We consider a platform's problem of collecting data from privacy sensitive users to estimate an underlying parameter of interest. We formulate this question as a Bayesian-optimal mechanism design problem, in which an individual can share her (verifiable) data in exchange for a monetary reward or services, but at the same time has a (private) heterogeneous privacy cost which we quantify using differential privacy. We consider two popular differential privacy settings for providing privacy guarantees for the users: central and local. In both settings, we establish minimax lower bounds for the estimation error and derive (near) optimal estimators for given heterogeneous privacy loss levels for users. Building on this characterization, we pose the mechanism design problem as the optimal selection of an estimator and payments that will elicit truthful reporting of users' privacy sensitivities. Under a regularity condition on the distribution of privacy sensitivities we develop efficient algorithmic mechanisms to solve this problem in both privacy settings. Our mechanism in the central setting can be implemented in time $\mathcal{O}(n \log n)$ where $n$ is the number of users and our mechanism in the local setting admits a Polynomial Time Approximation Scheme (PTAS).
翻译:我们考虑一个平台问题,即从隐私敏感用户收集数据,以估计基本利益参数。我们把这一问题当作一个贝耶斯-最佳机制设计问题,在其中,个人可以分享(可核实的)数据,以换取金钱奖励或服务,但同时又有(私人的)多种隐私成本,我们使用不同的隐私进行量化。我们考虑两种为用户提供隐私保障的流行差异隐私环境:中央和当地。在这两种环境中,我们为估计错误建立小目标下限,并为用户获得(近距离)最佳估计标准。在这种特征的基础上,我们提出机制设计问题,作为最佳选择一个估计数据和付款,以获取用户隐私敏感度的真实报告。在分配隐私敏感度的常规条件下,我们开发了高效的算法机制,以便在两种隐私环境中解决这一问题。我们在中央环境中的机制可以在时间安装 $\mathcal{O}(n\log n),其中用户人数和我们在本地设置中的机制是美元。(ASMYA) AStiro Astrimation。