research-article

Real-world trajectory sharing with local differential privacy

Authors:

Teddy Cunningham,

Graham Cormode,

Hakan Ferhatosmanoglu, and

Divesh SrivastavaAuthors Info & Claims

Proceedings of the VLDB Endowment, Volume 14, Issue 11

Pages 2283 - 2295

https://doi.org/10.14778/3476249.3476280

Published: 01 July 2021 Publication History

Abstract

Sharing trajectories is beneficial for many real-world applications, such as managing disease spread through contact tracing and tailoring public services to a population's travel patterns. However, public concern over privacy and data protection has limited the extent to which this data is shared. Local differential privacy enables data sharing in which users share a perturbed version of their data, but existing mechanisms fail to incorporate user-independent public knowledge (e.g., business locations and opening times, public transport schedules, geo-located tweets). This limitation makes mechanisms too restrictive, gives unrealistic outputs, and ultimately leads to low practical utility. To address these concerns, we propose a local differentially private mechanism that is based on perturbing hierarchically-structured, overlapping n-grams (i.e., contiguous subsequences of length n) of trajectory data. Our mechanism uses a multi-dimensional hierarchy over publicly available external knowledge of real-world places of interest to improve the realism and utility of the perturbed, shared trajectories. Importantly, including real-world public data does not negatively affect privacy or efficiency. Our experiments, using real-world data and a range of queries, each with real-world application analogues, demonstrate the superiority of our approach over a range of alternative methods.

References

[1]

Jayadev Acharya, Keith Bonawitz, Peter Kairouz, Daniel Ramage, and Ziteng Sun. 2019. Context-Aware Local Differential Privacy. arXiv:1911.00038

[2]

Gergely Acs and Claude Castelluccia. 2014. A Case Study: Privacy Preserving Release of Spatio-Temporal Density in Paris. In ACM SIGKDD International Conference on Knowledge Discovery and Data Mining. 1679--1688.

Digital Library

[3]

Mario Alvim, Konstantinos Chatzikokolakis, Catuscia Palamidessi, and Anna Pazii. 2018. Invited Paper: Local Differential Privacy on Metric Spaces: Optimizing the Trade-Off with Utility. In IEEE Computer Security Foundations Symposium. 262--267.

[4]

Miguel E. Andrés, Nicolás E. Bordenabe, Konstantinos Chatzikokolakis, and Catuscia Palamidessi. 2013. Geo-indistinguishability: differential privacy for location-based systems. In ACM SIGSAC Conference on Computer and Communications Security. ACM, 901--914.

Digital Library

[5]

Raef Bassily, Kobbi Nissim, Uri Stemmer, and Abhradeep Thakurta. 2017. Practical Locally Private Heavy Hitters. In International Conference on Neural Information Processing Systems. 2285--2293. https://papers.nips.cc/paper/2017/file/3d779cae2d46cf6a8a99a35ba4167977-Paper.pdf

Digital Library

[6]

Luca Bonomi and Li Xiong. 2013. A Two-Phase Algorithm for Mining Sequential Patterns with Differential Privacy. In ACM International Conference on Information Knowledge Management. 269--278.

Digital Library

[7]

US Census Bureau. 2020. North American Industry Classification System. Retrieved May 12, 2021 from https://www.census.gov/naics/

[8]

Yang Cao, Masatoshi Yoshikawa, Yonghui Xiao, and Li Xiong. 2017. Quantifying Differential Privacy under Temporal Correlations. In IEEE International Conference on Data Engineering. 821--832.

[9]

Konstantinos Chatzikokolakis, Miguel E. Andrés, Nicolás Emilio Bordenabe, and Catuscia Palamidessi. 2013. Broadening the Scope of Differential Privacy Using Metrics. In Privacy Enhancing Technologies. 82--102.

[10]

Rui Chen, Gergely Acs, and Claude Castelluccia. 2012. Differentially Private Sequential Data Publication via Variable-Length n-Grams. In ACM SIGSAC Conference on Computer and Communications Security. 638--649.

Digital Library

[11]

Rui Chen, Haoran Li, A. K. Qin, Shiva Prasad Kasiviswanathan, and Hongxia Jin. 2016. Private spatial data aggregation in the local setting. In IEEE International Conference on Data Engineering. 289--300.

