Abstract
Local Differential Privacy (LDP), where each user perturbs her data locally before sending to an untrusted party, is a new and promising privacy-preserving model. Endorsed by both academia and industry, LDP provides strong and rigorous privacy guarantee for data collection and analysis. As such, it has been recently deployed in many real products by several major software and Internet companies, including Google, Apple and Microsoft in their mainstream products such as Chrome, iOS, and Windows 10. Besides industry, it has also attracted a lot of research attention from academia. This tutorial first introduces the rationale of LDP model behind these deployed systems to collect and analyze usage data privately, then surveys the current research landscape in LDP, and finally identifies several open problems and research directions in this community.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Differential Privacy Team, Apple. Learning with privacy at scale (2017)
Abadi, M., et al.: Deep learning with differential privacy. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 308–318. ACM (2016). https://doi.org/10.1145/2976749.2978318
Bassily, R., Nissim, K., Stemmer, U., Thakurta, A.G.: Practical locally private heavy hitters. In: Advances in Neural Information Processing Systems (NIPS), pp. 2288–2296 (2017)
Bassily, R., Smith, A.: Local, private, efficient protocols for succinct histograms. In: Proceedings of the 47th Annual ACM on Symposium on Theory of Computing (STOC), pp. 127–135. ACM (2015). https://doi.org/10.1145/2746539.2746632
Bun, M., Nelson, J., Stemmer, U.: Heavy hitters and the structure of local privacy. In: Proceedings of the 35th ACM SIGMOD-SIGACT-SIGAI Symposium on Principles of Database Systems (PODS), pp. 435–447. ACM (2018). https://doi.org/10.1145/3196959.3196981
Cao, Y., Xiao, Y., Xiong, L., Bai, L.: PriSTE: from location privacy to spatiotemporal event privacy. In: IEEE 35th International Conference on Data Engineering (ICDE), pp. 1606–1609. IEEE (2019). https://doi.org/10.1109/icde.2019.00153
Chen, R., Li, H., Qin, A., Kasiviswanathan, S.P., Jin, H.: Private spatial data aggregation in the local setting. In: IEEE 32nd International Conference on Data Engineering (ICDE), pp. 289–300. IEEE (2016). https://doi.org/10.1109/icde.2016.7498248
Cormode, G., Kulkarni, T., Srivastava, D.: Marginal release under local differential privacy. In: Proceedings of the 2018 International Conference on Management of Data (SIGMOD), pp. 131–146. ACM (2018). https://doi.org/10.1145/3183713.3196906
Ding, B., Kulkarni, J., Yekhanin, S.: Collecting telemetry data privately. In: Advances in Neural Information Processing Systems (NIPS), pp. 3574–3583 (2017)
Ding, B., Nori, H., Li, P., Allen, J.: Comparing population means under local differential privacy: with significance and power. In: 32nd AAAI Conference on Artificial Intelligence (2018)
Duchi, J.C., Jordan, M.I., Wainwright, M.J.: Local privacy and statistical minimax rates. In: IEEE 54th Annual Symposium on Foundations of Computer Science (FOCS), pp. 429–438. IEEE (2013). https://doi.org/10.1109/focs.2013.53
Duchi, J.C., Jordan, M.I., Wainwright, M.J.: Minimax optimal procedures for locally private estimation. J. Am. Stat. Assoc. 113(521), 182–201 (2018). https://doi.org/10.1080/01621459.2017.1389735
Dwork, C., McSherry, F., Nissim, K., Smith, A.: Calibrating noise to sensitivity in private data analysis. In: Halevi, S., Rabin, T. (eds.) TCC 2006. LNCS, vol. 3876, pp. 265–284. Springer, Heidelberg (2006). https://doi.org/10.1007/11681878_14
Erlingsson, Ú., Pihur, V., Korolova, A.: RAPPOR: randomized aggregatable privacy-preserving ordinal response. In: Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security (CCS), pp. 1054–1067. ACM (2014). https://doi.org/10.1145/2660267.2660348
