Latent Representation Learning and Manipulation for Privacy-Preserving Sensor Data Analytics

The rapid deployment of sensor systems in homes and work environments, and new applications of machine learning at the edge have posed an enormous and unprecedented threat to privacy. In this paper we investigate the ability of existing deep neural network models trained in an adversarial fashion to enhance privacy without sacrificing data utility, and propose a re-identification attack that could effectively hinder them from hiding private data. This highlights an important problem with anonymization techniques that rely on adversarial training. To address this problem, we perform deterministic and probabilistic arithmetic operations in the learned latent variable space of a variational autoencoder and show empirically that it makes the anonymized data less susceptible to the proposed re-identification attack. Our experiments on a Human Activity Recognition data set confirm that the proposed deterministic manipulation of the latent variables outperforms the state-of-the-art anonymizing autoencoders, reducing the accuracy of a gender identification model by an additional 16% without noticeably affecting the accuracy of the activity recognition model. Moreover, the accuracy of the gender re-identification model is further reduced by 16.25% on average thanks to the proposed probabilistic manipulation.