The role of Signal Processing in Meeting Privacy Challenges [an overview]

International audienceWith the increasing growth and sophistication of information technology, personal information is easily accessible electronically. This flood of released personal data raises important privacy concerns. However, electronic data sources exist to be used and have tremendous value (utility) to their users and collectors, leading to a tension between privacy and utility. This article aims to quantify that tension by means of an information-theoretic framework and motivate signal processing approaches to privacy problems. The framework is applied to a number of case studies to illustrate concretely how signal processing can be harnessed to provide data privacy

Deploying and Evaluating Pufferfish Privacy for Smart Meter Data (Technical Report)

Information hiding ensures privacy by transforming personalized data so that certain sensitive information cannot be inferred any more. One state-of-the-art information-hiding approach is the Pufferfish framework. It lets the users specify their privacy requirements as so-called discriminative pairs of secrets, and it perturbs data so that an adversary does not learn about the probability distribution of such pairs. However, deploying the framework on complex data such as time series requires application specific work. This includes a general definition of the representation of secrets in the data. Another issue is that the tradeoff between Pufferfish privacy and utility of the data is largely unexplored in quantitative terms. In this study, we quantify this tradeoff for smart meter data. Such data contains fine-grained time series of power-consumption data from private households. Disseminating such data in an uncontrolled way puts privacy at risk. We investigate how time series of energy consumption data must be transformed to facilitate specifying secrets that Pufferfish can use. We ensure the generality of our study by looking at different information-extraction approaches, such as re-identification and non-intrusive-appliance-load monitoring, in combination with a comprehensive set of secrets. Additionally, we provide quantitative utility results for a real-world application, the so-called local energy market

Social Game for Building Energy Efficiency: Utility Learning, Simulation, and Analysis

We describe a social game that we designed for encouraging energy efficient behavior amongst building occupants with the aim of reducing overall energy consumption in the building. Occupants vote for their desired lighting level and win points which are used in a lottery based on how far their vote is from the maximum setting. We assume that the occupants are utility maximizers and that their utility functions capture the tradeoff between winning points and their comfort level. We model the occupants as non-cooperative agents in a continuous game and we characterize their play using the Nash equilibrium concept. Using occupant voting data, we parameterize their utility functions and use a convex optimization problem to estimate the parameters. We simulate the game defined by the estimated utility functions and show that the estimated model for occupant behavior is a good predictor of their actual behavior. In addition, we show that due to the social game, there is a significant reduction in energy consumption

Enabling Privacy in a Distributed Game-Theoretical Scheduling System for Domestic Appliances

Demand side management (DSM) makes it possible to adjust the load experienced by the power grid while reducing the consumers' bill. Game-theoretic DSM is an appealing decentralized approach for collaboratively scheduling the usage of domestic electrical appliances within a set of households while meeting the users' preferences about the usage time. The drawback of distributed DSM protocols is that they require each user to communicate his/her own energy consumption patterns, which may leak sensitive information regarding private habits. This paper proposes a distributed privacy-friendly DSM system that preserves users' privacy by integrating data aggregation and perturbation techniques: users decide their schedule according to aggregated consumption measurements perturbed by means of additive white Gaussian noise. We evaluate the noise power and the number of users required to achieve a given privacy level, quantified by means of the increase of the information entropy of the aggregated energy consumption pattern. The performance of our proposed DSM system is compared to the one of a benchmark system that does not support privacy preservation in terms of total bill, peak demand, and convergence time. Results show that privacy can be improved at the cost of increasing the peak demand and the number of game iterations, whereas the total bill is only marginally incremented