Differential Privacy for Nearest Neighbor Queries

Abstract

We examine the problem of providing differential privacy for nearest neighbor queries. Very few mechanisms exist that achieve this, most notable geo-indistinguishability in the context of location privacy. However it uses an extended definition of differential privacy and restricts the sensitivity of queries. This work presents a new mechanism for DP nearest neighbor queries that is general to many applications and is based on tree data-structures and traversal. The biggest challenge with existing local differential private solutions is poor utility, requiring the addition of a restriction on the sensitivity of queries. We provide two variations, one which uses a similar restriction and one that does not. We explore different tree traversal algorithms. We evaluate our method on artificial datasets as well as real world location data. The results show that the variant using a restricted sensitivity does not perform better than geo-indistinguishability, while the unrestricted variant offers a method with good utility.