876 research outputs found
Buying Private Data without Verification
We consider the problem of designing a survey to aggregate non-verifiable
information from a privacy-sensitive population: an analyst wants to compute
some aggregate statistic from the private bits held by each member of a
population, but cannot verify the correctness of the bits reported by
participants in his survey. Individuals in the population are strategic agents
with a cost for privacy, \ie, they not only account for the payments they
expect to receive from the mechanism, but also their privacy costs from any
information revealed about them by the mechanism's outcome---the computed
statistic as well as the payments---to determine their utilities. How can the
analyst design payments to obtain an accurate estimate of the population
statistic when individuals strategically decide both whether to participate and
whether to truthfully report their sensitive information?
We design a differentially private peer-prediction mechanism that supports
accurate estimation of the population statistic as a Bayes-Nash equilibrium in
settings where agents have explicit preferences for privacy. The mechanism
requires knowledge of the marginal prior distribution on bits , but does
not need full knowledge of the marginal distribution on the costs ,
instead requiring only an approximate upper bound. Our mechanism guarantees
-differential privacy to each agent against any adversary who can
observe the statistical estimate output by the mechanism, as well as the
payments made to the other agents . Finally, we show that with
slightly more structured assumptions on the privacy cost functions of each
agent, the cost of running the survey goes to as the number of agents
diverges.Comment: Appears in EC 201
A Theory of Pricing Private Data
Personal data has value to both its owner and to institutions who would like
to analyze it. Privacy mechanisms protect the owner's data while releasing to
analysts noisy versions of aggregate query results. But such strict protections
of individual's data have not yet found wide use in practice. Instead, Internet
companies, for example, commonly provide free services in return for valuable
sensitive information from users, which they exploit and sometimes sell to
third parties.
As the awareness of the value of the personal data increases, so has the
drive to compensate the end user for her private information. The idea of
monetizing private data can improve over the narrower view of hiding private
data, since it empowers individuals to control their data through financial
means.
In this paper we propose a theoretical framework for assigning prices to
noisy query answers, as a function of their accuracy, and for dividing the
price amongst data owners who deserve compensation for their loss of privacy.
Our framework adopts and extends key principles from both differential privacy
and query pricing in data markets. We identify essential properties of the
price function and micro-payments, and characterize valid solutions.Comment: 25 pages, 2 figures. Best Paper Award, to appear in the 16th
International Conference on Database Theory (ICDT), 201
Welfare Polls: A Synthesis
Welfare polls are survey instruments that seek to quantify the determinants of human well-being. Currently, three welfare polling formats are dominant: contingent valuation (CV) surveys, quality-adjusted life year (QALY) surveys, and happiness surveys. Each format has generated a large, specialized, scholarly literature, but no comprehensive discussion of welfare polling as a general enterprise exists.This Article seeks to fill that gap.
Part I describes the trio of existing formats. Part II discusses the current and potential uses of welfare polls in governmental decisionmaking. Part III analyzes in detail the obstacles that welfare polls must overcome to provide useful well-being information, and concludes that they can be genuinely informative. Part IV synthesizes the case for welfare polls, arguing against two types of challenges: the revealed-preference tradition in economics, which insists on using behavior rather than surveys to learn about well-being; and the civic republican tradition in political theory, which accepts surveys but insists that respondents should be asked to take a citizen rather than consumer perspective. Part V suggests new directions for welfare polls
A Game-Theoretic Study on Non-Monetary Incentives in Data Analytics Projects with Privacy Implications
The amount of personal information contributed by individuals to digital
repositories such as social network sites has grown substantially. The
existence of this data offers unprecedented opportunities for data analytics
research in various domains of societal importance including medicine and
public policy. The results of these analyses can be considered a public good
which benefits data contributors as well as individuals who are not making
their data available. At the same time, the release of personal information
carries perceived and actual privacy risks to the contributors. Our research
addresses this problem area. In our work, we study a game-theoretic model in
which individuals take control over participation in data analytics projects in
two ways: 1) individuals can contribute data at a self-chosen level of
precision, and 2) individuals can decide whether they want to contribute at all
(or not). From the analyst's perspective, we investigate to which degree the
research analyst has flexibility to set requirements for data precision, so
that individuals are still willing to contribute to the project, and the
quality of the estimation improves. We study this tradeoff scenario for
populations of homogeneous and heterogeneous individuals, and determine Nash
equilibria that reflect the optimal level of participation and precision of
contributions. We further prove that the analyst can substantially increase the
accuracy of the analysis by imposing a lower bound on the precision of the data
that users can reveal
- β¦