A long-standing problem is that of providing statistical or aggregate data about users without leaking information about individual users. Past strongly-anonymous systems, like K-anonymity and Differential Privacy, provide poor utility. As a result, most so-called "anonymous" analtyics is done over weakly anonymized data. We are working a designing and building a system that provides strong anonymity, high utility, and easy configuration. We are testing our ideas in real settings through close cooperation with the startup Aircloak .
- Towards Statistical Queries over Distributed Private User Data
- SplitX: High-Performance Private Analytics
- Private-by-Design Advertising Meets the Real World
- Non-Tracking Web Analytics