TY - GEN
T1 - Frequency Estimation of Evolving Data Under Local Differential Privacy
AU - Arcolezi, Héber H.
AU - Pinzón, Carlos
AU - Palamidessi, Catuscia
AU - Gambs, Sébastien
N1 - Publisher Copyright:
© 2023 Copyright held by the owner/author(s)
PY - 2023/3/20
Y1 - 2023/3/20
N2 - Collecting and analyzing evolving longitudinal data has become a common practice. One possible approach to protect the users' privacy in this context is to use local differential privacy (LDP) protocols, which ensure the privacy protection of all users even in the case of a breach or data misuse. Existing LDP data collection protocols such as Google's RAPPOR [23] and Microsoft's dBitFlipPM [13] can have longitudinal privacy linear to the domain size k, which is excessive for large domains, such as Internet domains. To solve this issue, in this paper we introduce a new LDP data collection protocol for longitudinal frequency monitoring named LOngitudinal LOcal HAshing (LOLOHA) with formal privacy guarantees. In addition, the privacy-utility trade-off of our protocol is only linear with respect to a reduced domain size 2 ≤ g ≪ k. LOLOHA combines a domain reduction approach via local hashing with double randomization to minimize the privacy leakage incurred by data updates. As demonstrated by our theoretical analysis as well as our experimental evaluation, LOLOHA achieves a utility competitive to current state-of-the-art protocols, while substantially minimizing the longitudinal privacy budget consumption by up to k/g orders of magnitude.
AB - Collecting and analyzing evolving longitudinal data has become a common practice. One possible approach to protect the users' privacy in this context is to use local differential privacy (LDP) protocols, which ensure the privacy protection of all users even in the case of a breach or data misuse. Existing LDP data collection protocols such as Google's RAPPOR [23] and Microsoft's dBitFlipPM [13] can have longitudinal privacy linear to the domain size k, which is excessive for large domains, such as Internet domains. To solve this issue, in this paper we introduce a new LDP data collection protocol for longitudinal frequency monitoring named LOngitudinal LOcal HAshing (LOLOHA) with formal privacy guarantees. In addition, the privacy-utility trade-off of our protocol is only linear with respect to a reduced domain size 2 ≤ g ≪ k. LOLOHA combines a domain reduction approach via local hashing with double randomization to minimize the privacy leakage incurred by data updates. As demonstrated by our theoretical analysis as well as our experimental evaluation, LOLOHA achieves a utility competitive to current state-of-the-art protocols, while substantially minimizing the longitudinal privacy budget consumption by up to k/g orders of magnitude.
UR - https://www.scopus.com/pages/publications/85165108005
U2 - 10.48786/edbt.2023.44
DO - 10.48786/edbt.2023.44
M3 - Conference contribution
AN - SCOPUS:85165108005
T3 - Advances in Database Technology - EDBT
SP - 512
EP - 525
BT - Proceedings of the 26th International Conference on Extending Database Technology, EDBT 2023
PB - OpenProceedings.org
T2 - 26th International Conference on Extending Database Technology, EDBT 2023
Y2 - 28 March 2023 through 31 March 2023
ER -