[12]

Michael B. Cohen, Yin Tat Lee, and Zhao Song. 2018. Solving Linear Programs in the Current Matrix Multiplication Time. (2018). arXiv:1810.07896 http://arxiv.org/abs/1810.07896

Digital Library

[13]

Graham Cormode, Somesh Jha, Tejas Kulkarni, Ninghui Li, Divesh Srivastava, and Tianhao Wang. 2018. Privacy at Scale: Local Differential Privacy in Practice. In ACM SIGMOD International Conference on Management of Data. 1655--1658.

Digital Library

[14]

Teddy Cunningham, Graham Cormode, and Hakan Ferhatosmanoglu. 2021. Privacy-Preserving Synthetic Location Data in the Real World. In International Symposium on Spatial and Temporal Databases.

Digital Library

[15]

Damien Desfontaines, Esfandiar Mohammadi, Elisabeth Krahmer, and David Basin. 2020. Differential privacy with partial knowledge. (2020). arXiv:1905.00650

[16]

Foursquare Developers. 2020. Venue Categories. Retrieved May 24, 2021 from https://developer.foursquare.com/docs/build-with-foursquare/categories/

[17]

Apple Differential Privacy Team. 2017. Learning with Privacy at Scale. https://machinelearning.apple.com/research/learning-with-privacy-at-scale

[18]

Bolin Ding, Janardhan Kulkarni, and Sergey Yekhanin. 2017. Collecting Telemetry Data Privately. In International Conference on Neural Information Processing Systems. 3574--3583. https://papers.nips.cc/paper/2017/file/253614bbac999b38b5b60cae531c4969-Paper.pdf

Digital Library

[19]

John C. Duchi, Michael I. Jordan, and Martin J. Wainwright. 2013. Local Privacy and Statistical Minimax Rates. In IEEE Symposium on Foundations of Computer Science. 429--438.

Digital Library

[20]

Cynthia Dwork. 2006. Differential Privacy. In Automata, Languages and Programming. Springer Berlin Heidelberg, Berlin, Heidelberg, 1--12.

Digital Library

[21]

Cynthia Dwork, Moni Naor, Toniann Pitassi, and Guy N. Rothblum. 2010. Differential Privacy under Continual Observation. In ACM Symposium on Theory of Computing. 715--724.

Digital Library

[22]

Cynthia Dwork and Aaron Roth. 2014. The Algorithmic Foundations of Differential Privacy. Found. Trends Theor. Comput. Sci. 9, 3--4 (2014), 211--407.

Digital Library

[23]

Úlfar Erlingsson, Vasyl Pihur, and Aleksandra Korolova. 2014. RAPPOR: Randomized Aggregatable Privacy-Preserving Ordinal Response. In ACM SIGSAC Conference on Computer and Communications Security. 1054--1067.

Digital Library

[24]

Fatima Zahra Errounda and Yan Liu. 2020. An Analysis of Differential Privacy Research in Location and Trajectory Data. (2020). https://assets.researchsquare.com/files/rs-94765/v1_stamped.pdf

[25]

Xiaolan Gu, Ming Li, Yang Cao, and Li Xiong. 2019. Supporting Both Range Queries and Frequency Estimation with Local Differential Privacy. In IEEE Conference on Communications and Network Security. 124--132.

[26]

Xiaolan Gu, Ming Li, Li Xiong, and Yang Cao. 2020. Providing Input-Discriminative Protection for Local Differential Privacy. In IEEE International Conference on Data Engineering. 505--516.

[27]

Mehmet Emre Gursoy, Ling Liu, Stacey Truex, and Lei Yu. 2019. Differentially Private and Utility Preserving Publication of Trajectory Data. IEEE Transactions on Mobile Computing 18, 10 (2019), 2315--2329.

[28]

Mehmet Emre Gursoy, Vivekanand Rajasekar, and Ling Liu. 2020. Utility-Optimized Synthesis of Differentially Private Location Traces. (2020). arXiv:2009.06505

[29]

Xi He, Graham Cormode, Ashwin Machanavajjhala, Cecilia M Procopiuc, and Divesh Srivastava. 2015. DPT: differentially private trajectory synthesis using hierarchical reference systems. PVLDB 8, 11 (2015), 1154--1165.

Digital Library

[30]

Bo Jiang, Ming Li, and Ravi Tandon. 2018. Context-aware Data Aggregation with Localized Information Privacy. In IEEE Conference on Communications and Network Security. 1--9.

