On the Differential Private Data Market: Endogenous Evolution, Dynamic Pricing, and Incentive Compatibility

Privacy is essential in data trading markets. This work uses a mechanism design approach to study the data buyer's optimal data market model with differential privacy. Motivated by the discovery of individuals' dual motives for privacy protection, we consider that each data owner privately possesses an intrinsic motive and an instrumental motive. We study optimal market design in a dynamic environment by determining the privacy assignment rule that specifies the privacy protection at each data usage and the payment rules to compensate for the privacy loss when the owners' instrumental motive is endogenously dynamic due to the buyer's dynamic activities. Due to the privacy-utility tradeoff of differential privacy, privacy loss is inevitable when data is traded with privacy protection. To mitigate the risk of uncertainties, we allow the owners to leave the market using optimal stopping time if the accumulated privacy loss is beyond their privacy budgets that depend on their intrinsic motives. In order to influence the data owners' stopping decisions, the data buyer uses a stopping payment rule that is independent of the data owners' preferences and specifies a monetary transfer to a data owner only at the period when he decides to stop at the end of that period. We introduce the notion of dynamic incentive compatibility to capture the joint deviations from optimal stopping and truthful reporting. Under a monotonicity assumption about the dynamics, the optimal stopping rule can be formulated as a threshold-based rule. A design principle is provided by a sufficient condition of dynamic incentive compatibility. We relax the buyer's optimal market design by characterizing the monetary transfer rules in terms of privacy assignment rules and the threshold functions. To address the analytical intractability, we provide a sufficient condition for a relaxed dynamic incentive-compatible model.