Measuring re-identification risk

CJ Carey; Travis Dick; Alessandro Epasto; Adel Javanmard; Josh Karlin; Shankar Kumar; Andrés Muñoz Medina; Vahab Mirrokni; Gabriel Henrique Nunes; Sergei Vassilvitskii; Peilin Zhong

doi:10.48550/arXiv.2304.07210

Measuring re-identification risk

CJ Carey, Travis Dick, Alessandro Epasto, Adel Javanmard, Josh Karlin, Shankar Kumar, Andrés Muñoz Medina, Vahab Mirrokni, Gabriel Henrique Nunes, Sergei Vassilvitskii, Peilin Zhong

Research output: Working paper › Preprint

Abstract

Compact user representations (such as embeddings) form the backbone of personalization services. In this work, we present a new theoretical framework to measure re-identification risk in such user representations. Our framework, based on hypothesis testing, formally bounds the probability that an attacker may be able to obtain the identity of a user from their representation. As an application, we show how our framework is general enough to model important real-world applications such as the Chrome's Topics API for interest-based advertising. We complement our theoretical bounds by showing provably good attack algorithms for re-identification that we use to estimate the re-identification risk in the Topics API. We believe this work provides a rigorous and interpretable notion of re-identification risk and a framework to measure it that can be used to inform real-world applications.

Original language	English
Pages	1-26
Number of pages	26
DOIs	https://doi.org/10.48550/arXiv.2304.07210
Publication status	Submitted - 12 Apr 2023
Externally published	Yes

Publication series

Name	arXiv

Access to Document

10.48550/arXiv.2304.07210Licence: CC BY

1 Conference paper

Measuring re-identification risk
Carey, CJ., Dick, T., Epasto, A., Javanmard, A., Karlin, J., Kumar, S., Medina, A. M., Mirrokni, V., Nunes, G. H., Vassilvitskii, S. & Zhong, P., Jun 2023, In: Proceedings of the ACM on Management of Data. 1, 2, p. 1-26 26 p., 149.
Research output: Contribution to journal › Conference paper › peer-review

Open Access
File
70 Downloads (Pure)

Cite this

@techreport{f8d2287e86884def929cb8d41d2eb66f,

title = "Measuring re-identification risk",

abstract = "Compact user representations (such as embeddings) form the backbone of personalization services. In this work, we present a new theoretical framework to measure re-identification risk in such user representations. Our framework, based on hypothesis testing, formally bounds the probability that an attacker may be able to obtain the identity of a user from their representation. As an application, we show how our framework is general enough to model important real-world applications such as the Chrome's Topics API for interest-based advertising. We complement our theoretical bounds by showing provably good attack algorithms for re-identification that we use to estimate the re-identification risk in the Topics API. We believe this work provides a rigorous and interpretable notion of re-identification risk and a framework to measure it that can be used to inform real-world applications.",

author = "CJ Carey and Travis Dick and Alessandro Epasto and Adel Javanmard and Josh Karlin and Shankar Kumar and Medina, {Andr{\'e}s Mu{\~n}oz} and Vahab Mirrokni and Nunes, {Gabriel Henrique} and Sergei Vassilvitskii and Peilin Zhong",

year = "2023",

month = apr,

day = "12",

doi = "10.48550/arXiv.2304.07210",

language = "English",

series = "arXiv",

pages = "1--26",

type = "WorkingPaper",

}

TY - UNPB

T1 - Measuring re-identification risk

AU - Carey, CJ

AU - Dick, Travis

AU - Epasto, Alessandro

AU - Javanmard, Adel

AU - Karlin, Josh

AU - Kumar, Shankar

AU - Medina, Andrés Muñoz

AU - Mirrokni, Vahab

AU - Nunes, Gabriel Henrique

AU - Vassilvitskii, Sergei

AU - Zhong, Peilin

PY - 2023/4/12

Y1 - 2023/4/12

N2 - Compact user representations (such as embeddings) form the backbone of personalization services. In this work, we present a new theoretical framework to measure re-identification risk in such user representations. Our framework, based on hypothesis testing, formally bounds the probability that an attacker may be able to obtain the identity of a user from their representation. As an application, we show how our framework is general enough to model important real-world applications such as the Chrome's Topics API for interest-based advertising. We complement our theoretical bounds by showing provably good attack algorithms for re-identification that we use to estimate the re-identification risk in the Topics API. We believe this work provides a rigorous and interpretable notion of re-identification risk and a framework to measure it that can be used to inform real-world applications.

AB - Compact user representations (such as embeddings) form the backbone of personalization services. In this work, we present a new theoretical framework to measure re-identification risk in such user representations. Our framework, based on hypothesis testing, formally bounds the probability that an attacker may be able to obtain the identity of a user from their representation. As an application, we show how our framework is general enough to model important real-world applications such as the Chrome's Topics API for interest-based advertising. We complement our theoretical bounds by showing provably good attack algorithms for re-identification that we use to estimate the re-identification risk in the Topics API. We believe this work provides a rigorous and interpretable notion of re-identification risk and a framework to measure it that can be used to inform real-world applications.

U2 - 10.48550/arXiv.2304.07210

DO - 10.48550/arXiv.2304.07210

M3 - Preprint

T3 - arXiv

SP - 1

EP - 26

BT - Measuring re-identification risk

ER -

Measuring re-identification risk

Abstract

Publication series

Access to Document

Fingerprint

Research output

Measuring re-identification risk

Cite this