[31]

Hongbo Jiang, Jie Li, Ping Zhao, Fanzi Zeng, Zhu Xiao, and Arun Iyengar. 2021. Location Privacy-Preserving Mechanisms in Location-Based Services: A Comprehensive Survey. ACM Comput. Surv. 54, 1, Article 4 (2021).

Digital Library

[32]

Georgios Kellaris, Stavros Papadopoulos, Xiaokui Xiao, and Dimitris Papadias. 2014. Differentially Private Event Sequences over Infinite Streams. PVLDB 7, 12 (2014), 1155--1166.

Digital Library

[33]

Daniel Kifer and Ashwin Machanavajjhala. 2012. A Rigorous and Customizable Framework for Privacy. In ACM SIGMOD-SIGACT-SIGAI Symposium on Principles of Database Systems. 77--88.

Digital Library

[34]

Eric Lantz, Kendrick Boyd, and David Page. 2015. Subsampled Exponential Mechanism: Differential Privacy in Large Output Spaces. In ACM Workshop on Artificial Intelligence and Security. 25--33.

Digital Library

[35]

Chao Li, Balaji Palanisamy, and James Joshi. 2017. Differentially Private Trajectory Analysis for Points-of-Interest Recommendation. In IEEE International Congress on Big Data. 49--56.

[36]

Ninghui Li, Wahbeh Qardaji, Dong Su, Yi Wu, and Weining Yang. 2013. Membership Privacy: A Unifying Framework for Privacy Definitions. In ACM SIGSAC Conference on Computer Communications Security. 889--900.

Digital Library

[37]

Ashwin Machanavajjhala and Xi He. 2018. Analyzing Your Location Data with Provable Privacy Guarantees. In Handbook of Mobile Data Privacy, Aris Gkoulalas-Divanis and Claudio Bettini (Eds.). Springer International Publishing, Cham, 97--127.

[38]

Ryan McKenna and Daniel R Sheldon. 2020. Permute-and-Flip: A new mechanism for differentially private selection. In Advances in Neural Information Processing Systems, Vol. 33. 193--203. https://proceedings.neurips.cc/paper/2020/file/01e00f2f4bfcbb7505cb641066f2859b-Paper.pdf

[39]

Frank McSherry and Kunal Talwar. 2007. Mechanism Design via Differential Privacy. In IEEE Symposium on Foundations of Computer Science. 94--103.

Digital Library

[40]

University of British Columbia. 2016. ubcv-buildings. Retrieved May 12, 2021 from https://github.com/UBCGeodata/ubcv-buildings

[41]

Safegraph. 2020. Safegraph Places Schema. Retrieved December 7, 2020 from https://docs.safegraph.com/v4.0/docs/places-schema

[42]

New York City Taxi and Limousine Commission. 2013. TLC Trip Record Data. Retrieved March 2, 2013 from https://www1.nyc.gov/site/tlc/about/tlc-trip-record-data.page

[43]

Jan van den Brand. 2020. A Deterministic Linear Program Solver in Current Matrix Multiplication Time. In ACM-SIAM Symposium on Discrete Algorithms. 259--278.

Digital Library

[44]

Tianhao Wang, Jeremiah Blocki, Ninghui Li, and Somesh Jha. 2017. Locally Differentially Private Protocols for Frequency Estimation. In USENIX Security Symposium. 729--745.

Digital Library

[45]

Dingqi Yang, Daqing Zhang, Vincent. W. Zheng, and Zhiyong Yu. 2015. Modeling User Activity Preference by Leveraging User Spatial Temporal Characteristics in LBSNs. IEEE Transactions on Systems, Man, and Cybernetics: Systems 45, 1 (2015), 129--142.

Cited By

Zhang YYe QChen RHu HHan Q(2023)Trajectory Data Collection with Local Differential PrivacyProceedings of the VLDB Endowment10.14778/3603581.360359716:10(2591-2604)Online publication date: 8-Aug-2023
https://dl.acm.org/doi/10.14778/3603581.3603597
Schäler CHütter TSchäler M(2023)Benchmarking the Utility of w-Event Differential Privacy Mechanisms - When Baselines Become Mighty CompetitorsProceedings of the VLDB Endowment10.14778/3594512.359451516:8(1830-1842)Online publication date: 1-Apr-2023
https://dl.acm.org/doi/10.14778/3594512.3594515
Chen LFang JYu ZTong YCao SWang LSingh ASun YAkoglu LGunopulos DYan XKumar ROzcan FYe J(2023)A Data-driven Region Generation Framework for Spatiotemporal Transportation Service ManagementProceedings of the 29th ACM SIGKDD Conference on Knowledge Discovery and Data Mining10.1145/3580305.3599760(3842-3854)Online publication date: 6-Aug-2023
https://dl.acm.org/doi/10.1145/3580305.3599760
Show More Cited By

