Dynamic Pricing Algorithms with Privacy Preservation in Personalized Decision Making

undefined
 
Di
ff
erential Privacy in Personalized Pricing with
Nonparametric Demand Models
 
XI CHEN
L
E
O
N
A
R
D
 
N
.
 
S
T
E
R
N
 
S
C
H
O
O
L
 
O
F
 
B
U
S
I
N
E
S
S
,
 
N
E
W
 
Y
O
R
K
 
U
N
I
V
E
R
S
I
T
Y
SENTAO MIAO
DESAUTELS FACULTY OF MANAGEMENT, MCGILL UNIVERSITY
Y
I
N
I
N
G
 
W
A
N
G
N
A
V
E
E
N
 
J
I
N
D
A
L
 
S
C
H
O
O
L
 
O
F
 
M
A
N
A
G
E
M
E
N
T
,
 
U
N
I
V
E
R
S
I
T
Y
 
O
F
 
T
E
X
A
S
 
A
T
 
D
A
L
L
A
S
 
Link: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3919807
Personalized data-driven decision making
 
Classical
 decision-making process:
Classical decision-making process does not
preserve privacy
Black-box algorithm
(sensitive historical data)
 
Various methods of privacy attack
 
M
odel Inversion: 
use output of the
algorithm to recover customer’s data (i.e., input)
(Fredrikson et. al. 2014)
 
 
 
 
 
Membership 
Inference
: from the output to
infer whether a specific person is in the dataset
(Shokri et. al. 2017)
 
 
Recovered from model inversion attack (left) and the actual image (right)
(
Fredrikson et. al. 2015
)
 
Growing public concern about data privacy
 
Legislation action to protect data privacy
 
 
The focus of this research is to design privacy-
preserving algorithms for decision making.
 
This work designs privacy-preserving dynamic
pricing algorithms
 
 
Setting of this paper:
 
Dynamic personalized pricing of single product with 
sequentially
 arriving customers.
Demand is 
unknown
 a priori and 
nonparametric
.
Algorithms need to preserve privacy in a 
rigorously defined notion
.
Differential Privacy: rigorously defined notions
of privacy-preserving criteria
 
Intuitively, differential privacy (DP) guarantees that the attacker cannot notice the difference (with
high probability) if any customer’s data in the dataset is replaced by another.
There are two types of DP: 
central DP (CDP) 
and 
local DP (LDP).
 
CDP: attacker in any
time is unlikely to
infer data of any
earlier customer
 
LDP: even the
platform can only use
privatized data
Differential Privacy: rigorously defined notions
of privacy-preserving criteria
 
Intuitively, differential privacy (DP) guarantees that the attacker cannot notice the difference (with
high probability) if any customer’s data in the dataset is replaced by another.
There are two types of DP: 
central DP (CDP) 
and 
local DP (LDP).
CDP: attacker in any
time is unlikely to
infer data of any
earlier customer
LDP: even the
platform can only use
privatized data
Today’s presentation focuses on LDP.
We have algorithm with CDP in our paper.
 
DP has been widely applied
in the industry already
 
 
Literature review
 
 
Dynamic pricing and revenue management with demand learning.
 
-
For example, Chen et al. 2015, Qiang and Bayati 2016, Bernstein et al. 2019, Javanmard and
Nazerzadeh 2019, Bastani and Bayati 2020, Cohen et al. 2020, Chen and Gallego 2021.
 
 
Data privacy 
of algorithm and policy
.
 
-
In computer science: Dwork et al. 2006, Chan et al. 2011, Dwork & Roth 2014, Mishra &
Thakurta 2015, Ren et al. 2020, Zheng et al. 2020, Han et al. 2021.
 
-
In operations management: 
Xu 2018, Tsitsiklis et al. 2020, Hu et al. 2020, Xu et al. 2021, Lei et
al. 2021, Chen et al. 2021
Model setup and assumptions
 
Model setup and assumptions
 
Model setup and assumptions
 
Model setup and assumptions
 
LDP in our setting: decision making based on
privatized data
LDP in our setting: decision making based on
privatized data
 
LDP in our setting: decision making based on
privatized data
Our algorithm: the Locally-Private-Parallel-
Quadrisection (LPPQ)
Our algorithm: the Locally-Private-Parallel-
Quadrisection (LPPQ)
Let us first introduce the idea of LPPQ 
without
 LDP.
Our algorithm: the Locally-Private-Parallel-
Quadrisection (LPPQ)
Our algorithm: the Locally-Private-Parallel-
Quadrisection (LPPQ)
 
Our algorithm: the Locally-Private-Parallel-
Quadrisection (LPPQ)
 
Privatize sensitive data.
 
