.  Selling privacy at auction , 2010, EC '11.

[23]  Yoav Shoham,et al.  Truthful Surveys , 2008, WINE.

[24]  Aaron Roth,et al.  Conducting truthful surveys, cheaply , 2012, EC '12.

[25]  Kobbi Nissim,et al.  Privacy-aware mechanism design , 2011, EC '12.