Privacy-preserving Scanpath Comparison for Pervasive Eye Tracking
Suleyman Ozdel, Efe Bozkir, Enkelejda Kasneci
TL;DR
This work addresses privacy concerns in scanpath analysis by introducing a two-party protocol for private Needleman-Wunsch alignment using Paillier homomorphic encryption. It leverages a probabilistic matrix processing strategy and multi-layer masking to minimize inter-party communication while preserving the order of encrypted costs. The framework supports flexible substitution costs and reveals only the final similarity score and sequence lengths, enabling cross-institutional collaboration on eye-tracking data. Evaluations on three public datasets (and synthetic data) demonstrate feasibility and scalable performance as matrix size and security parameters grow, and the authors release their source code for reproducibility.
Abstract
As eye tracking becomes pervasive with screen-based devices and head-mounted displays, privacy concerns regarding eye-tracking data have escalated. While state-of-the-art approaches for privacy-preserving eye tracking mostly involve differential privacy and empirical data manipulations, previous research has not focused on methods for scanpaths. We introduce a novel privacy-preserving scanpath comparison protocol designed for the widely used Needleman-Wunsch algorithm, a generalized version of the edit distance algorithm. Particularly, by incorporating the Paillier homomorphic encryption scheme, our protocol ensures that no private information is revealed. Furthermore, we introduce a random processing strategy and a multi-layered masking method to obfuscate the values while preserving the original order of encrypted editing operation costs. This minimizes communication overhead, requiring a single communication round for each iteration of the Needleman-Wunsch process. We demonstrate the efficiency and applicability of our protocol on three publicly available datasets with comprehensive computational performance analyses and make our source code publicly accessible.