A Stackelberg game perspective on the conflict between machine learning and data obfuscation

Jeffrey Pawlick, Quanyan Zhu

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Data is the new oil; this refrain is repeated extensively in the age of internet tracking, machine learning, and data analytics. As data collection becomes more personal and pervasive, however, public pressure is mounting for privacy protection. In this atmosphere, developers have created applications to add noise to user attributes visible to tracking algorithms. This creates a strategic interaction between trackers and users when incentives to maintain privacy and improve accuracy are misaligned. In this paper, we conceptualize this conflict through an N + 1-player, augmented Stackelberg game. First a machine learner declares a privacy protection level, and then users respond by choosing their own perturbation amounts. We use the general frameworks of differential privacy and empirical risk minimization to quantify the utility components due to privacy and accuracy, respectively. In equilibrium, each user perturbs her data independently, which leads to a high net loss in accuracy. To remedy this scenario, we show that the learner improves his utility by proactively perturbing the data himself. While other work in this area has studied privacy markets and mechanism design for truthful reporting of user information, we take a different viewpoint by considering both user and learnerperturbation.

Original languageEnglish (US)
Title of host publication8th IEEE International Workshop on Information Forensics and Security, WIFS 2016
PublisherInstitute of Electrical and Electronics Engineers Inc.
ISBN (Electronic)9781509011384
DOIs
StatePublished - Jan 18 2017
Event8th IEEE International Workshop on Information Forensics and Security, WIFS 2016 - Abu Dhabi, United Arab Emirates
Duration: Dec 4 2016Dec 7 2016

Publication series

Name8th IEEE International Workshop on Information Forensics and Security, WIFS 2016

Other

Other8th IEEE International Workshop on Information Forensics and Security, WIFS 2016
Country/TerritoryUnited Arab Emirates
CityAbu Dhabi
Period12/4/1612/7/16

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Information Systems and Management
  • Safety, Risk, Reliability and Quality
  • Law

Fingerprint

Dive into the research topics of 'A Stackelberg game perspective on the conflict between machine learning and data obfuscation'. Together they form a unique fingerprint.

Cite this