Privacy Implications of Shuffling
Abstract
\ldp deployments are vulnerable to inference attacks as an adversary can link the noisy responses to their identity and subsequently, auxiliary information using the \textit{order} of the data. An alternative model, shuffle \textsf{DP}, prevents this by shuffling the noisy responses uniformly at random. However, this limits the data learnability -- only symmetric functions (input order agnostic) can be learned. In this paper, we strike a balance and show that systematic shuffling of the noisy responses can thwart specific inference attacks while retaining some meaningful data learnability. To this end, we propose a novel privacy guarantee, \name-privacy, that captures the privacy of the order of a data sequence. \name-privacy allows tuning the granularity at which the ordinal information is maintained, which formalizes the degree the resistance to inference attacks trading it off with data learnability. Additionally, we propose a novel shuffling mechanism that can achieve \name-privacy and demonstrate the practicality of our mechanism via evaluation on real-world datasets.
Cite
Text
Meehan et al. "Privacy Implications of Shuffling." International Conference on Learning Representations, 2022.Markdown
[Meehan et al. "Privacy Implications of Shuffling." International Conference on Learning Representations, 2022.](https://mlanthology.org/iclr/2022/meehan2022iclr-privacy/)BibTeX
@inproceedings{meehan2022iclr-privacy,
title = {{Privacy Implications of Shuffling}},
author = {Meehan, Casey and Chowdhury, Amrita Roy and Chaudhuri, Kamalika and Jha, Somesh},
booktitle = {International Conference on Learning Representations},
year = {2022},
url = {https://mlanthology.org/iclr/2022/meehan2022iclr-privacy/}
}