Integrating Utility into Face De-Identification

Abstract

With the proliferation of inexpensive video surveillance and face recognition technologies, it is increasingly possible to track and match people as they move through public spaces. To protect the privacy of subjects visible in video sequences, prior research suggests using ad hoc obfuscation methods, such as blurring or pixelation of the face. How- ever, there has been little investigation into how obfuscation influences the usability of images, such as for classification tasks. In this paper, we demonstrate that at high obfuscation levels, ad hoc methods fail to pre- serve utility for various tasks, whereas at low obfuscation levels, they fail to prevent recognition. To overcome the implied tradeoff between pri- vacy and utility, we introduce a new algorithm, k-Same-Select, which is a formal privacy protection schema based on k-anonymity that provably protects privacy and preserves data utility. We empirically validate our findings through evaluations on the FERET database, a large real world dataset of facial images.

Keywords: Video surveillance, privacy, de-identification, privacy-preserving data mining, k-anonymity, microaggregation

Citation:
Gross, R. Airoldi, E., Malin, B., and Sweeney, L. Integrating Utility into Face De-Identification. Workshop on Privacy-Enhanced Technologies, 2005. (PDF).

Related Links

• Face de-identification
• Face de-identification Demonstration
• k-anonymity: a model for protecting privacy
• Webcam Surveillance
• Homeland Security
• Other Projects at the Data Privacy Lab
• Other Demonstrations at the Data Privacy Lab
• Data Privacy Laboratory