English

Measuring Re-identification Risk

Cryptography and Security 2023-08-01 v2 Machine Learning

Abstract

Compact user representations (such as embeddings) form the backbone of personalization services. In this work, we present a new theoretical framework to measure re-identification risk in such user representations. Our framework, based on hypothesis testing, formally bounds the probability that an attacker may be able to obtain the identity of a user from their representation. As an application, we show how our framework is general enough to model important real-world applications such as the Chrome's Topics API for interest-based advertising. We complement our theoretical bounds by showing provably good attack algorithms for re-identification that we use to estimate the re-identification risk in the Topics API. We believe this work provides a rigorous and interpretable notion of re-identification risk and a framework to measure it that can be used to inform real-world applications.

Keywords

Cite

@article{arxiv.2304.07210,
  title  = {Measuring Re-identification Risk},
  author = {CJ Carey and Travis Dick and Alessandro Epasto and Adel Javanmard and Josh Karlin and Shankar Kumar and Andres Munoz Medina and Vahab Mirrokni and Gabriel Henrique Nunes and Sergei Vassilvitskii and Peilin Zhong},
  journal= {arXiv preprint arXiv:2304.07210},
  year   = {2023}
}
R2 v1 2026-06-28T10:06:12.979Z