Context-aware Data Aggregation with Localized Information Privacy
This work addresses privacy-preserving data aggregation for users by proposing a novel, context-aware privacy model that improves utility over incremental refinements of existing approaches.
The paper introduces localized information privacy (LIP), a new privacy definition that incorporates context-awareness via priors to enable statistical aggregation without a trusted third party, achieving better utility-privacy tradeoffs than existing methods like LDP, with significant advantages when priors are non-uniform.
In this paper, localized information privacy (LIP) is proposed, as a new privacy definition, which allows statistical aggregation while protecting users' privacy without relying on a trusted third party. The notion of context-awareness is incorporated in LIP by the introduction of priors, which enables the design of privacy-preserving data aggregation with knowledge of priors. We show that LIP relaxes the Localized Differential Privacy (LDP) notion by explicitly modeling the adversary's knowledge. However, it is stricter than $2ε$-LDP and $ε$-mutual information privacy. The incorporation of local priors allows LIP to achieve higher utility compared to other approaches. We then present an optimization framework for privacy-preserving data aggregation, with the goal of minimizing the expected squared error while satisfying the LIP privacy constraints. Utility-privacy tradeoffs are obtained under several models in closed-form. We then validate our analysis by {numerical analysis} using both synthetic and real-world data. Results show that our LIP mechanism provides better utility-privacy tradeoffs than LDP and when the prior is not uniformly distributed, the advantage of LIP is even more significant.