research-article

Redrawing the boundaries on purchasing data from privacy-sensitive individuals

Authors:
Kobbi Nissim

Ben-Gurion University, Be'er Sheva, Israel & Harvard University, Cambridge, MA, USA

Ben-Gurion University, Be'er Sheva, Israel & Harvard University, Cambridge, MA, USA
View Profile

,
Salil Vadhan

Harvard University, Cambridge, MA, USA

Harvard University, Cambridge, MA, USA
View Profile

,
David Xiao

LIAFA and Université Paris 7, Paris, France

LIAFA and Université Paris 7, Paris, France
View Profile

ITCS '14: Proceedings of the 5th conference on Innovations in theoretical computer scienceJanuary 2014Pages 411–422https://doi.org/10.1145/2554797.2554835

Published:12 January 2014Publication History

ITCS '14: Proceedings of the 5th conference on Innovations in theoretical computer science

Pages 411–422

ABSTRACT

We prove new positive and negative results concerning the existence of truthful and individually rational mechanisms for purchasing private data from individuals with unbounded and sensitive privacy preferences. We strengthen the impossibility results of Ghosh and Roth (EC 2011) by extending it to a much wider class of privacy valuations. In particular, these include privacy valuations that are based on (ε δ)-differentially private mechanisms for non-zero δ, ones where the privacy costs are measured in a per-database manner (rather than taking the worst case), and ones that do not depend on the payments made to players (which might not be observable to an adversary).

To bypass this impossibility result, we study a natural special setting where individuals have monotonic privacy valuations, which captures common contexts where certain values for private data are expected to lead to higher valuations for privacy (e. g. having a particular disease). We give new mechanisms that are individually rational for all players with monotonic privacy valuations, truthful for all players whose privacy valuations are not too large, and accurate if there are not too many players with too-large privacy valuations. We also prove matching lower bounds showing that in some respects our mechanism cannot be improved significantly.

References

A. Beimel, K. Nissim, and U. Stemmer. Private Learning and Sanitization: Pure vs. Approximate Differential Privacy. In Proceedings of the 17th International Workshop on Randomization and Computation (RANDOM '13), Lecture Notes in Computer Science, pages 363--378. Springer-Verlag, 21-23 August 2013.Google ScholarCross Ref
Y. Chen, S. Chong, I. A. Kash, T. Moran, and S. Vadhan. Truthful mechanisms for agents that value privacy. In Proceedings of the fourteenth ACM conference on Electronic commerce, EC '13, pages 215--232, New York, NY, USA, 2013. ACM. Google ScholarDigital Library
Y. Chen, S. Chong, I. A. Kash, T. Moran, and S. P. Vadhan. Truthful Mechanisms for Agents that Value Privacy. CoRR, abs/1111.5472, 2011.Google Scholar
A. De. Lower bounds in differential privacy. In Theory of cryptography conference (TCC '12), volume 7194 of Lecture Notes in Comput. Sci., pages 321--338. Springer, Heidelberg, 2012. Google ScholarDigital Library
C. Dwork. Differential privacy. In In Proc. ICALP, pages 1--12. Springer, 2006. Google ScholarDigital Library
C. Dwork and J. Lei. Differential privacy and robust statistics In STOC'09 - Proceedings of the 2009 ACM International Symposium on Theory of Computing, pages 371--380. ACM, New York, 2009. Google ScholarDigital Library
C. Dwork, F. Mcsherry, K. Nissim, and A. Smith. Calibrating noise to sensitivity in private data analysis. In In Proc. of the 3rd TCC, pages 265--284. Springer, 2006. Google ScholarDigital Library
C. Dwork, G. Rothblum, and S. Vadhan. Boosting and Differential Privacy. In Proceedings of the 51st Annual IEEE Symposium on Foundations of Computer Science (FOCS '10), pages 51--60. IEEE, 23-26 October 2010. Google ScholarDigital Library
L. K. Fleischer and Y.-H. Lyu. Approximately optimal auctions for selling privacy when costs are correlated with data. In Proceedings of the 13th ACM Conference on Electronic Commerce, EC '12, pages 568--585, New York, NY, USA, 2012. ACM. Google ScholarDigital Library
A. Ghosh and A. Roth. Selling privacy at auction. In Proc. 12th EC, EC '11, pages 199--208, New York, NY, USA, 2011. ACM. Google ScholarDigital Library
M. Hardt and K. Talwar. On the geometry of differential privacy. In STOC'10 - Proceedings of the 2010 ACM International Symposium on Theory of Computing, pages 705--714. ACM, New York, 2010. Google ScholarDigital Library
Z. Huang and S. Kannan. The Exponential Mechanism for Social Welfare: Private, Truthful, and Nearly Optimal. In Proc. FOCS '12, pages 140--149, 2012. Google ScholarDigital Library
M. Kearns, M. M. Pai, A. Roth, and J. Ullman. Mechanism Design in Large Games: Incentives and Privacy. In Proc. ITCS 2013, 2013. Available at http://arxiv.org/abs/1207.4084. Google ScholarDigital Library
K. Ligett and A. Roth. Take it or Leave it: Running a Survey when Privacy Comes at a Cost. In Proceedings of the 8th Workshop on Internet and Network Economics, pages 378--391. Springer, 2012. Google ScholarDigital Library
F. McSherry and K. Talwar. Mechanism design via differential privacy. In Proceedings of the 48th Annual Symposium on Foundations of Computer Science. Citeseer, 2007. Google ScholarDigital Library
K. Nissim, C. Orlandi, and R. Smorodinsky. Privacy-aware mechanism design. In Proceedings of the 13th ACM Conference on Electronic Commerce, EC '12, pages 774--789, New York, NY, USA, 2012. ACM. Google ScholarDigital Library
K. Nissim, R. Smorodinsky, and M. Tennenholtz. Approximately optimal mechanism design via differential privacy. In Proceedings of the 3rd Innovations in Theoretical Computer Science Conference, ITCS '12, pages 203--213, New York, NY, USA, 2012. ACM. Google ScholarDigital Library
M. M. Pai and A. Roth. Privacy and mechanism design. SIGecom Exch., 12(1):8--29, June 2013. Google ScholarDigital Library
A. Roth. Buying private data at auction: the sensitive surveyor's problem. SIGecom Exch., 11(1):1--8, June 2012. Google ScholarDigital Library
A. Roth and G. Schoenebeck. Conducting truthful surveys, cheaply. In Proceedings of the 13th ACM Conference on Electronic Commerce, EC '12, pages 826--843, New York, NY, USA, 2012. ACM. Google ScholarDigital Library
D. Xiao. Is privacy compatible with truthfulness? Technical Report 2011/005, Cryptology ePrint Archive, 2011.Google Scholar
D. Xiao. Is privacy compatible with truthfulness? In In Proc. ITCS 2013, pages 67--86, 2013. Google ScholarDigital Library