Recommendations

Privacy Preservation for Trajectory Publication Based on Differential Privacy
With the proliferation of location-aware devices, trajectory data have been used widely in real-life applications. However, trajectory data are often associated with sensitive labels, such as users’ purchase transactions and planned activities. As such, ...
Read More
Publishing Trajectory with Differential Privacy: A Priori vs. A Posteriori Sampling Mechanisms
DEXA 2013: Proceedings of the 24th International Conference on Database and Expert Systems Applications - Volume 8055

It is now possible to collect and share trajectory data for any ship in the world by various means such as satellite and VHF systems. However, the publication of such data also creates new risks for privacy breach with consequences on the security and ...
Read More
Trajectory Data Collection with Local Differential Privacy

Trajectory data collection is a common task with many applications in our daily lives. Analyzing trajectory data enables service providers to enhance their services, which ultimately benefits users. However, directly collecting trajectory data may give ...
Read More

Comments

Information & Contributors

Information

Published In

cover image Proceedings of the VLDB Endowment

Proceedings of the VLDB Endowment Volume 14, Issue 11

July 2021

732 pages

ISSN:2150-8097

Editors:
Xin Luna Dong
Amazon
,
Felix Naumann
HPI, University of Potsdam

Issue’s Table of Contents

Publisher

VLDB Endowment

Publication History

Published: 01 July 2021

Published in PVLDB Volume 14, Issue 11

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

7
Total Citations
View Citations
134
Total Downloads

Downloads (Last 12 months)50
Downloads (Last 6 weeks)2

Other Metrics

View Author Metrics

Citations

Cited By

Zhang YYe QChen RHu HHan Q(2023)Trajectory Data Collection with Local Differential PrivacyProceedings of the VLDB Endowment10.14778/3603581.360359716:10(2591-2604)Online publication date: 8-Aug-2023
https://dl.acm.org/doi/10.14778/3603581.3603597
Schäler CHütter TSchäler M(2023)Benchmarking the Utility of w-Event Differential Privacy Mechanisms - When Baselines Become Mighty CompetitorsProceedings of the VLDB Endowment10.14778/3594512.359451516:8(1830-1842)Online publication date: 1-Apr-2023
https://dl.acm.org/doi/10.14778/3594512.3594515
Chen LFang JYu ZTong YCao SWang LSingh ASun YAkoglu LGunopulos DYan XKumar ROzcan FYe J(2023)A Data-driven Region Generation Framework for Spatiotemporal Transportation Service ManagementProceedings of the 29th ACM SIGKDD Conference on Knowledge Discovery and Data Mining10.1145/3580305.3599760(3842-3854)Online publication date: 6-Aug-2023
https://dl.acm.org/doi/10.1145/3580305.3599760
Liang YYi KMeng WJensen CCremers CKirda E(2023)Concentrated Geo-PrivacyProceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security10.1145/3576915.3623068(1934-1948)Online publication date: 15-Nov-2023
https://dl.acm.org/doi/10.1145/3576915.3623068
Guner EGursoy M(2023)Learning Markov Chain Models from Sequential Data Under Local Differential PrivacyComputer Security – ESORICS 202310.1007/978-3-031-51476-0_18(359-379)Online publication date: 25-Sep-2023
https://dl.acm.org/doi/10.1007/978-3-031-51476-0_18
Alptekin EGursoy M(2023)Building Quadtrees for Spatial Data Under Local Differential PrivacyData and Applications Security and Privacy XXXVII10.1007/978-3-031-37586-6_2(22-39)Online publication date: 19-Jul-2023
https://dl.acm.org/doi/10.1007/978-3-031-37586-6_2
Cao XCao YPappachan PNakamura AYoshikawa M(2023)Differentially Private Streaming Data Release Under Temporal Correlations via Post-processingData and Applications Security and Privacy XXXVII10.1007/978-3-031-37586-6_12(184-200)Online publication date: 19-Jul-2023
https://dl.acm.org/doi/10.1007/978-3-031-37586-6_12

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Issue’s Table of Contents