Capacity planning under local differential privacy with optimized budget selection

Abstract

With the growing popularity of local differential privacy (LDP), there is increasing interest in its deployment in industrial applications, smart homes, and smart cities. However, the main premise of LDP is that data are perturbed to protect privacy, and therefore consumption statistics estimated via LDP are inherently noisy. When noisy estimates are used for capacity planning, they can lead to false positives (false claims of capacity exceedance) or false negatives (actual exceedances are neglected). To address these concerns, this article proposes a system called CAPRI for capacity planning and optimized budget selection in smart city applications under LDP. Based on a specified set of conditions (e.g., number of clients, possible consumption values, LDP protocol) and constraints (e.g., false positive probability should be below 0.01), CAPRI is able to determine the $\varepsilon$ privacy budget, which simultaneously satisfies the desired constraints and maximizes clients' privacy. To do so, CAPRI proposes an optimization-based problem formulation and a search-based solution, which relies on LDP simulations. We experimentally validate and demonstrate the effectiveness of CAPRI using real-world and synthetic datasets, three popular LDP protocols, and various constraints and conditions.