PriPeARL: A Framework for Privacy-Preserving Analytics and Reporting at LinkedIn
This work addresses privacy-preserving analytics for web-scale applications like LinkedIn, with production deployment, but is incremental as it builds on existing differential privacy concepts.
The authors tackled the problem of computing robust analytics while preserving user privacy, presenting PriPeARL, a framework inspired by differential privacy, and demonstrated its tradeoffs and applicability in real-world ads analytics at LinkedIn.
Preserving privacy of users is a key requirement of web-scale analytics and reporting applications, and has witnessed a renewed focus in light of recent data breaches and new regulations such as GDPR. We focus on the problem of computing robust, reliable analytics in a privacy-preserving manner, while satisfying product requirements. We present PriPeARL, a framework for privacy-preserving analytics and reporting, inspired by differential privacy. We describe the overall design and architecture, and the key modeling components, focusing on the unique challenges associated with privacy, coverage, utility, and consistency. We perform an experimental study in the context of ads analytics and reporting at LinkedIn, thereby demonstrating the tradeoffs between privacy and utility needs, and the applicability of privacy-preserving mechanisms to real-world data. We also highlight the lessons learned from the production deployment of our system at LinkedIn.