How Good Are Privacy Guarantees? Platform Architecture and Violation of User Privacy

44 Pages Posted: 24 Jan 2023 Last revised: 19 Jun 2023

See all articles by Daron Acemoglu

Daron Acemoglu

Massachusetts Institute of Technology (MIT) - Department of Economics; Centre for Economic Policy Research (CEPR); National Bureau of Economic Research (NBER)

Alireza Fallah

University of California, Berkeley

Ali Makhdoumi

Fuqua School of Business; Massachusetts Institute of Technology (MIT)

Azarakhsh Malekian

University of Toronto - Rotman School of Management; Massachusetts Institute of Technology (MIT) - Electrical Engineering and Computer Science

Asuman E. Ozdaglar

Massachusetts Institute of Technology (MIT) - Department of Electrical Engineering and Computer Science

Multiple version iconThere are 2 versions of this paper

Date Written: January 22, 2023

Abstract

Many platforms deploy data collected from users for a multitude of purposes. While some are beneficial to users, others are costly to their privacy. The presence of these privacy costs means that platforms may need to provide guarantees about how and to what extent user data will be harvested for activities such as targeted ads, individualized pricing, and sales to third parties. In this paper, we build a multi-stage model in which users decide whether to share their data based on privacy guarantees. We first introduce a novel mask-shuffle mechanism and prove it is Pareto optimal---meaning that it leaks the least about the users' data for any given leakage about the underlying common parameter. We then show that under any mask-shuffle mechanism, there exists a unique equilibrium in which privacy guarantees balance privacy costs and utility gains from the pooling of user data for purposes such as assessment of health risks or product development. Paradoxically, we show that as users' value of pooled data increases, the equilibrium of the game leads to lower user welfare. This is because platforms take advantage of this change to reduce privacy guarantees so much that user utility declines (whereas it would have increased with a given mechanism). Even more strikingly, we show that platforms have incentives to choose data architectures that systematically differ from those that are optimal from the user's point of view. In particular, we identify a class of pivot mechanisms, linking individual privacy to choices by others, which platforms prefer to implement and which make users significantly worse off.

Keywords: Data Markets, Online platforms, Privacy, Game theory, Stackelberg game, Mask-shuffle mechanism

Suggested Citation

Acemoglu, Daron and Fallah, Alireza and Makhdoumi, Ali and Malekian, Azarakhsh and Ozdaglar, Asuman E., How Good Are Privacy Guarantees? Platform Architecture and Violation of User Privacy (January 22, 2023). Available at SSRN: https://ssrn.com/abstract=4333457 or http://dx.doi.org/10.2139/ssrn.4333457

Daron Acemoglu

Massachusetts Institute of Technology (MIT) - Department of Economics ( email )

50 Memorial Drive
Room E52-380b
Cambridge, MA 02142
United States
617-253-1927 (Phone)
617-253-1330 (Fax)

Centre for Economic Policy Research (CEPR)

London
United Kingdom

National Bureau of Economic Research (NBER)

1050 Massachusetts Avenue
Cambridge, MA 02138
United States

Alireza Fallah (Contact Author)

University of California, Berkeley ( email )

310 Barrows Hall
Berkeley, CA 94720
United States

Ali Makhdoumi

Fuqua School of Business ( email )

Box 90120
Durham, NC 27708-0120
United States

HOME PAGE: http://https://www.fuqua.duke.edu/faculty/ali-makhdoumi

Massachusetts Institute of Technology (MIT) ( email )

77 Massachusetts Avenue
50 Memorial Drive
Cambridge, MA 02139-4307
United States

Azarakhsh Malekian

University of Toronto - Rotman School of Management ( email )

105 St. George Street
Toronto, Ontario M5S 3E6 M5S1S4
Canada

Massachusetts Institute of Technology (MIT) - Electrical Engineering and Computer Science ( email )

77 Massachusetts Avenue
Cambridge, MA 02139-4307
United States

Asuman E. Ozdaglar

Massachusetts Institute of Technology (MIT) - Department of Electrical Engineering and Computer Science ( email )

50 Memorial Drive
Cambridge, MA 02139-4307
United States
617-324-0058 (Phone)

Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Downloads
551
Abstract Views
1,423
Rank
93,863
PlumX Metrics