Rigorous and Flexible Privacy Models for Utilizing Personal Spatiotemporal Data

Personal data are the new oil. Vast amounts of spatiotemporal data generated by individuals have been collected and analyzed, such as check-in data, trajectories, web browsing data and timestamped medical records. These personal data are a valuable resource for businesses and also have the potential to provide significant social benefits through sharing and reuse. However, privacy concerns hinder the wider use of these personal data. To this end, dozens of privacy protection models have been proposed for privacy-preserving data publishing (PPDP). -differential privacy has emerged as a de facto privacy model for PPDP because of its rigorous theoretical guarantees, but it has also been criticized as impractical in many scenarios. We attempt to design rigorous and flexible privacy models that able to bridge the gap between theoretical limitations and practical needs. In this article, we first motivate the importance of rigorousness and flexibility for privacy models and then present two privacy models that extend differential privacy in a practical manner.