Anonymized Local Privacy

In 2003 Dinur and Nissim showed an impossibility result for privacy that if the amount of noise is o( √ n), then privacy is impossible to achieve (where the output space is binary “Yes” or “No”). Ω( √ n) noise must be added to have at least weak notions of privacy. However, the question has remained open as to whether O(n) noise is able to preserve accuracy in elementary private data operations such as aggregation and averaging in addition to protecting privacy both before and after data aggregation. In this paper, we introduce the family of Anonymized Local Privacy mechanisms. These mechanisms have an output space of three values “Yes”, “No”, or “⊥” (not participating) and leverage the law of large numbers to generate linear noise in the number of data owners to protect privacy both before and after aggregation yet preserve accuracy. In addition, Anonymized Local Privacy satisfies the Haystack Privacy mechanism whereby each data owner blends with, and is indistinguishable from, at least c crowds, where each crowd is composed of at least k indistinguishable data owners, essentially “hiding in a haystack”. We show the optimal mechanism which satisfies Anonymized Local Privacy. We describe the suitability in a distributed ondemand network and show that we preserve accuracy, even when the number of data owners to protect is less than 0.002% of the total population.