search

w3c / tpac2024-breakouts

Repository set up to collect and organize breakout session proposals for TPAC 2024
3 stars 0 forks source link

An Individual Differential Privacy Framework for Rigorous and High-Utility Privacy Accounting in Web Measurement #95

Open roxanageambasu opened 1 month ago

roxanageambasu commented 1 month ago

Session description

@bmcase and I, along with several differential privacy researchers, have developed a compelling privacy framework where each device tracks and controls the privacy loss incurred by the user’s participation in various measurements, such as advertising, engagement, or mobility analytics. Currently, these measurements require collecting sensitive user activity traces (e.g., visited sites, purchases), which raises privacy concerns. Our framework proposes a privacy-preserving alternative: the device tracks activity locally and generates encrypted reports, which can be aggregated by a trusted execution engine (TEE) or secure multi-party computation system.

We formalize our framework using individual differential privacy, allowing each device to account for and constrain their own user’s privacy loss toward each measurement party. This approach offers significant privacy-utility benefits over traditional models and improves transparency by letting users monitor their privacy on each device. However, it also introduces potential biases in measurement results, which we are working to address, but for whose design we require the community’s input.

At the breakout, we thus plan to:

  1. Present our privacy framework, which we developed initially for advertising measurement use cases.
  2. Seek community feedback on applying the framework to other domains, as we believe our framework is much more general.
  3. Discuss strategies to mitigate bias introduced by individual privacy tracking.

An academic paper describing our privacy framework can be found here.

Session goal

To present our individual differential privacy framework for web measurements, gather community feedback on extending its application beyond advertising, and explore strategies for addressing challenges like bias in measurement results.

Additional session chairs (Optional)

@bmcase

Who can attend

Anyone may attend (Default)

IRC channel (Optional)

differential-privacy

Other sessions where we should avoid scheduling conflicts (Optional)

No response

Instructions for meeting planners (Optional)

No response

Agenda for the meeting.

Outline:

Links to calendar

Meeting materials

tpac-breakout-bot commented 1 month ago

Thank you for proposing a session!

You may update the session description as needed and at any time before the meeting, but please keep in mind that tooling relies on issue formatting: follow the instructions and leave all headings and other formatting intact in particular. Bots and W3C meeting organizers may also update the description, to fix formatting issues or add links and other relevant information. Please do not revert these changes. Feel free to use comments to raise questions.

Do not expect formal approval; W3C meeting organizers endeavor to schedule all proposed sessions that are in scope for a breakout. Actual scheduling should take place shortly before the meeting.