This paper introduces a paradigm shift in the way privacy is defined, driven by a novel interpretation of the fundamental result of Dwork and Naor about the impossibility of absolute disclosure prevention. We propose a general model of utility and privacy in which utility is achieved by disclosing the value of low-entropy features of a secret X, while privacy is maintained by hiding the value of high-entropy features of X. Adopting this model, we prove that, contrary to popular opinion, it is possible to provide meaningful inferential privacy guarantees. These guarantees are given in terms of an operationally-meaningful information measure called pointwise maximal leakage (PML) and prevent privacy breaches against a large class of adversaries regardless of their prior beliefs about X. We show that PML-based privacy is compatible with and provides insights into existing notions such as differential privacy. We also argue that our new framework enables highly flexible mechanism designs, where the randomness of a mechanism can be adjusted to the entropy of the data, ultimately, leading to higher utility.

With the emergence of cyber-physical systems (CPSs) in utility systems like electricity, water, and gas networks, data collection has become more prevalent. While data collection in these systems has numerous advantages, it also raises concerns about privacy as it can potentially reveal sensitive information about users. To address this issue, we propose a Bayesian approach to control the adversarial inference and mitigate the physical-layer privacy problem in CPSs. Specifically, we develop a control strategy for the worst-case scenario where an adversary has perfect knowledge of the user’s control strategy. For finite state-space problems, we derive the fixed-point Bellman’s equation for an optimal stationary strategy and discuss a few practical approaches to solve it using optimization-based control design. Addressing the computational complexity, we propose a reinforcement learning approach based on the Actor-Critic architecture. To also support smart meter privacy research, we present a publicly accessible “Co-LivEn” dataset with comprehensive electrical measurements of appliances in a co-living household. Using this dataset, we benchmark the proposed reinforcement learning approach. The results demonstrate its effectiveness in reducing privacy leakage. Our work provides valuable insights and practical solutions for managing adversarial inference in cyber-physical systems, with a particular focus on enhancing privacy in smart meter applications.

We study the continuous vector-valued Witsen-hausen counterexample with Gaussian states through the lens of empirical coordination coding. We characterize the region of achievable pairs of costs in three scenarios: (i) causal encoding and causal decoding, (ii) causal encoding and causal decoding with channel feedback, and (iii) causal encoding and noncausal decoding with channel feedback. In these vector-valued versions of the problem, the optimal coding schemes must rely on a time-sharing strategy, since the region of achievable pairs of costs might not be convex in the scalar version of the problem. We examine the role of the channel feedback when the encoder is causal and the decoder is either causal or non-causal, and we show that feedback improves the performance, only when the decoder is non-causal.

We investigate the Witsenhausen counterexample in a continuous vector-valued context with a causal encoder and noncausal decoder. Our main result is the optimal single-letter condition that characterizes the set of achievable Witsenhausen power costs and estimation costs, leveraging a modified weak typicality approach. In particular, we accommodate our power analysis to the causal encoder constraint, and provide an improved distortion error analysis for the challenging estimation of the interim state. Interestingly, the idea of dual role of control is explicitly captured by the two auxiliary random variables.

Drift is a significant issue that undermines the reliability of gas sensors. This paper introduces a probabilistic model to distinguish between environmental variation and instrumental drift, using low-cost non-dispersive infrared (NDIR) CO2 sensors as a case study. Data from a long-term field experiment is analyzed to evaluate both sensor performance and environmental changes over time. Our approach employs importance sampling to isolate instrumental drift from environmental variation, providing a more accurate assessment of sensor performance. The results show that failing to account for environmental variation can significantly affect the evaluation of sensor drift, leading to improper calibration processes.

