To share or not to share: What risks would laypeople accept to give sensitive data to differentially-private NLP systems?
Although the NLP community has adopted central differential privacy as a go-to framework for privacy-preserving model training or data sharing, the choice and interpretation of the key parameter, privacy budget ε that governs the strength of privacy protection, remains largely arbitrary. We argue that determining the ε value should not be solely in the hands of researchers or system developers, but must also take into account the actual people who share their potentially sensitive data. In other words: Would you share your instant messages for ε of 10? We address this research gap by designing, implementing, and conducting a behavioral experiment (311 lay participants) to study the behavior of people in uncertain decision-making situations with respect to privacy-threatening situations. Framing the risk perception in terms of two realistic NLP scenarios and using a vignette behavioral study help us determine what ε thresholds would lead lay people to be willing to share sensitive textual data - to our knowledge, the first study of its kind.
READ FULL TEXT