Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

An Individual Differential Privacy Framework for Rigorous and High-Utility Privacy Accounting in Web Measurement #95

Open
roxanageambasu opened this issue Sep 15, 2024 · 1 comment
Labels
session Breakout session proposal

Comments

@roxanageambasu
Copy link

roxanageambasu commented Sep 15, 2024

Session description

@bmcase and I, along with several differential privacy researchers, have developed a compelling privacy framework where each device tracks and controls the privacy loss incurred by the user’s participation in various measurements, such as advertising, engagement, or mobility analytics. Currently, these measurements require collecting sensitive user activity traces (e.g., visited sites, purchases), which raises privacy concerns. Our framework proposes a privacy-preserving alternative: the device tracks activity locally and generates encrypted reports, which can be aggregated by a trusted execution engine (TEE) or secure multi-party computation system.

We formalize our framework using individual differential privacy, allowing each device to account for and constrain their own user’s privacy loss toward each measurement party. This approach offers significant privacy-utility benefits over traditional models and improves transparency by letting users monitor their privacy on each device. However, it also introduces potential biases in measurement results, which we are working to address, but for whose design we require the community’s input.

At the breakout, we thus plan to:

  1. Present our privacy framework, which we developed initially for advertising measurement use cases.
  2. Seek community feedback on applying the framework to other domains, as we believe our framework is much more general.
  3. Discuss strategies to mitigate bias introduced by individual privacy tracking.

An academic paper describing our privacy framework can be found here.

Session goal

To present our individual differential privacy framework for web measurements, gather community feedback on extending its application beyond advertising, and explore strategies for addressing challenges like bias in measurement results.

Additional session chairs (Optional)

@bmcase

Who can attend

Anyone may attend (Default)

IRC channel (Optional)

#differential-privacy

Other sessions where we should avoid scheduling conflicts (Optional)

No response

Instructions for meeting planners (Optional)

No response

Agenda for the meeting.

Outline:

  • Background on ad measurements and emerging APIs
  • Our privacy framework: Cookie Monster
  • Discussion on broader applications and bias mitigation

Links to calendar

Meeting materials

@roxanageambasu roxanageambasu added the session Breakout session proposal label Sep 15, 2024
@tpac-breakout-bot
Copy link
Collaborator

Thank you for proposing a session!

You may update the session description as needed and at any time before the meeting, but please keep in mind that tooling relies on issue formatting: follow the instructions and leave all headings and other formatting intact in particular. Bots and W3C meeting organizers may also update the description, to fix formatting issues or add links and other relevant information. Please do not revert these changes. Feel free to use comments to raise questions.

Do not expect formal approval; W3C meeting organizers endeavor to schedule all proposed sessions that are in scope for a breakout. Actual scheduling should take place shortly before the meeting.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
session Breakout session proposal
2 participants