Gradually Releasing Private Data under Differential Privacy

Aggregating individuals’ data and computing statistics over a population are key ingredients to enable the Internet of Things [1]. Constructing traffic maps from individuals’ GPS traces [2] and performing demand response in smart grids [3], [4] are two examples that involve such data aggregation. Using these statistics, individuals can perform their activities more efficiently; they may choose to avoid heavily congested routes or charge their electric vehicle during non-peak hours. However, accessing private data for the purpose of performing data aggregation has raised serious privacy concerns. An adversary can potentially extract information about individuals’ data from aggregate statistics, especially when side information is available [5]. The framework of differential privacy was developed in order to mitigate these concerns and provide strong privacy guarantees [6], [7]. Given a desired privacy level, a noisy version of the aggregated value is publicly released to prevent an adversary from confidently extracting information about the private data. For a fixed privacy level, [8] provides tools to build a private mechanism that approximates the desired aggregate quantity. Using these tools as primitives, applications of privacy-aware data aggregation have emerged [9], [10]. In these applications, the privacy level, parametrized by the constant ∈ [0,∞), is assumed to be constant; parameter is a designer’s choice and is set to a fixed value throughout the life of the aggregation system. Lower values of the parameter correspond to stronger privacy guarantees. Therefore, the value = 0 translates to total privacy and the value = ∞ means no privacy. Forever fixing the privacy level is a severe limitation. In practice, a varying privacy level can be useful as motivated by the following examples. For instance, limited techniques exist for choosing a reasonable privacy budget . For small values of , substantial amounts of noise are injected and the performance of the resulting privacy-aware mechanism ∗This work was supported in part by the TerraSwarm Research Center, one of six centers supported by the STARnet phase of the Focus Center Research Program (FCRP) a Semiconductor Research Corporation program sponsored by MARCO and DARPA.