Index Terms

Redrawing the boundaries on purchasing data from privacy-sensitive individuals

Recommendations

Approximately optimal auctions for selling privacy when costs are correlated with data
EC '12: Proceedings of the 13th ACM Conference on Electronic Commerce

We consider a scenario in which a database stores sensitive data of users and an analyst wants to estimate statistics of the data. The users may suffer a cost when their data are used in which case they should be compensated. The analyst wishes to get ...
Read More
Selling privacy at auction
EC '11: Proceedings of the 12th ACM conference on Electronic commerce

We initiate the study of markets for private data, through the lens of differential privacy. Although the purchase and sale of private data has already begun on a large scale, a theory of privacy as a commodity is missing. In this paper, we propose to ...
Read More
The Value of Privacy: Strategic Data Subjects, Incentive Mechanisms and Fundamental Limits
Performance evaluation review

We study the value of data privacy in a game-theoretic model of trading private data, where a data collector purchases private data from strategic data subjects (individuals) through an incentive mechanism. The private data of each individual represents ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
ITCS '14: Proceedings of the 5th conference on Innovations in theoretical computer science
January 2014
566 pages
ISBN:9781450326988
DOI:10.1145/2554797
Program Chair:
Moni Naor
Weizmann Institute of Science
Copyright © 2014 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 12 January 2014
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
differential privacy
mechanism design
Qualifiers
- research-article
Conference

Acceptance Rates
ITCS '14 Paper Acceptance Rate48of116submissions,41%Overall Acceptance Rate172of513submissions,34%
More
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 46
  Total Citations
  View Citations
- 194
  Total Downloads
- Downloads (Last 12 months)15
- Downloads (Last 6 weeks)2
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Redrawing the boundaries on purchasing data from privacy-sensitive individuals

ITCS '14: Proceedings of the 5th conference on Innovations in theoretical computer science

ABSTRACT

References

Cited By

Index Terms

Recommendations

Approximately optimal auctions for selling privacy when costs are correlated with data

Selling privacy at auction

The Value of Privacy: Strategic Data Subjects, Incentive Mechanisms and Fundamental Limits