Measuring Re-identification Risk
read the original abstract
Compact user representations (such as embeddings) form the backbone of personalization services. In this work, we present a new theoretical framework to measure re-identification risk in such user representations. Our framework, based on hypothesis testing, formally bounds the probability that an attacker may be able to obtain the identity of a user from their representation. As an application, we show how our framework is general enough to model important real-world applications such as the Chrome's Topics API for interest-based advertising. We complement our theoretical bounds by showing provably good attack algorithms for re-identification that we use to estimate the re-identification risk in the Topics API. We believe this work provides a rigorous and interpretable notion of re-identification risk and a framework to measure it that can be used to inform real-world applications.
This paper has not been read by Pith yet.
Forward citations
Cited by 1 Pith paper
-
Lessons from the Adoption and Deprecation of the Privacy Sandbox Web APIs
Longitudinal measurement study finds limited and uneven adoption of Privacy Sandbox APIs across websites and Chrome users, yielding lessons and recommendations after the project's 2025 cancellation.
discussion (0)
Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.