Private and Continual Release of Statistics

We ask the question: how can Web sites and data aggregators continually release updated statistics, and meanwhile preserve each individual user’s privacy? Suppose we are given a stream of 0’s and 1’s. We propose a differentially private continual counter that outputs at every time step the approximate number of 1’s seen thus far. Our counter construction has error that is only poly-log in the number of time steps. We can extend the basic counter construction to allow Web sites to continually give top-k and hot items suggestions while preserving users’ privacy.

[1]  Vitaly Shmatikov,et al.  "You Might Also Like:" Privacy Risks of Collaborative Filtering , 2011, 2011 IEEE Symposium on Security and Privacy.

[2]  Cynthia Dwork,et al.  Calibrating Noise to Sensitivity in Private Data Analysis , 2006, TCC.

[3]  Erik D. Demaine,et al.  Frequency Estimation of Internet Packet Streams with Limited Space , 2002, ESA.

[4]  S L Warner,et al.  Randomized response: a survey technique for eliminating evasive answer bias. , 1965, Journal of the American Statistical Association.

[5]  Ravi Sandhu,et al.  ACM Transactions on Information and System Security: Editorial , 2005 .

[6]  Cynthia Dwork,et al.  The Differential Privacy Frontier (Extended Abstract) , 2009, TCC.

[7]  Cynthia Dwork,et al.  Differential privacy in new settings , 2010, SODA '10.

[8]  Cynthia Dwork,et al.  New Efficient Attacks on Statistical Disclosure Control Mechanisms , 2008, CRYPTO.

[9]  Dan Suciu,et al.  Boosting the accuracy of differentially private histograms through consistency , 2009, Proc. VLDB Endow..

[10]  Rajeev Motwani,et al.  Approximate Frequency Counts over Data Streams , 2012, VLDB.

[11]  Cynthia Dwork,et al.  Differential Privacy , 2006, ICALP.

[12]  Irit Dinur,et al.  Revealing information while preserving privacy , 2003, PODS.

[13]  Andrew McGregor,et al.  Optimizing linear counting queries under differential privacy , 2009, PODS.

[14]  Johannes Gehrke,et al.  Differential privacy via wavelet transforms , 2009, 2010 IEEE 26th International Conference on Data Engineering (ICDE 2010).

[15]  Vitaly Shmatikov,et al.  Robust De-anonymization of Large Sparse Datasets , 2008, 2008 IEEE Symposium on Security and Privacy (sp 2008).

[16]  Moni Naor,et al.  Pan-Private Streaming Algorithms , 2010, ICS.

[17]  Divyakant Agrawal,et al.  Efficient Computation of Frequent and Top-k Elements in Data Streams , 2005, ICDT.

[18]  Cynthia Dwork The Differential Privacy Frontier , 2009 .

[19]  Moni Naor,et al.  Differential privacy under continual observation , 2010, STOC '10.

[20]  Nina Mishra,et al.  Releasing search queries and clicks privately , 2009, WWW '09.

[21]  Ravi Kumar,et al.  Vanity fair: privacy in querylog bundles , 2008, CIKM '08.

[22]  Ilya Mironov,et al.  Differentially private recommender systems: building privacy into the net , 2009, KDD.

[23]  Elaine Shi,et al.  Private and Continual Release of Statistics , 2010, ICALP.

[24]  Cynthia Dwork,et al.  Differential Privacy: A Survey of Results , 2008, TAMC.

[25]  W. Wilbur,et al.  Isotonic Regression under Lipschitz Constraint , 2009, Journal of optimization theory and applications.