Our algorithm: the Locally-Private-Parallel-
Quadrisection (LPPQ)
 
Quadrisection search update for each
hypercube using privatized data based on
confidence interval argument.
LPPQ achieves near-optimal regret
Idea of proving regret upper bound
Numerical Experiments
Summary of today’s talk
 
T
h
a
n
k
 
y
o
u
!
C
o
m
m
e
n
t
s
 
a
n
d
 
q
u
e
s
t
i
o
n
s
?
E
m
a
i
l
:
 
y
i
n
i
n
g
.
w
a
n
g
@
u
t
d
a
l
l
a
s
.
e
d
u
Slide Note
Embed
Share

Explore the challenges of preserving privacy in dynamic personalized pricing algorithms for decision-making in business. The research focuses on nonparametric demand models and differential privacy to safeguard user data against various privacy attacks, addressing the growing concerns and the need for legislation to protect data privacy in the digital age.


Uploaded on Apr 05, 2024 | 3 Views


Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript


  1. Differential Privacy in Personalized Pricing with Nonparametric Demand Models XI CHEN LEONARD N. STERN SCHOOL OF BUSINESS, NEW YORK UNIVERSITY SENTAO MIAO DESAUTELS FACULTY OF MANAGEMENT, MCGILL UNIVERSITY YINING YINING WANG WANG NAVEEN JINDAL SCHOOL OF MANAGEMENT, UNIVERSITY OF TEXAS AT DALLA NAVEEN JINDAL SCHOOL OF MANAGEMENT, UNIVERSITY OF TEXAS AT DALLA S S Link: https://papers.ssrn.com/sol3/papers.cfm?abstract_id=3919807

  2. Personalized data-driven decision making Classical decision-making process: Estimation & Optimization Decision to each arriving customer User Data

  3. Classical decision-making process does not preserve privacy Black-box algorithm Estimation & Optimization Decision to each arriving customer User Data (sensitive historical data) Attacker pretends to be a customer Algorithm return a policy based on historical data Attacker infers historical data

  4. Various methods of privacy attack Model Inversion: use output of the algorithm to recover customer s data (i.e., input) (Fredrikson et. al. 2014) Recovered from model inversion attack (left) and the actual image (right) (Fredrikson et. al. 2015) Membership Inference: from the output to infer whether a specific person is in the dataset (Shokri et. al. 2017)

  5. Growing public concern about data privacy

  6. Legislation action to protect data privacy The focus of this research is to design privacy- preserving algorithms for decision making.

  7. This work designs privacy-preserving dynamic pricing algorithms Setting of this paper: Dynamic personalized pricing of single product with sequentially arriving customers. Demand is unknown a priori and nonparametric. Algorithms need to preserve privacy in a rigorously defined notion.

  8. Differential Privacy: rigorously defined notions of privacy-preserving criteria Intuitively, differential privacy (DP) guarantees that the attacker cannot notice the difference (with high probability) if any customer s data in the dataset is replaced by another. There are two types of DP: central DP (CDP) and local DP (LDP). CDP: attacker in any time is unlikely to infer data of any earlier customer LDP: even the platform can only use privatized data

  9. Differential Privacy: rigorously defined notions of privacy-preserving criteria Intuitively, differential privacy (DP) guarantees that the attacker cannot notice the difference (with high probability) if any customer s data in the dataset is replaced by another. There are two types of DP: central DP (CDP) and local DP (LDP). Today s presentation focuses on LDP. We have algorithm with CDP in our paper. CDP: attacker in any time is unlikely to infer data of any earlier customer LDP: even the platform can only use privatized data

