A new Framework for Measuring Re-Identification Risk

CJ Carey; Travis Dick; Alessandro Epasto; Adel Javanmard; Josh Karlin; Shankar Kumar; Andres Munoz medina; Vahab Mirrokni; Gabriel Nunes; Sergei Vassilvitskii; Peilin Zhong

A new Framework for Measuring Re-Identification Risk

CJ Carey, Travis Dick, Alessandro Epasto, Adel Javanmard, Josh Karlin, Shankar Kumar, Andres Munoz medina, Vahab Mirrokni, Gabriel Nunes, Sergei Vassilvitskii, Peilin Zhong

Published: 27 Oct 2023, Last Modified: 12 Dec 2023RegML 2023EveryoneRevisionsBibTeX

Keywords: re-identification risk, cross-site tracking, privacy

TL;DR: We introduce a new theoretical and empirical framework for measuring re-identification risk with applications to understanding cross-site tracking on the web.

Abstract: Compact user representations (such as embeddings) form the backbone of personalization services. In this work, we present a new theoretical framework to measure re-identification risk in such user representations. Our framework, based on hypothesis testing, formally bounds the probability that an attacker may be able to obtain the identity of a user from their representation. As an application, we show how our framework is general enough to model important real-world applications such as the Chrome's Topics API for interest-based advertising. We complement our theoretical bounds by showing provably good attack algorithms for re-identification that we use to estimate the re-identification risk in the Topics API. We believe this work provides a rigorous and interpretable notion of re-identification risk and a framework to measure it that can be used to inform real-world applications.

Submission Number: 28

Loading