Elements of information theory
Elements of information theory
Privacy preserving auctions and mechanism design
Proceedings of the 1st ACM conference on Electronic commerce
Towards a general theory of non-cooperative computation
Proceedings of the 9th conference on Theoretical aspects of rationality and knowledge
Non-cooperative computation: boolean functions with correctness and exclusivity
Theoretical Computer Science - Game theory meets theoretical computer science
Mechanism Design via Differential Privacy
FOCS '07 Proceedings of the 48th Annual IEEE Symposium on Foundations of Computer Science
Privacy-Enhancing Auctions Using Rational Cryptography
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Boosting and Differential Privacy
FOCS '10 Proceedings of the 2010 IEEE 51st Annual Symposium on Foundations of Computer Science
Proceedings of the 12th ACM conference on Electronic commerce
Individual rationality and participation in large scale, multi-hospital kidney exchange
Proceedings of the 12th ACM conference on Electronic commerce
Approximately optimal mechanism design via differential privacy
Proceedings of the 3rd Innovations in Theoretical Computer Science Conference
Calibrating noise to sensitivity in private data analysis
TCC'06 Proceedings of the Third conference on Theory of Cryptography
Buying private data at auction: the sensitive surveyor's problem
ACM SIGecom Exchanges
Is privacy compatible with truthfulness?
Proceedings of the 4th conference on Innovations in Theoretical Computer Science
Bayesian mechanism design with efficiency, privacy, and approximate truthfulness
WINE'12 Proceedings of the 8th international conference on Internet and Network Economics
Take it or leave it: running a survey when privacy comes at a cost
WINE'12 Proceedings of the 8th international conference on Internet and Network Economics
A theory of pricing private data
Proceedings of the 16th International Conference on Database Theory
Truthful mechanisms for agents that value privacy
Proceedings of the fourteenth ACM conference on Electronic commerce
Privacy and coordination: computing on databases with endogenous participation
Proceedings of the fourteenth ACM conference on Electronic commerce
ACM SIGecom Exchanges
Mechanism design in large games: incentives and privacy
Proceedings of the 5th conference on Innovations in theoretical computer science
Redrawing the boundaries on purchasing data from privacy-sensitive individuals
Proceedings of the 5th conference on Innovations in theoretical computer science
| Hi-index | 0.00 |
Mechanism design deals with distributed algorithms that are executed with self-interested agents. The designer, whose objective is to optimize some function of the agents private types, needs to construct a computation that takes into account agent incentives which are not necessarily in alignment with the objective of the mechanism. Traditionally, mechanisms are designed for agents who only care about the utility they derive from the mechanism outcome, which often fully or partially discloses their (declared) types. Such mechanisms may become inadequate when agents are privacy-aware, i.e., when their loss of privacy adversely affects their utility. In such cases ignoring privacy-awareness in the design of a mechanism may render it not incentive compatible, and hence inefficient. Interestingly, and somewhat counter-intuitively, Xiao [eprint 2011] has recently showed that this can happen even when the mechanism preserves a strong notion of privacy. Towards constructing mechanisms for privacy-aware agents, we put forward and justify a model of privacy-aware mechanism design. We then show that privacy-aware mechanisms are feasible. The following is a summary of our contributions: Modeling privacy-aware agents: We propose a new model of privacy-aware agents where agents need only have a conservative upper bound on how loss of privacy adversely affects their utility. This is in deviation from prior modeling which required full characterization. Privacy of the privacy loss valuations: Agent privacy valuations are often sensitive on their own. Our model of privacy-aware mechanisms takes into account the loss of utility due to information leaked about these valuations. Guarantees for agents with high privacy valuations: As it is impossible to guarantee incentive compatibility for agents that have arbitrarily high privacy valuations, we require a privacy-aware mechanism to set a threshold such that the mechanism is incentive compatible w.r.t. agents whose privacy valuations are below the threshold, and differential privacy is guaranteed for all other agents. Constructing privacy-aware mechanisms: We first construct a privacy-aware mechanism for a simple polling problem, and then give a more general result, based on recent generic construction of approximately additive mechanisms by Nissim, Smorodinsky, and Tennenholtz [ITCS 2012]. We show that under a mild assumption on the distribution of privacy valuations (namely, that valuations are bounded for all but a vanishing fraction of the population) these constructions are incentive compatible w.r.t. almost all agents, and hence give an approximation of the optimum. Finally, we show how to apply our generic construction to get a mechanism for privacy-aware selling of digital goods.