Data-driven advancements significantly contribute to societal progress, yet they also pose substantial risks to privacy. In this landscape, differential privacy (DP) has become a cornerstone in privacy preservation efforts. However, the adequacy of DP in scenarios involving correlated datasets has sometimes been questioned and multiple studies have hinted at potential vulnerabilities. In this work, we delve into the nuances of applying DP to correlated datasets by leveraging the concept of pointwise maximal leakage (PML) for a quantitative assessment of information leakage. Our investigation reveals that DP’s guarantees can be arbitrarily weak for correlated databases when assessed through the lens of PML. More precisely, we prove the existence of a pure DP mechanism with PML levels arbitrarily close to that of a mechanism which releases individual entries from a database without any perturbation. By shedding light on the limitations of DP on correlated datasets, our work aims to foster a deeper understanding of subtle privacy risks and highlight the need for the development of more effective privacy-preserving mechanisms tailored to diverse scenarios.

We study a multi-task private semantic communication problem, in which an encoder has access to an information source arbitrarily correlated with some latent private data. A user has L tasks with priorities. The encoder designs a message to be revealed which is called the semantic of the information source. Due to the privacy constraints the semantic can not be disclosed directly and the encoder adds noise to produce disclosed data. The goal is to design the disclosed data that maximizes the weighted sum of the utilities achieved by the user while satisfying a privacy constraint on the private data. In this work, we first consider a single-task scenario and design the added noise utilizing various methods including the extended versions of the Functional Representation Lemma, Strong Functional Representation Lemma, and separation technique. We then study the multi-task scenario and derive a simple design of the source semantics. We show that in the multi-task scenario the main problem can be divided into multiple parallel single-task problems.

We investigate the problem of secure multi-terminal strong coordination aided by a multiple-access wiretap channel (MAC-WT). In this setup, independent and identically distributed (i.i.d.) copies of correlated sources are observed by two transmitters who encode the channel inputs to the MAC-WT. The legitimate receiver on observing the channel output must produce approximately i.i.d. copies of an output random variable jointly distributed with the two sources. Furthermore, we demand that an external eavesdropper learns essentially nothing about the sources and the simulated output sequence by observing its corresponding MAC-WT output. This is aided by the presence of independent pairwise shared randomness between each encoder and the legitimate decoder. The shared randomness rate tuples which permit such channel simulation with strong secrecy are of interest. We derive an achievable rate region based on a combination of coordination coding and wiretap coding, along with an outer bound. The inner bound is shown to be tight and a complete characterization is derived for the special case when the sources are independent and the legitimate receiver's channel is composed of deterministic links.

We investigate the problem of multi-terminal strong coordination over a network of noiseless links with degraded source observations. In this setup, independent and identically distributed (i.i.d.) copies of correlated sources are observed by two transmitters, with one of the source observations being common while the other one is private. The transmitters communicate their source descriptions over noiseless links to the receiver, which must produce approximately i.i.d. copies of an output random variable jointly distributed with the two sources. This is aided by the presence of common randomness shared between all three parties. The communication and common randomness rate tuples which permit such channel simulation are of interest. We derive a complete characterization for this multi-terminal strong coordination problem. It is observed that the optimal scheme is based on a superposition structure, where the common source description forms the base layer and the private source description forms the top layer.

We study an information theoretic privacy mechanism design problem for two scenarios where the private data is either observable or hidden. In the hidden private data scenario, an agent observes useful data Y that is correlated with private data X , and generate disclosed data U which maximizes the revealed information about Y while satisfying a bounded privacy leakage constraint. Considering the other scenario, the agent has additional access to X . To design the privacy mechanism, we first extend the Functional Representation Lemma and Strong Functional Representation Lemma by relaxing the independence condition and thereby allowing a certain leakage. We then find lower and upper bounds on the privacy-utility trade-offs in both scenarios. In particular, for the case where no leakage is allowed and X is observable, our upper and lower bounds improve previous bounds. Considering bounded mutual information as privacy constraint and the observable private data scenario we show that if the common information and mutual information between X and Y are equal, then the attained upper bound is tight. Finally, the privacy-utility trade-off with prioritized private data is studied where part of X is more private than the remaining part.