PANORAMIX at SIGIR ’18

The PANORAMIX paper “SynTF: Synthetic and Differentially Private Term Frequency Vectors for Privacy-Preserving Text Mining”, which is joint work between Benjamin Weggenmann and Florian Kerschbaum, has been accepted at the 41st International ACM SIGIR Conference on Research and Development in Information Retrieval (SIGIR’18). Benjamin will present the paper at the conference which will take place on July 8th – 12th, 2018, in Ann Arbor, Michigan, USA.

Abstract: Text mining and information retrieval techniques have been developed to assist us with analyzing, organizing and retrieving documents with the help of computers. In many cases, it is desirable that the authors of such documents remain anonymous: Search logs can reveal sensitive details about a user, critical articles or messages about a company or government might have severe or fatal consequences for a critic, and negative feedback in customer surveys might negatively impact business relations if they are identified. Simply removing personally identifying information from a document is, however, insufficient to protect the writer’s identity: Given some reference texts of suspect authors, so-called authorship attribution methods can reidentfy the author from the text itself. One of the most prominent models to represent documents in many common text mining and information retrieval tasks is the vector space model where each document is represented as a vector, typically containing its term frequencies or related quantities. We therefore propose an automated text anonymization approach that produces synthetic term frequency vectors for the input documents that can be used in lieu of the original vectors. We evaluate our method on an exemplary text classification task and demonstrate that it only has a low impact on its accuracy. In contrast, we show that our method strongly affects authorship attribution techniques to the level that they become infeasible with a much stronger decline in accuracy. Other than previous authorship obfuscation methods, our approach is the first that fulfills differential privacy and hence comes with a provable plausible deniability guarantee.