Article Preview
TopIntroduction
Privacy laws provide a baseline level of “privacy protection” and due diligence for only some types of individual level information that are being utilized by government agencies and private businesses. For example, there are laws in the US such as the Fair Credit Reporting Act of 1970, the Family Education Rights and Privacy Act of 1978, the Privacy Protection Act of 1980, the Cable Communications Policy Act of 1984, and the Video Privacy Protection Act of 1988 that aim to protect individual information about communications between people, credit data, education, cable, and retail video industries. However, privacy laws do not exist for many other types of individual information such as driving records, rental histories, retail purchases, social security earnings, unlisted phone numbers, etc. Many scholars in history, sociology, business, law, and political science have criticized the existing legislative approach to individual privacy on the grounds that it does not acknowledge individuals as the legitimate owner of their data (Blackwell, 2008; Gavison, 1980; Laudon, 1996; Paul 2004). Some scholars have advocated for a stronger definition of privacy protection for individuals, which is called the “property rights” approach. In this approach, personal information of individuals is considered their private property and can only be exchanged by creating a private contract between an individual (seller) and a data receiver (buyer).
Chellappa and Shivendu (2007) discuss the property rights approach to privacy for regulating choices in the online personalization context. Xu et al. (2010), in the context of a location-based service, show that individual compensation is likely to increase consumers’ judgments of the benefits of information disclosure. Garfinkel et al. (2006) consider a market setting where individuals have the option of selling inexact sensitive information about themselves while receiving a level of privacy protection. Buyers in this setting can only purchase inexact answers to the queries of their choices. For instance, a buyer can demand the average salary of a certain demographic of her choice and receive an inexact interval answer for the query. Li and Raghunathan (2014) consider a setting where an organization sells a dataset about its individuals’ sensitive information to another organization. In this setting, the organization sharing the data takes the sole responsibility of providing privacy protection to individuals and selecting a pricing model for the market. Individuals do not play any role in the pricing of their data and the privacy protection mechanism of the market.
This paper presents a setting where individuals (data providers), whose data is being considered for sharing/selling, can themselves decide the level of privacy protection in terms of the level of anonymity that they want to receive from the buyer (data receiver). Specifically, sellers can choose a personalized version of privacy protection (anonymity), as discussed in the privacy preserving microdata sharing literature (Machanavajjhala et al., 2007; Sweeney, 2002). Moreover, sellers can also specify the minimum compensation requirement (reservation price) for their information, which allows them to be participants in the price discovery process of the market. Buyers, on the other hand, can buy individual level information, not just an answer to a query. In this market context, this paper discusses the computational complexities of the problems associated with the creation of the optimal information product (optimum dataset) for a buyer’s dataset request. The algorithms presented in this paper can be used by the market maker for effectively creating the optimum datasets for buyers.