Discounted Differential Privacy: Privacy of Evolving Datasets over an Infinite Horizon

In this paper, we define discounted differential privacy, as an alternative to (conventional) differential privacy, to investigate privacy of evolving datasets, containing time series over an unbounded horizon. Evolving datasets arise in energy systems (e.g., real-time smart meter measurements), transportation (e.g., real-time traces of individual movements), and retail industry (e.g., customer interactions and purchases from online stores). We first define privacy loss as a measure of the amount of information leaked by the reports at a certain fixed time and relate privacy loss to differential privacy. We observe that privacy losses are weighted equally across time in the definition of differential privacy, and therefore the magnitude of privacy-preserving additive noise must grow without bound to ensure differential privacy over an infinite horizon. Motivated by the discounted utility theory within the economics literature, we use exponential and hyperbolic discounting of privacy losses across time to relax the definition of differential privacy under continual observations. This implies that privacy losses in a distant past are less important than the current ones to an individual. We use discounted differential privacy to investigate privacy of evolving datasets using additive Laplace noise and show that the magnitude of the additive noise can remain bounded under discounted differential privacy. We illustrate the quality of privacy-preserving mechanisms satisfying discounted differential privacy on smart-meter measurement time-series of real households, made publicly available by the Ausgrid (an Australian electricity distribution company).

[1]  Alessandro Acquisti,et al.  Privacy Attitudes and Privacy Behavior - Losses, Gains, and Hyperbolic Discounting , 2004, Economics of Information Security.

[2]  Cynthia Dwork,et al.  Calibrating Noise to Sensitivity in Private Data Analysis , 2006, TCC.

[3]  Victor Perrier,et al.  Private Continual Release of Real-Valued Data Streams , 2018, NDSS.

[4]  V. Derlega,et al.  Privacy and self-disclosure in social relationships. , 1977 .

[5]  R. Vuchinich,et al.  Hyperbolic temporal discounting in social drinkers and problem drinkers. , 1998, Experimental and clinical psychopharmacology.

[6]  F. Ramsey,et al.  THE MATHEMATICAL THEORY OF SAVING , 1928 .

[7]  Bettina Berendt,et al.  E-privacy in 2nd generation E-commerce: privacy preferences versus actual behavior , 2001, EC '01.

[8]  Bert-Jaap Koops,et al.  Smart Metering and Privacy in Europe: Lessons from the Dutch Case , 2013, European Data Protection.

[9]  Ulrich Greveler,et al.  Multimedia Content Identification Through Smart Meter Power Usage Profiles , 2012 .

[10]  Salil P. Vadhan,et al.  The Complexity of Differential Privacy , 2017, Tutorials on the Foundations of Cryptography.

[11]  L. Green,et al.  Discounting of delayed rewards: Models of individual choice. , 1995, Journal of the experimental analysis of behavior.

[12]  G. Ainslie Specious reward: a behavioral theory of impulsiveness and impulse control. , 1975, Psychological bulletin.

[13]  Moni Naor,et al.  Differential privacy under continual observation , 2010, STOC '10.

[14]  K. Kirby,et al.  Bidding on the Future: Evidence Against Normative Discounting of Delayed Rewards , 1997 .

[15]  P. Samuelson A Note on Measurement of Utility , 1937 .

[16]  Ramnath K. Chellappa,et al.  Personalization versus Privacy: An Empirical Examination of the Online Consumer’s Dilemma , 2005, Inf. Technol. Manag..

[17]  Sousso Kelouwani,et al.  Non-intrusive load monitoring through home energy management systems: A comprehensive review , 2017 .

[18]  Lee A. Bygrave,et al.  A right to be forgotten? , 2014, Commun. ACM.

[19]  Patrick D. McDaniel,et al.  Security and Privacy Challenges in the Smart Grid , 2009, IEEE Security & Privacy.

[20]  R. Herrnstein,et al.  Preference reversal and delayed reinforcement , 1981 .

[21]  Elaine Shi,et al.  Private and Continual Release of Statistics , 2010, ICALP.

[22]  G. Ainslie,et al.  Impulse control in pigeons. , 1974, Journal of the experimental analysis of behavior.

[23]  Aaron Roth,et al.  The Algorithmic Foundations of Differential Privacy , 2014, Found. Trends Theor. Comput. Sci..

[24]  G. Berns,et al.  Intertemporal choice – toward an integrative framework , 2007, Trends in Cognitive Sciences.