Mechanism Design in Large Games: Incentives and Privacy

Kearns, Michael; Pai, Mallesh M.; Roth, Aaron; Ullman, Jonathan

doi:10.1257/aer.104.5.431

Cited by 83 publications

(171 citation statements)

References 29 publications

Supporting

Mentioning

167

Contrasting

Order By: Relevance

“…that represents the expenditure by the advertiser required to generate a contact of intensity x . The complete-information profits from generating a contact of 12 Kearns et al (2014) study the design of mechanisms that satisfy the computer science criterion of differential privacy (Dwork 2006)-put simply, the notion of being able to distinguish one agent (a consumer) from another in a dataset of consumer characteristics with only a low probability. They show that mechanisms can be designed to satisfy a variant of this criterion when there are large numbers of agents, and any agent's action affects another agent's payoff by at most a small amount.…”

Section: Data Intermediariesmentioning

confidence: 99%

The Economics of Privacy

Acquisti

Taylor²,

Wagman³

2016

Journal of Economic Literature

871

406

View full text Add to dashboard Cite

Section: Data Intermediariesmentioning

confidence: 99%

The Economics of Privacy

Acquisti

Taylor²,

Wagman³

2016

Journal of Economic Literature

871

406

View full text Add to dashboard Cite

“…We expect that this will be a useful point of view for other problems. In this direction, it is known how to privately compute equilibria in certain types of multi-player games [KPRU12]. Is there a useful way to use this multi-player generalization when solving problems in private data release, and what does it mean for privacy?…”

Section: Resultsmentioning

confidence: 99%

Differential privacy for the analyst via private equilibrium computation

Hsu

Roth

Ullman

2013

Proceedings of the Forty-Fifth Annual ACM Symposium on Theory of Computing

Self Cite

View full text Add to dashboard Cite

We give new mechanisms for answering exponentially many queries from multiple analysts on a private database, while protecting differential privacy both for the individuals in the database and for the analysts. That is, our mechanism's answer to each query is nearly insensitive to changes in the queries asked by other analysts. Our mechanism is the first to offer differential privacy on the joint distribution over analysts' answers, providing privacy for data analysts even if the other data analysts collude or register multiple accounts. In some settings, we are able to achieve nearly optimal error rates (even compared to mechanisms which do not offer analyst privacy), and we are able to extend our techniques to handle non-linear queries. Our analysis is based on a novel view of the private query-release problem as a two-player zero-sum game, which may be of independent interest.

show abstract

“…Our definition can be seen as an instantiation of this general framework. This is in contrast to other kinds of relaxations of differential privacy, which relax the worst-case assumptions on the prior beliefs of an attacker as in Bassily et al (12), or the worstcase collusion assumptions on collections of data analysts as in Kearns et al (13). Several works have also proposed assigning different differential privacy parameters to different individuals (see, e.g., ref.…”

Section: Significancementioning

confidence: 99%

Private algorithms for the protected in social network search

Kearns

Roth

et al. 2016

Proc. Natl. Acad. Sci. U.S.A.

Self Cite

View full text Add to dashboard Cite

Motivated by tensions between data privacy for individual citizens and societal priorities such as counterterrorism and the containment of infectious disease, we introduce a computational model that distinguishes between parties for whom privacy is explicitly protected, and those for whom it is not (the targeted subpopulation). The goal is the development of algorithms that can effectively identify and take action upon members of the targeted subpopulation in a way that minimally compromises the privacy of the protected, while simultaneously limiting the expense of distinguishing members of the two groups via costly mechanisms such as surveillance, background checks, or medical testing. Within this framework, we provide provably privacy-preserving algorithms for targeted search in social networks. These algorithms are natural variants of common graph search methods, and ensure privacy for the protected by the careful injection of noise in the prioritization of potential targets. We validate the utility of our algorithms with extensive computational experiments on two large-scale social network datasets.data privacy | social networks | counterterrorism T he tension between the useful or essential gathering and analysis of data about citizens and the privacy rights of those citizens is at an historical peak. Perhaps the most striking and controversial recent example is the revelation that US intelligence agencies systemically engage in "bulk collection" of civilian "metadata" detailing telephonic and other types of communication and activities, with the alleged purpose of monitoring and thwarting terrorist activity (1). Other compelling examples abound, including in medicine (patient privacy vs. preventing epidemics), marketing (consumer privacy vs. targeted advertising), and many other domains.Debates about (and models for) data privacy often have an "all or nothing" flavor: privacy guarantees are either provided to every member of a population, or else privacy is deemed to be a failure. This dichotomy is only appropriate if all members of the population have an equal right to, or demand for, privacy. Few would argue that actual terrorists should have such rights, which leads to difficult questions about the balance between protecting the rights of ordinary citizens, and using all available means to prevent terrorism. [A recent National Academies study (2) reached the conclusion that there are not (yet) technological alternatives to bulk collection and analysis of civilian metadata, in the sense that such data are essential in current counterterrorism practices.] A major question is whether and when individual privacy should be sacrificed in service of such societal priorities. Similarly, in the medical domain, epidemics (such as the recent international outbreak of Ebola; ref.3) have raised serious debate about the clear public interest in controlling contagion versus the privacy rights of the infected and those that care for them.The model and results in this paper represent a step toward explicit acknowledgmen...

show abstract

Mechanism Design in Large Games: Incentives and Privacy

Cited by 83 publications

References 29 publications

The Economics of Privacy

The Economics of Privacy

Differential privacy for the analyst via private equilibrium computation

Private algorithms for the protected in social network search

Contact Info

Product

Resources

About