Privacy and Utility Preserving Sensor-Data Transformations

Queen Mary University of London, Imperial College LondonAbstract Sensitive inferences and user re-identification are major threats to privacy when raw sensor data from wearable or portable devices are shared with cloud-assisted applications. To mitigate these threats, we propose mechanisms to transform sensor data before sharing them with applications running on users' devices. These transformations aim at eliminating patterns that can be used for user re-identification or for inferring potentially sensitive activities, while introducing a minor utility loss for the target application (or task). We show that, on gesture and activity recognition tasks, we can prevent inference of potentially sensitive activities while keeping the reduction in recognition accuracy of nonsensitive activities to less than 5 percentage points. We also show that we can reduce the accuracy of user re-identification and of the potential inference of gender to the level of a random guess, while keeping the accuracy of activity recognition comparable to that obtained on the original data.1. Introduction Sensors such as accelerometer, gyroscope, and magnetometer, embedded in personal smart devices generate data that can be used to monitor users' activities, interactions, and mood [1, 2, 3]. Applications (apps) installed on smart devices can get access to raw sensor data to make required(i.e. However, sensor data can also facilitate some potentially sensitive ( i.e. undesired) inferences that a user might wish to keep private, such as discovering smoking habits [4] or revealing personal attributes such as age and gender [5]. Some patterns in raw sensor data may also enable user re-identification [6]. Information privacy can be defined as "the right to select what personal information about me is known to what people" [7].