Fanti, G., Pihur, V., Erlingsson, Ú.: Building a RAPPOR with the unknown: privacy-preserving learning of associations and data dictionaries. Proc. Priv. Enhancing Technol. 2016(3), 41–61 (2016). https://doi.org/10.1515/popets-2016-0015
Hsu, J., Khanna, S., Roth, A.: Distributed private heavy hitters. In: Czumaj, A., Mehlhorn, K., Pitts, A., Wattenhofer, R. (eds.) ICALP 2012. LNCS, vol. 7391, pp. 461–472. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-31594-7_39
Kairouz, P., Oh, S., Viswanath, P.: Extremal mechanisms for local differential privacy. In: Advances in Neural Information Processing Systems (NIPS), pp. 2879–2887 (2014)
Kasiviswanathan, S.P., Lee, H.K., Nissim, K., Raskhodnikova, S., Smith, A.: What can we learn privately? SIAM J. Comput. 40(3), 793–826 (2011). https://doi.org/10.1137/090756090
Kim, J.W., Kim, D.H., Jang, B.: Application of local differential privacy to collection of indoor positioning data. IEEE Access 6, 4276–4286 (2018). https://doi.org/10.1109/access.2018.2791588
Kulkarni, T.: Answering range queries under local differential privacy. In: Proceedings of the 2019 International Conference on Management of Data, pp. 1832–1834. ACM (2019). https://doi.org/10.1145/3299869.3300102
Li, N., Qardaji, W., Su, D.: On sampling, anonymization, and differential privacy or, k-anonymization meets differential privacy. In: Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security (ASIACCS), pp. 32–33. ACM (2012). https://doi.org/10.1145/2414456.2414474
Li, N., Ye, Q.: Mobile data collection and analysis with local differential privacy. In: IEEE International Conference on Mobile Data Management (MDM). https://doi.org/10.1109/access.2018.2791588
Mishra, N., Sandler, M.: Privacy via pseudorandom sketches. In: Proceedings of the Twenty-Fifth ACM SIGMOD-SIGACT-SIGART Symposium on Principles of Database Systems (PODS), pp. 143–152. ACM (2006). https://doi.org/10.1145/1142351.1142373
Qardaji, W., Yang, W., Li, N.: PriView: practical differentially private release of marginal contingency tables. In: Proceedings of the 2014 ACM SIGMOD International Conference on Management of Data (SIGMOD), pp. 1435–1446. ACM (2014). https://doi.org/10.1145/2588555.2588575
Qin, Z., Yang, Y., Yu, T., Khalil, I., Xiao, X., Ren, K.: Heavy hitter estimation over set-valued data with local differential privacy. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (CCS), pp. 192–203. ACM (2016). https://doi.org/10.1145/2976749.2978409
Qin, Z., Yu, T., Yang, Y., Khalil, I., Xiao, X., Ren, K.: Generating synthetic decentralized social graphs with local differential privacy. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security (CCS), pp. 425–438 (2017). https://doi.org/10.1145/3133956.3134086
Rana, S., Gupta, S.K., Venkatesh, S.: Differentially private random forest with high utility. In: 2015 IEEE International Conference on Data Mining (ICDM), pp. 955–960. IEEE (2015). https://doi.org/10.1109/icdm.2015.76
Ren, X., et al.: LoPub: high-dimensional crowdsourced data publication with local differential privacy. IEEE Trans. Inf. Forensics Secur. 13(9), 2151–2166 (2018). https://doi.org/10.1109/tifs.2018.2812146
Seshadhri, C., Kolda, T.G., Pinar, A.: Community structure and scale-free collections of erdős-rényi graphs. Phys. Rev. E 85(5), 056109 (2012). https://doi.org/10.1103/physreve.85.056109
Smith, A., Thakurta, A., Upadhyay, J.: Is interaction necessary for distributed private learning? In: 2017 IEEE Symposium on Security and Privacy (SP), pp. 58–77. IEEE (2017). https://doi.org/10.1109/sp.2017.35
Stephanie, B.: Facebook Scandal a ‘Game Changer’ in Data Privacy Regulation, Bloomberg, 8 April 2018
Sun, H., et al.: Analyzing subgraph statistics from extended local views with decentralized differential privacy. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security (CCS), pp. 703–717. ACM (2019). https://doi.org/10.1145/3319535.3354253
Thakurta, A.G., et al.: Learning new words. US Patent 9,594,741, 14 March 2017