  10. DP has been widely applied in the industry already

  11. Literature review Dynamic pricing and revenue management with demand learning. - For example, Chen et al. 2015, Qiang and Bayati 2016, Bernstein et al. 2019, Javanmard and Nazerzadeh 2019, Bastani and Bayati 2020, Cohen et al. 2020, Chen and Gallego 2021. Data privacy of algorithm and policy. - In computer science: Dwork et al. 2006, Chan et al. 2011, Dwork & Roth 2014, Mishra & Thakurta 2015, Ren et al. 2020, Zheng et al. 2020, Han et al. 2021. - In operations management: Xu 2018, Tsitsiklis et al. 2020, Hu et al. 2020, Xu et al. 2021, Lei et al. 2021, Chen et al. 2021

  12. Model setup and assumptions In a time horizon of length ?, each time period ? has one arriving customer with i.i.d. data ?? ?? to purchase a single product. The platform decides a price ??according to customer s data ??. Then demand ??is realized. The expected demand is written as ? ????,?? = ?(??,??) for some unknown nonparametric function ?(??,??). ? ? The platform aims to maximize the cumulative revenue: ?[ ?=1 which is equivalent to minimize the regret (revenue loss compared with the clairvoyant): ?(??,??)] = ?[ ?=1 ???(??,??)],

  13. Model setup and assumptions ?2 ?1 Technical assumptions: Data and decisions are all bounded. In particular, ?? [0,1]?. Revenue function ?(?,?) is Lipschitz continuous. ?4 Regularity condition of revenue function on hypercubes. ?3 ?? Space [0,1]? of data divided into hypercubes ?1,?2,

  14. Model setup and assumptions ?2 ?1 Regularity condition of revenue function on hypercubes: ??1? ? (?1) For any hypercube ?, let ??? ??[?(?,?)|? ?] be the average revenue function with data in hypercube ?. Also, let ? (?) be its optimal price. ??? is twice continuously differentiable and strongly concave. ? (?) is bounded in [inf? ?? ? ,sup? ?? (?)]. sup? ?? ? inf? ?? ? ?(sup?,? ?? ? 2). ?4 ?3 ??

  15. Model setup and assumptions ?2 ?1 Examples of such demand functions ??1? ? (?1) These technical assumptions are essentially the same as in Chen and Gallego 2021, and all motivating examples in Chen and Gallego 2021 satisfy these assumptions. Linear demand: ? ?,? = ?(? ? ??). ?4 ?3 ? Separable demand: ? ?,? = ?=1 are concave and ??(?) are positive. ??(?) ?(?) where ?(?) ??

  16. LDP in our setting: decision making based on privatized data In dynamic pricing algorithms without privacy guarantee, the platform determines price ?? based on the actual data {??= ??,??,??:? < ?}. In LDP setting, customers do not trust the platform, so only privatized data ?<?= (?1, ,?? 1) can be used. That is, we have Here ?? is a privatization mechanism, and ?? is the pricing algorithm.

  17. LDP in our setting: decision making based on privatized data Intuitive definition of LDP: for any time ?, two different data ??,?? will have the same privatized data ??with similar likelihood (parameterized by ?). Privatization mechanism ?? Pricing policy ?? with LDP guarantee

  18. LDP in our setting: decision making based on privatized data Privatization mechanism ?? Pricing policy ?? with LDP guarantee

  19. Our algorithm: the Locally-Private-Parallel- Quadrisection (LPPQ) Let us first introduce the idea of LPPQ without LDP. To further motivate our idea, let us consider single-product dynamic pricing withoutcustomer s data. Idea of quadrisection search: We have a set of 5 equally distanced prices ?1, ,?5. In each period, we iteratively charge each price. - For instance, in period 1, we charge price ?1; - In period 2, we charge price ?2; - . - In period 6, we charge price ?1; - We update ?1, ,?5whenever we are confident to get rid of one of these 5 prices, and update the new 5 prices in the shrinked price range. Using confidence interval argument, we update the quadrisection search whenever we are confident about either ? ?1) ?(?2) ?(?3 (left panel) or ? ?3) ?(?4) ?(?5 (right panel)

  20. Our algorithm: the Locally-Private-Parallel- Quadrisection (LPPQ) Let us first introduce the idea of LPPQ without LDP. Determine ?? in ??? and charge one of the 5 corresponding prices, and receive realized demand. ??,? = 1, ,? ?? Do quadrisection search update for all hypercubes ??.

