Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

TraCS: Trajectory Collection in Continuous Space under Local Differential Privacy

Ye Zheng, Yidan Hu

TL;DR

This work addresses privacy-preserving trajectory collection in continuous location spaces under pure $\varepsilon$-LDP, a setting where existing discrete-space methods struggle due to discretization constraints and scalability. It introduces two complementary methods, TraCS-D and TraCS-C, which decompose the space into direction-distance and Cartesian-coordinate subspaces, respectively, and apply novel piecewise-based perturbation mechanisms to guarantee $\varepsilon$-LDP with $\Theta(1)$ perturbation time per location. TraCS-D perturbs direction via a dynamically narrow dominant sector and perturbs distance with a centered interval, while TraCS-C perturbs Cartesian coordinates independently; both support post-hoc rounding to discrete spaces without weakening privacy and with favorable utility, particularly for larger privacy parameters. Theoretical analyses show $n\varepsilon$-LDP for a trajectory of length $n$, $\Theta(n)$ time/space complexity, and $\text{MSE}=\Theta(e^{-\varepsilon/2})$ convergence for both mechanisms; empirical evaluations on synthetic and real datasets demonstrate superior trajectory utility and significantly lower computation time compared to state-of-the-art discrete LDP methods. Overall, TraCS offers an efficient, scalable solution for continuous-space trajectory data with strong privacy guarantees and practical applicability to both continuous and discretized settings.

Abstract

Trajectory collection is fundamental for location-based services but often involves sensitive information, such as users' daily activities, raising significant privacy concerns. Local Differential Privacy (LDP) provides strong privacy guarantees for users, even when the data collector is untrusted. Existing trajectory collection methods under LDP are limited to discrete location spaces, where the number of locations affects both privacy guarantees and trajectory utility. Moreover, many real-world scenarios, such as flying trajectories or sensor trajectories of wearable devices, operate in continuous location spaces, making existing methods inadequate. This paper shifts the focus from discrete to continuous spaces for trajectory collection under LDP. We propose two novel methods: TraCS-D, which perturbs the direction and distance of locations, and TraCS-C, which perturbs the Cartesian coordinates of locations. Both methods are theoretically and experimentally analyzed for trajectory utility in continuous spaces. TraCS can also be applied to discrete spaces by rounding perturbed locations to the nearest discrete points. In this case, TraCS's privacy and utility guarantees are independent of the number of locations in the space, and has only $Θ(1)$ time complexity in each perturbation generation. Evaluation results on discrete location spaces validate the efficiency advantage and show that TraCS outperforms state-of-the-art methods with improved trajectory utility, especially for large privacy parameters.

TraCS: Trajectory Collection in Continuous Space under Local Differential Privacy

TL;DR

This work addresses privacy-preserving trajectory collection in continuous location spaces under pure -LDP, a setting where existing discrete-space methods struggle due to discretization constraints and scalability. It introduces two complementary methods, TraCS-D and TraCS-C, which decompose the space into direction-distance and Cartesian-coordinate subspaces, respectively, and apply novel piecewise-based perturbation mechanisms to guarantee -LDP with perturbation time per location. TraCS-D perturbs direction via a dynamically narrow dominant sector and perturbs distance with a centered interval, while TraCS-C perturbs Cartesian coordinates independently; both support post-hoc rounding to discrete spaces without weakening privacy and with favorable utility, particularly for larger privacy parameters. Theoretical analyses show -LDP for a trajectory of length , time/space complexity, and convergence for both mechanisms; empirical evaluations on synthetic and real datasets demonstrate superior trajectory utility and significantly lower computation time compared to state-of-the-art discrete LDP methods. Overall, TraCS offers an efficient, scalable solution for continuous-space trajectory data with strong privacy guarantees and practical applicability to both continuous and discretized settings.

