Differential privacy has become one of the widely used mechanisms for protecting sensitive information in databases and information systems. Although differential privacy provides a clear measure of privacy guarantee, it implicitly assumes that each individual corresponds to a single record in the result of a database query. This assumption may not hold in many database query applications. When an individual has multiple records, strict implementation of differential privacy may cause significant information loss. In this study, we extend the differential privacy principle to situations where multiple records in a database are associated with the same individual. We propose a new privacy principle that integrates differential privacy with the Pareto principle in analyzing privacy risk and data utility. When applied to the situations with multiple records per person, the proposed approach can significantly reduce the information loss in the released query results with a relatively small relaxation in the differential privacy guarantee. The effectiveness of the proposed approach is evaluated using three real-world databases.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.