Paper 2011/152

A Practical Application of Differential Privacy to Personalized Online Advertising

Yehuda Lindell and Eran Omri

Abstract

Online advertising plays an important role in supporting many Internet services. Personalized online advertising offers marketers a way to direct ads at very specific audiences. The vast body of Internet users combined with the ease of creating and monitoring personalized advertising campaigns make online advertising an extremely strong tool for marketers. However, many concerns arise regarding the implications of online advertising for the privacy of web users. Specifically, recent works show how the privacy of Internet users may be breached by attacks utilizing personalized advertising campaigns such as those provided by Facebook. Such attacks succeed even without the user ever noticing the attack or being able to avoid it (unless refraining from going on the Internet). In this work, we suggest practical and concrete measures for preventing the feasibility of such attacks on online advertising systems, taking Facebook as our case study. We present a mechanism for releasing statistics on advertising campaigns in a way that preserves the privacy of web users. The notion of privacy that we adopt is a mathematically rigorous definition of privacy called {\em differential privacy}. In addition, we show that the seemingly overly restrictive notion of differential privacy is in fact the one necessary here, and that weaker notions would not suffice.