Differentially Private Rankings via Outranking Methods and Performance Data Aggregation
Luis Del Vasto-Terrientes
TL;DR
The paper tackles privacy in multi-criteria decision making by integrating differential privacy with outranking MCDM methods. It constructs an aggregated performance matrix $OM$ from user evaluations, applies $\ ext{DP}$ or its Individual Differential Privacy variant to produce a privatized matrix $OM^*$, and then runs ELECTRE-III and PROMETHEE-II on $OM^*$. Results on synthetic and BeerAdvocate datasets show that increasing the privacy budget $\epsilon$ and the aggregation size $K$ reduces information loss and improves the correlation $r_s$ between true and anonymized rankings, with iDP consistently outperforming DP in utility. This demonstrates a practical privacy-preserving framework for dynamic, data-driven decision contexts and highlights iDP as advantageous when data is limited or highly sensitive.
Abstract
Multiple-Criteria Decision Making (MCDM) is a sub-discipline of Operations Research that helps decision-makers in choosing, ranking, or sorting alternatives based on conflicting criteria. Over time, its application has been expanded into dynamic and data-driven domains, such as recommender systems. In these contexts, the availability and handling of personal and sensitive data can play a critical role in the decision-making process. Despite this increased reliance on sensitive data, the integration of privacy mechanisms with MCDM methods is underdeveloped. This paper introduces an integrated approach that combines MCDM outranking methods with Differential Privacy (DP), safeguarding individual contributions' privacy in ranking problems. This approach relies on a pre-processing step to aggregate multiple user evaluations into a comprehensive performance matrix. The evaluation results show a strong to very strong statistical correlation between the true rankings and their anonymized counterparts, ensuring robust privacy parameter guarantees.