A commonly used method to protect user privacy in data collection is to perform randomized perturbation on users real data before collection so that aggregated statistics can still be inferred without endangering secrets held by individuals. In this paper, we take a closer look at the validity of Differential Privacy guarantees, when the sensitive attributes are subject to social influence and contagions. We first show that in the absence of any knowledge about the contagion network, an adversary that tries to predict the real values from perturbed ones, cannot achieve an area under the ROC curve (AUC) above $1-(1-delta)/(1+e^varepsilon)$, if the dataset is perturbed using an $(varepsilon,delta)$-differentially private mechanism. Then, we show that with the knowledge of the contagion network and model, one can do significantly better. We demonstrate that our method passes the performance limit imposed by differential privacy. Our experiments also reveal that nodes with high influence on others are at more risk of revealing their secrets than others. The performance is shown through extensive experiments on synthetic and real-world networks.
Download