Matching Anonymized and Obfuscated Time Series to Users' Profiles

Many popular applications use traces of user data to offer various services to their users, example applications include driver-assistance systems and smart home services. However, revealing user information to such applications puts users' privacy at stake, as adversaries can infer sensitive private information about the users such as their behaviors, interests, and locations. Recent research shows that adversaries can compromise users' privacy when they use such applications even when the traces of users' information are protected by mechanisms like anonymization and obfuscation. In this work, we derive the theoretical bounds on the privacy of users of these applications when standard protection mechanisms are deployed. We build on our recent study in the area of location privacy, in which we introduced formal notions of location privacy for anonymization-based location privacy-protection mechanisms. More specifically, we derive the fundamental limits of user privacy when both anonymization and obfuscation-based protection mechanisms are applied to users' time series of data. We investigate the impact of such mechanisms on the tradeoff between privacy protection and user utility. In particular, we study achievability results for the case where the time-series of users are governed by an i.i.d. process. The converse results are proved both for the i.i.d. case as well as the more general Markov Chain model. We demonstrate that as the number of users in the network grows, the obfuscation-anonymization plane can be divided into two regions: in the first region, all users have perfect privacy, and, in the second region, no user has privacy.