Selling personal information is very different from selling physical goods, and raises novel challenges. On the sell-side of the market, individuals own their own personal data and experience costs based on the usage of their data insofar as that usage leads to future quantifiable harm. On the buy-side of the market, buyers are interested in "statistical information" about the dataset, that is, aggregate information, rather than information derived from a single individual. Differential privacy1 provides a means to quantify the harm that can come to individual data owners as the result of the use of their data. This ability to quantify harm allows for data owners to be compensated for the risk they incur. Past work studying markets for private data focused on the simple case in which the buyer is interested in only the answer to a single linear function of the data,2,3,4,6 which makes the buy-side of the market particularly simple.
The following paper introduces a fascinating and complicated issue that arises on the buy-side of the market when buyers are interested in multiple linear functions of the same dataset. Information exhibits complementarities: given some information about a dataset, it is possible to learn other things about the dataset. This means that when pricing information, there might be opportunities for arbitrage: rather than directly buying the answer to the query he is interested in, the buyer might instead more cheaply buy a bundle of queries that lets him deduce the answer he is interested in. The authors give conditions under which a pricing is arbitrage free. This is a compelling condition to ask for: it means that it is a dominant strategy for arriving buyers to faithfully request the answer to the query they are interested in, rather than trying to game the system. By asking for arbitrage-free pricings, the authors are making the market safe for buyers.
No entries found