Evaluating data utility of privacy-preserving pseudonymized location datasets
Pseudonymization is an effective way to publish a location dataset with trajectory information in a privacy-preserving way. We previously proposed a technique of randomly exchanging multiple users’ pseudonyms at a mix zone where the users meet at the same time to prevent an adversary from reidentifying multiple trajectory segments of a target user. However, such a segmentation technique essentially divides a user’s whole trajectory path into multiple segments and thus degrades the utility of the dataset. In this paper, we, therefore, evaluate tradeoffs between data utility and privacy by conducting various experiments with a real location dataset. Our experimental results show that it is possible to achieve sufficient data utility while satisfying realistic privacy requirements.