Differentially Private User Data Perturbation with Multi-level Privacy Controls

Service providers typically collect user data for profiling users in order to provide high-quality services, yet this brings up user privacy concerns. One hand, service providers oftentimes need to analyze multiple user data attributes that usually have different privacy concern levels. On the other hand, users often pose different trusts towards different service providers based on their reputation. However, it is unrealistic to repeatedly ask users to specify privacy levels for each data attribute towards each service provider. To solve this problem, we develop the first lightweight and provably framework that not only guarantees differential privacy on both service provider and different data attributes but also allows configurable utility functions based on service needs. Using various large-scale real-world datasets, our solution helps to significantly improve the utility up to 5 times with negligible computational overhead, especially towards numerous low reputed service providers in practice.

[1]  Cynthia Dwork,et al.  Differential Privacy: A Survey of Results , 2008, TAMC.

[2]  Cynthia Dwork,et al.  Calibrating Noise to Sensitivity in Private Data Analysis , 2006, TCC.

[3]  Pieter H. Hartel,et al.  Privacy in Recommender Systems , 2013, Social Media Retrieval.

[4]  James J. Lu,et al.  LinkIT: privacy preserving record linkage and integration via transformations , 2013, SIGMOD '13.

[5]  Cynthia Dwork,et al.  Privacy, accuracy, and consistency too: a holistic solution to contingency table release , 2007, PODS.

[6]  Ninghui Li,et al.  PriView: practical differentially private release of marginal contingency tables , 2014, SIGMOD Conference.

[7]  Frederik Armknecht,et al.  An efficient distributed privacy-preserving recommendation system , 2011, 2011 The 10th IFIP Annual Mediterranean Ad Hoc Networking Workshop.

[8]  Yin Yang,et al.  Differentially Private Histogram Publication , 2012, ICDE.

[9]  Nimrod Megiddo,et al.  Linear Programming in Linear Time When the Dimension Is Fixed , 1984, JACM.

[10]  Nina Mishra,et al.  Releasing search queries and clicks privately , 2009, WWW '09.

[11]  John F. Canny,et al.  Collaborative filtering with privacy , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[12]  Hongxia Jin,et al.  Privacy-Preserving Personalized Recommendation: An Instance-Based Approach via Differential Privacy , 2014, 2014 IEEE International Conference on Data Mining.

[13]  Cynthia Dwork,et al.  Differential privacy and robust statistics , 2009, STOC '09.

[14]  Andrew McGregor,et al.  Optimizing linear counting queries under differential privacy , 2009, PODS.

[15]  Yang Wang,et al.  What matters to users?: factors that affect users' willingness to share information with online advertisers , 2013, SOUPS.

[16]  Elaine Shi,et al.  Differentially Private Continual Monitoring of Heavy Hitters from Distributed Streams , 2012, Privacy Enhancing Technologies.

[17]  Stratis Ioannidis,et al.  Privacy-preserving matrix factorization , 2013, CCS.

[18]  Anand Rajaraman,et al.  Mining of Massive Datasets , 2011 .

[19]  Jianliang Xu,et al.  Towards Accurate Histogram Publication under Differential Privacy , 2014, SDM.

[20]  Hongxia Jin,et al.  Privacy Concerns in Online Recommender Systems: Influences of Control and User Data Input , 2014, SOUPS.

[21]  Kunal Talwar,et al.  On the geometry of differential privacy , 2009, STOC '10.

[22]  Aaron Roth,et al.  Privately releasing conjunctions and the statistical query barrier , 2010, STOC '11.

[23]  Katrina Ligett,et al.  A Simple and Practical Algorithm for Differentially Private Data Release , 2010, NIPS.

[24]  Alessandro Acquisti,et al.  The Effect of Online Privacy Information on Purchasing Behavior: An Experimental Study , 2011, WEIS.

[25]  Wenliang Du,et al.  Privacy-preserving collaborative filtering using randomized perturbation techniques , 2003, Third IEEE International Conference on Data Mining.