Multiple Sensitive Values-Oriented Personalized Privacy Preservation Based on Randomized Response

Abstract

In the case where the private data is not equally important, personalized local privacy preservation based on randomized response (RR) is studied in the collection of sensitive data. So far, the existing RR mechanisms for multiple discrete private sources, which are termed as conventional randomized response (CRR) mechanisms, focus on a universal approach that exerts the same amount of privacy preservation for all sensitive values, without catering for their concrete privacy requirements. An immediate consequence is that they may be offering insufficient protection to a subset of data contributors with relatively higher privacy requirements, while applying excessive privacy control to another subset with relatively lower privacy requirements. Motivated by this, a novel perturbation framework, which is termed as personalized randomized response (PRR) mechanism, is proposed to achieve personalized privacy preservation (Personalized-PP) by designing the statistical privatization mechanism for multiple sensitive values. The proposed PRR technique introduces the weights for different sensitive values according to their sensitivity, and then introduces the weights into the decision of PRR by considering the concrete requirements for privacy, and thus, attains a higher data utility with respect to the quality of statistics while guaranteeing Personalized-PP. The estimate error of the private distribution is used to measure the quality of statistics for the two RR mechanisms. Theoretical study shows that the estimate error of PRR mechanism is smaller than that of the CRR mechanism for a certain same subjective privacy leakage degree. In particular, simulation results reveal the circumstances where CRR mechanism fails to provide Personalized-PP, and then establish the superiority of PRR mechanism.