Abstract
Randomized response (RR) is a common privacy protection tool. It perturbs each true response using a probabilistic mechanism. Local differential privacy (LDP) is a rigorous privacy protection criterion that demands a guarantee that no intruder will get much new information about any respondent’s true value from its perturbed value. Considering linear unbiased estimation of multinomial probabilities under LDP and squared error loss, we derive minimax RR methods. We address optimal choices for both the RR mechanism (or design) and the estimator. Our minimax design has a particular structure, which is used to define t-subset designs. We describe and study properties of t-subset designs including their practical implementation. We also study mixtures of t-subset designs and examine the RAPPOR method, which is used notably by Google and Apple. We note inadmissibility of the RAPPOR design and offer some suggestions for improving both the design and the customary estimator.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
