Miyaji Laboratory

In recent years, various data utilization techniques, including machine learning, have been applied across diverse fields. However, protecting the privacy of individuals whose data is included in these datasets has become an urgent issue. Local Differential Privacy (LDP) is one of the key privacy-preserving techniques for data utilization. While LDP has been applied to various statistical analyses, its application to image datasets primarily relies on two approaches: deep learning-based methods and methods that apply LDP to feature vectors extracted from images rather than the images themselves. However, deep learning-based methods entail high computational costs, while feature vector-based methods prevent the measurement of statistical properties that can only be utilized in image format. Achieving a balance between utility and privacy preservation in LDP-based image anonymization without relying on deep learning remains a challenging problem. This study proposes an LDP-based image anonymization method that effectively balances utility and privacy protection. LDP has the characteristic that, even with the same level of privacy protection, the amount of added noise increases as the number of dimensions in a dataset grows. Thus, effective dimensionality reduction is essential. Additionally, the anonymization mechanism used in this framework ensures that the noise addition decreases as the range of possible values of the mechanism is reduced, making it crucial to minimize this domain without significantly compromising information. Based on these principles, our framework applies two types of reduction techniques, reducing the number of pixels and limiting the domain size, before applying LDP to anonymize image data. We evaluated our method by applying it to the MNIST and Fashion MNIST datasets and comparing it with existing methods through SSIM and MSE measurements, as well as classification accuracy using CNNs. The results demonstrated that, under the same level of privacy protection, our proposed method enables more flexible control over the trade-off between utility and privacy compared to existing methods.