Utility

We analyze the re-identification risks for individual Internet users and the utility provided to advertising companies by the Topics API, i.e. learning the most popular topics and distinguishing between real and random topics. We provide theoretical results dependent only on the API parameters that can be readily applied to evaluate the privacy and utility implications of future API updates, including novel general upper-bounds that account for adversaries with access to unknown, arbitrary side information, the value of the differential privacy parameter ε, and experimental results on real-world data that validate our theoretical model.

This record provides the datasets of the paper The Privacy-Utility Trade-off in the Topics API.

This repository provides the experimental results of the paper The Privacy-Utility Trade-off in the Topics API.

We combine Kronecker products, and quantitative information flow, to give a novel formal analysis for the fine-grained verification of utility in complex privacy pipelines. The combination explains a surprising anomaly in the behaviour of utility of privacy-preserving pipelines - that sometimes a reduction in privacy results also in a decrease in utility. We demonstrate our results on a number of common privacy-preserving designs.

We combine Kronecker products, and quantitative information flow, to give a novel formal analysis for the fine-grained verification of utility in complex privacy pipelines. The combination explains a surprising anomaly in the behaviour of utility of privacy-preserving pipelines - that sometimes a reduction in privacy results also in a decrease in utility. We demonstrate our results on a number of common privacy-preserving designs.

We present a summary of the work done in the dissertation A formal quantitative study of privacy in the publication of official educational censuses in Brazil, including its contributions and impacts so far. The dissertation presents a systematic refactoring of the conventional treatment of privacy analyses, basing it on mathematical concepts from the framework of Quantitative Information Flow (QIF). We apply our approach to a very large case study: the Educational Censuses of Brazil, curated by the governmental agency INEP, which comprise over 90 attributes of approximately 50 million individuals released longitudinally every year since 2007.

In this thesis, we provide a thorough quantitative study of privacy risks in the release of the official Brazilian Educational Censuses provided annually by INEP, which is Brazil’s governmental agency responsible for the development and maintenance of educational statistics systems. More precisely, we formally analyze privacy risks in databases released as microdata, i.e. data at each individual’s record level, and protected by the technique of de-identification, i.e. the removal of direct identifying information such as the individuals’ names or personal identification numbers.

In this paper we study the relationship between privacy and accuracy in the context of correlated datasets.