Abstract

Trajectory collection is fundamental for location-based services but often involves sensitive information, such as users' daily activities, raising significant privacy concerns. Local Differential Privacy (LDP) provides strong privacy guarantees for users, even when the data collector is untrusted. Existing trajectory collection methods under LDP are limited to discrete location spaces, where the number of locations affects both privacy guarantees and trajectory utility. Moreover, many real-world scenarios, such as flying trajectories or sensor trajectories of wearable devices, operate in continuous location spaces, making existing methods inadequate. This paper shifts the focus from discrete to continuous spaces for trajectory collection under LDP. We propose two novel methods: TraCS-D, which perturbs the direction and distance of locations, and TraCS-C, which perturbs the Cartesian coordinates of locations. Both methods are theoretically and experimentally analyzed for trajectory utility in continuous spaces. TraCS can also be applied to discrete spaces by rounding perturbed locations to the nearest discrete points. In this case, TraCS's privacy and utility guarantees are independent of the number of locations in the space, and has only time complexity in each perturbation generation. Evaluation results on discrete location spaces validate the efficiency advantage and show that TraCS outperforms state-of-the-art methods with improved trajectory utility, especially for large privacy parameters.

Paper Structure

This paper contains 56 sections, 4 theorems, 25 equations, 15 figures, 3 tables, 2 algorithms.

Table of Contents

  1. Introduction
  2. Preliminaries
  3. Problem Formulation
  4. Local Differential Privacy
  5. Piecewise-based Mechanism
  6. $k$-RR and Exponential Mechanism
  7. Our Method: TraCS
  8. Location Space
  9. TraCS-D
  10. Direction Perturbation
  11. Distance Perturbation
  12. Workflow of TraCS-D
  13. Analysis of TraCS-D
  14. TraCS-C
  15. Coordinates Perturbation
  16. ...and 41 more sections

Key Result

Theorem 1

Let $\mathcal{M}_1$ and $\mathcal{M}_2$ be two mechanisms that satisfy $\varepsilon_1$ and $\varepsilon_2$-LDP, respectively. Their composition, defined as $\mathcal{M}_{1,2}: (\mathcal{X}_1, \mathcal{X}_2)\to (Range(\mathcal{M}_1), Range(\mathcal{M}_2))$, satisfies $(\varepsilon_1 + \varepsilon_2)$

Figures (15)

  • Figure 1: Two decompositions of location space $\mathcal{S}$ at $\tau_i$. Any other location $\tau_j \in \mathcal{S}$ can be represented by direction-distance coordinates $(\varphi, r(\varphi))$ or Cartesian coordinates $(a, b)$.
  • Figure 2: Comparison of the dominant sectors of the strawman approach and TraCS-D with $\varepsilon=4$ and $\varepsilon=6$. The red angular arcs indicate the dominant sectors, with their probabilities shown on the right. The dominant sector of TraCS-D narrows as $\varepsilon$ increases, leading to a smaller inner-sector (sampling) error. In contrast, the strawman approach has a fixed dominant sector, which is independent of $\varepsilon$ and leads to a large inner-sector error.
  • Figure 3: Two cases of $|\mathcal{D}_{r(\varphi)}|$ at $\tau_i$ (blue lines).
  • Figure 4: Comparison on synthetic datasets.
  • Figure 5: Condition TraCS-D outperforms TraCS-C.
  • ...and 10 more figures

Theorems & Definitions (20)

  • Definition 1: $\varepsilon$-LDP DBLP:conf/focs/DuchiJW13
  • Theorem 1: Sequential Composition of LDP DBLP:journals/fttcs/DworkR14DBLP:journals/pvldb/Zhang000H23
  • Definition 2: Piecewise-based mechanism
  • Definition 3
  • Definition 4: Exponential Mechanism DBLP:conf/innovations/NissimST12
  • Definition 5: Direction Perturbation Mechanism
  • Example 1
  • Definition 6: Distance Perturbation Mechanism
  • Theorem 2
  • proof
  • ...and 10 more