243,065 research outputs found
A Theory of Pricing Private Data
Personal data has value to both its owner and to institutions who would like
to analyze it. Privacy mechanisms protect the owner's data while releasing to
analysts noisy versions of aggregate query results. But such strict protections
of individual's data have not yet found wide use in practice. Instead, Internet
companies, for example, commonly provide free services in return for valuable
sensitive information from users, which they exploit and sometimes sell to
third parties.
As the awareness of the value of the personal data increases, so has the
drive to compensate the end user for her private information. The idea of
monetizing private data can improve over the narrower view of hiding private
data, since it empowers individuals to control their data through financial
means.
In this paper we propose a theoretical framework for assigning prices to
noisy query answers, as a function of their accuracy, and for dividing the
price amongst data owners who deserve compensation for their loss of privacy.
Our framework adopts and extends key principles from both differential privacy
and query pricing in data markets. We identify essential properties of the
price function and micro-payments, and characterize valid solutions.Comment: 25 pages, 2 figures. Best Paper Award, to appear in the 16th
International Conference on Database Theory (ICDT), 201
How to Balance Privacy and Money through Pricing Mechanism in Personal Data Market
A personal data market is a platform including three participants: data
owners (individuals), data buyers and market maker. Data owners who provide
personal data are compensated according to their privacy loss. Data buyers can
submit a query and pay for the result according to their desired accuracy.
Market maker coordinates between data owner and buyer. This framework has been
previously studied based on differential privacy. However, the previous study
assumes data owners can accept any level of privacy loss and data buyers can
conduct the transaction without regard to the financial budget. In this paper,
we propose a practical personal data trading framework that is able to strike a
balance between money and privacy. In order to gain insights on user
preferences, we first conducted an online survey on human attitude to- ward
privacy and interest in personal data trading. Second, we identify the 5 key
principles of personal data market, which is important for designing a
reasonable trading frame- work and pricing mechanism. Third, we propose a
reason- able trading framework for personal data which provides an overview of
how the data is traded. Fourth, we propose a balanced pricing mechanism which
computes the query price for data buyers and compensation for data owners
(whose data are utilized) as a function of their privacy loss. The main goal is
to ensure a fair trading for both parties. Finally, we will conduct an
experiment to evaluate the output of our proposed pricing mechanism in
comparison with other previously proposed mechanism
Scalable Privacy-Preserving Data Sharing Methodology for Genome-Wide Association Studies
The protection of privacy of individual-level information in genome-wide
association study (GWAS) databases has been a major concern of researchers
following the publication of "an attack" on GWAS data by Homer et al. (2008)
Traditional statistical methods for confidentiality and privacy protection of
statistical databases do not scale well to deal with GWAS data, especially in
terms of guarantees regarding protection from linkage to external information.
The more recent concept of differential privacy, introduced by the
cryptographic community, is an approach that provides a rigorous definition of
privacy with meaningful privacy guarantees in the presence of arbitrary
external information, although the guarantees may come at a serious price in
terms of data utility. Building on such notions, Uhler et al. (2013) proposed
new methods to release aggregate GWAS data without compromising an individual's
privacy. We extend the methods developed in Uhler et al. (2013) for releasing
differentially-private -statistics by allowing for arbitrary number of
cases and controls, and for releasing differentially-private allelic test
statistics. We also provide a new interpretation by assuming the controls' data
are known, which is a realistic assumption because some GWAS use publicly
available data as controls. We assess the performance of the proposed methods
through a risk-utility analysis on a real data set consisting of DNA samples
collected by the Wellcome Trust Case Control Consortium and compare the methods
with the differentially-private release mechanism proposed by Johnson and
Shmatikov (2013).Comment: 28 pages, 2 figures, source code available upon reques
Selling Privacy at Auction
We initiate the study of markets for private data, though the lens of
differential privacy. Although the purchase and sale of private data has
already begun on a large scale, a theory of privacy as a commodity is missing.
In this paper, we propose to build such a theory. Specifically, we consider a
setting in which a data analyst wishes to buy information from a population
from which he can estimate some statistic. The analyst wishes to obtain an
accurate estimate cheaply. On the other hand, the owners of the private data
experience some cost for their loss of privacy, and must be compensated for
this loss. Agents are selfish, and wish to maximize their profit, so our goal
is to design truthful mechanisms. Our main result is that such auctions can
naturally be viewed and optimally solved as variants of multi-unit procurement
auctions. Based on this result, we derive auctions for two natural settings
which are optimal up to small constant factors:
1. In the setting in which the data analyst has a fixed accuracy goal, we
show that an application of the classic Vickrey auction achieves the analyst's
accuracy goal while minimizing his total payment.
2. In the setting in which the data analyst has a fixed budget, we give a
mechanism which maximizes the accuracy of the resulting estimate while
guaranteeing that the resulting sum payments do not exceed the analysts budget.
In both cases, our comparison class is the set of envy-free mechanisms, which
correspond to the natural class of fixed-price mechanisms in our setting.
In both of these results, we ignore the privacy cost due to possible
correlations between an individuals private data and his valuation for privacy
itself. We then show that generically, no individually rational mechanism can
compensate individuals for the privacy loss incurred due to their reported
valuations for privacy.Comment: Extended Abstract appeared in the proceedings of EC 201
- …