Optimal Privacy-Aware Stochastic Sampling

This paper presents a stochastic sampling framework for privacy-aware data sharing, where a sensor observes a process correlated with private information. A sampler determines whether to retain or discard sensor observations, balancing the tradeoff between data utility and privacy. Retained samples are shared with an adversary who may attempt to infer the private process, with privacy leakage quantified using mutual information. The sampler design is formulated as an optimization problem with two objectives: $(i)$ minimizing the reconstruction error of the observed process using the sampler’s output, $(ii)$ reducing the privacy leakages. For a general class of processes, we show that the optimal reconstruction policy is deterministic and derive the optimality conditions for the sampling policy using a dynamic decomposition method, which enables the sampler to control the adversary’s belief about private inputs. For linear Gaussian processes, we propose a simplified design by restricting the sampling policy to a specific collection, providing analytical expressions for the reconstruction error, belief state, and sampling objectives based on conditional means and covariances. Additionally, we develop a numerical optimization algorithm to optimize the sampling and reconstruction policies, wherein the policy gradient theorem for the optimal sampling design is derived based on the implicit function theorem. Simulations demonstrate the effectiveness of the proposed method in achieving accurate state reconstruction, privacy protection, and data size reduction.