  21. Our algorithm: the Locally-Private-Parallel- Quadrisection (LPPQ) Potential data leakage: estimated average revenue for each ???. Cumulative revenue for each ???. Number of times we charge ???. Our idea: we track cumulative revenue by ??,?(?) and the number of times ?? falls into ?? using a tracker ??. In particular, if in time t, price with index ?? is charged, we update ??,??? = ??,??? 1 + 1 ? = ??????+ ??,? where ??,? is an independent Laplace distribution with parameter 2/?. ??,?(?)= ??,?(? 1) for ? ??. Then for each ? = 1, ,5, we compute ???=??,?? ??,?(??) where ?? is the last time when hypercube j updates the quadrisection search. ??= ? ??. Then the estimated revenue for each ??? can be computed as ???/(5??/?), where 5??/? can be considered as the expected number of time ??? is charged.

  22. Our algorithm: the Locally-Private-Parallel- Quadrisection (LPPQ) Decide the hypercube of ?? and iteratively charge one of the five prices.

  23. Our algorithm: the Locally-Private-Parallel- Quadrisection (LPPQ) Privatize sensitive data.

  24. Our algorithm: the Locally-Private-Parallel- Quadrisection (LPPQ) Quadrisection search update for each hypercube using privatized data based on confidence interval argument.

  25. Proposition: our algorithm LPPQ is ?-LDP Proof: Let us define ???= 1 ? = ??????+ ??,? and ??= (???:? [?]). Notice that when we decide price in time t, besides ??, we only need to use the privatized information ?<?, which means our pricing policy is valid. What we need to check is that the density function of privatization mechanism satisfies the ?-LDP definition. To this end, we note that ??????? ?? ?? ??? 1= ?(1) where ???????, ?? ?? ??? are two sets of unprivatized data. Therefore, as long as we show that any perturbation of unprivatized data is bounded by constant, we can apply standard DP argument (see e.g., Dwork & Roth 2014) to prove that Laplace mechanism with parameter O(1/?) satisfies ?-LDP.

  26. LPPQ achieves near-optimal regret Theorem (regret upper bound): By taking ? = (? ?)?/(?+2), the regret of LPPQ is bounded above by ?(? 2/(?+2)?(?+1)/(?+2)). Remark: Compared with the regret upper bound without privacy guarantee ?(?(?+2)/(?+4)) derived in Chen and Gallego 2021, our regret is slightly worse in time T. However, we note that this is due to the nature of LDP instead of the design of our algorithm, as we have the following theorem regarding regret lower bound. ? 2+1ln(?/?)), for any algorithm with ?-LDP, there exists Theorem (regret lower bound): Let ? = (? 1? some problem instance satisfying all the assumptions such that the regret is at least ? 2/(?+2)?(?+1)/(?+2)/?7/3.

  27. Idea of proving regret upper bound Consider the regret when ?? falls into hypercube ??. Let ? denote one epoch of time periods between two quadrisection updates, ??? denote set of time in ?, and ??? = |??? |. We are able to show that approximation error ? ? (?+2)/?? ??? estimation error ? ? 1? ??? Summing over all ? and J, the regret is at most ? ? 2/?? + ? 1? ? = ?(? 2/(?+2)?(?+1)/(?+2)) by taking ? = (? ?)?/(?+2).

  28. Numerical Experiments For illustration, we test linear demand ? ?,? = ?0+ ?1?1+ ?2?2+ ?3? where ? = (0.4,0.6,0.6, 0.2) and demand error is uniform in [-0.1,0.1]. The slope is around 0.75 =?+1 ?+2.

  29. Summary of todays talk We studied a dynamic personalized pricing of single product with privacy guarantee. We focus on the so-called local differential privacy (LDP), in which customers do not trust firms to collect their data. An algorithm named LPPQ is developed which guarantees LDP. It is based on the idea of segmenting the data space into hypercubes and applying quadrisection search on each hypercube. The regret of LPPQ is ?(? 2/(?+2)?(?+1)/(?+2)), which almost matches with a theoretical lower bound ? 2/(?+2)?(?+1)/(?+2)/?7/3. The performance of LPPQ is also verified via numerical experiments.

  30. Thank you! Thank you! Comments and questions? Comments and questions? Email: Email: yining.wang@utdallas.edu yining.wang@utdallas.edu

More Related Content

giItT1WQy@!-/#giItT1WQy@!-/#giItT1WQy@!-/#giItT1WQy@!-/#giItT1WQy@!-/#giItT1WQy@!-/#giItT1WQy@!-/#