Privacy by Projection: Federated Population Density Estimation by Projecting on Random Features
Authors: Zixiao Zong (University of California, Irvine), Mengwei Yang (University of California, Irvine), Justin Ley (University of California, Irvine), Athina Markopoulou (University of California, Irvine), Carter Butts (University of California, Irvine)
Volume: 2023
Issue: 1
Pages: 309–324
DOI: https://doi.org/10.56553/popets-2023-0019
Abstract: We consider the problem of population density estimation based on location data crowdsourced from mobile devices, using kernel density estimation (KDE). In a conventional, centralized setting, KDE requires mobile users to upload their location data to a server, thus raising privacy concerns. Here, we propose a Federated KDE framework for estimating the user population density, which not only keeps location data on the devices but also provides probabilistic privacy guarantees against a malicious server that tries to infer users' location. Our approach Federated random Fourier feature (RFF) KDE leverages a random feature representation of the KDE solution, in which each user's information is irreversibly projected onto a small number of spatially delocalized basis functions, making precise localization impossible while still allowing population density estimation. We evaluate our method on both synthetic and real-world datasets, and we show that it achieves a better utility (estimation performance)-vs-privacy (distance between inferred and true locations) tradeoff, compared to state-of-the-art baselines (e.g., GeoInd). We also vary the number of basis functions per user, to further improve the privacy-utility trade-off, and we provide analytical bounds on localization as a function of areal unit size and kernel bandwidth.
Keywords: Kernel Density Estimation (KDE), Privacy, Random Fourier Features, Federated Analytics, Population Modeling
Copyright in PoPETs articles are held by their authors. This article is published under a Creative Commons Attribution 4.0 license.