Thakurta, A.G., et al.: Emoji frequency detection and deep link frequency. US Patent 9,705,908, 11 July 2017
Wang, N., et al.: PrivTrie: effective frequent term discovery under local differential privacy. In: IEEE 34th International Conference on Data Engineering (ICDE), pp. 821–832. IEEE (2018). https://doi.org/10.1109/icde.2018.00079
Wang, N., et al.: Collecting and analyzing multidimensional data with local differential privacy. In: IEEE 35th International Conference on Data Engineering (ICDE) (2019). https://doi.org/10.1109/icde.2019.00063
Wang, T., Blocki, J., Li, N., Jha, S.: Locally differentially private protocols for frequency estimation. In: USENIX Security Symposium, pp. 729–745 (2017)
Wang, T., Li, N., Jha, S.: Locally differentially private frequent itemset mining. In: IEEE Symposium on Security and Privacy (SP), pp. 127–143. IEEE (2018). https://doi.org/10.1109/sp.2018.00035
Wang, T., et al.: Answering multi-dimensional analytical queries under local differential privacy. In: Proceedings of the 2019 International Conference on Management of Data (SIGMOD), pp. 159–176. ACM (2019). https://doi.org/10.1145/3299869.3319891
Wang, T., Li, N., Jha, S.: Locally differentially private heavy hitter identification. IEEE Trans. Dependable Secur. Comput. (TDSC) (2019). https://doi.org/10.1109/tdsc.2019.2927695
Warner, S.L.: Randomized response: a survey technique for eliminating evasive answer bias. J. Am. Stat. Assoc. 60(309), 63–69 (1965). https://doi.org/10.2307/2283137
Xu, S., Su, S., Xiong, L., Cheng, X., Xiao, K.: Differentially private frequent subgraph mining. In: IEEE 32nd International Conference on Data Engineering (ICDE), pp. 229–240. IEEE (2016). https://doi.org/10.1109/icde.2016.7498243
Yang, B., Sato, I., Nakagawa, H.: Bayesian differential privacy on correlated data. In: Proceedings of the 2015 ACM SIGMOD International Conference on Management of Data (SIGMOD), pp. 747–762. ACM (2015). https://doi.org/10.1145/2723372.2747643
Ye, Q., Hu, H., Meng, X., Zheng, H.: PrivKV: key-value data collection with local differential privacy. In: IEEE Symposium on Security and Privacy (SP), pp. 317–331. IEEE (2019). https://doi.org/10.1109/sp.2019.00018
Zhang, J., Cormode, G., Procopiuc, C.M., Srivastava, D., Xiao, X.: PrivBayes: private data release via Bayesian networks. In: Proceedings of the 2014 ACM SIGMOD International Conference on Management of Data (SIGMOD), pp. 1423–1434. ACM (2014). https://doi.org/10.1145/2588555.2588573
Zhang, Z., Wang, T., Li, N., He, S., Chen, J.: CALM: consistent adaptive local marginal for marginal release under local differential privacy. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (CCS), pp. 212–229. ACM (2018). https://doi.org/10.1145/3243734.3243742
Zheng, H., Ye, Q., Hu, H., Fang, C., Shi, J.: BDPL: a boundary differentially private layer against machine learning model extraction attacks. In: Sako, K., Schneider, S., Ryan, P.Y.A. (eds.) ESORICS 2019. LNCS, vol. 11735, pp. 66–83. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-29959-0_4
Acknowledgment
This work was supported by National Natural Science Foundation of China (Grant No: 61572413, U1636205, 91646203, 61532010, 91846204 and 61532016), the Research Grants Council, Hong Kong SAR, China (Grant No: 15238116, 15222118 and C1008-16G).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Ye, Q., Hu, H. (2020). Local Differential Privacy: Tools, Challenges, and Opportunities. In: U, L., Yang, J., Cai, Y., Karlapalem, K., Liu, A., Huang, X. (eds) Web Information Systems Engineering. WISE 2020. Communications in Computer and Information Science, vol 1155. Springer, Singapore. https://doi.org/10.1007/978-981-15-3281-8_2
Download citation
DOI: https://doi.org/10.1007/978-981-15-3281-8_2
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-3280-1
Online ISBN: 978-981-15-3281-8
eBook Packages: Computer ScienceComputer Science (R0)