Protection Location Set (PLS)

Updated 3 December 2025

Protection Location Set (PLS) is a subset of locations constructed to ensure a minimum adversarial inference-error while minimizing utility loss.
Algorithms like 1D Hilbert scans and QK-means clustering optimize PLS by minimizing diameter and satisfying distortion thresholds under differential privacy.
Integrating PLS into privacy mechanisms guarantees geo-indistinguishability and supports applications in location-based services, trajectory privacy, and wireless sensor networks.

A Protection Location Set (PLS) is a foundational privacy structure designed for location privacy mechanisms, particularly those simultaneously enforcing geo-indistinguishability and distortion (inference-error) privacy. The PLS concept arises in frameworks such as DPIVE, PIVE, and their recent corrections and generalizations, and appears in location/trajectory privacy mechanisms, location-based services, and source location anonymity in wireless sensor networks. A PLS is typically a subset of the finite location universe, constructed so that (i) it is sufficiently large to force worst-case adversarial inference error above a user-prescribed threshold, and (ii) sufficiently small to limit utility loss (distortion) induced by the required differential privacy budget. The precise choice of PLS impacts privacy guarantees, utility, computational cost, and mechanism design.

1. Formal Definition and Mathematical Properties

Let $\mathcal{X}$ denote the finite universe of possible discrete locations, with a metric $d(\cdot,\cdot)$ (often Euclidean), and let $\pi$ be a prior over $\mathcal{X}$ . Given two privacy parameters, the differential privacy (DP) budget $\epsilon > 0$ and a minimum required expected inference error $E_m > 0$ , a Protection Location Set $\Phi \subseteq \mathcal{X}$ satisfies:

Diameter (Utility Sensitivity):

$\operatorname{diam}(\Phi) = \max_{x,y\in\Phi} d(x,y)$

Used as the global sensitivity $\Delta u$ for the exponential mechanism confined to $\Phi$ .

Inference-Error Lower Bound:

$E'(\Phi) = \min_{\hat{x}\in \mathcal{X}} \sum_{x \in \Phi} \frac{\pi(x)}{\sum_{y\in \Phi}\pi(y)} d(\hat{x}, x)$

The sufficient condition for $E'(\Phi)$ is:

$E'(\Phi)\; \ge\; e^{\epsilon} E_m$

This ensures, by adversary analysis, that after any release supported on $\Phi$ , the expected inference error remains at least $E_m$ (Zhang et al., 2021, Min et al., 26 Nov 2025, Shun et al., 2021).

Geo-indistinguishability (DP) Within PLS:

For any $x,y \in \Phi$ and output $x'$ , the exponential mechanism ensures:

$\frac{f(x'|x)}{f(x'|y)} \le \exp(\epsilon \cdot d(x, y)/\operatorname{diam}(\Phi))$

PLS may be constructed adaptively (per user or per time $t$ ), or as a partition of $\mathcal{X}$ into disjoint subsets, each satisfying the above.

2. Algorithmic Construction Methodologies

PLS construction is fundamentally an optimization for a minimal-diameter set that meets an expected error bound. Algorithmic designs are domain-adapted:

1D Hilbert-Curve Scan Approach (Zhang et al., 2021, Cao et al., 20 Jan 2024, Min et al., 26 Nov 2025):

Map all locations to a 1D Hilbert curve index.
For each candidate seed, grow a window left/right, collecting consecutive points until $E'(\Phi) \ge e^\epsilon E_m$ .
Record and select the minimal-diameter set.

Four rotated scans in 2D grids are used to mitigate directional bias. Complexity is $O(n \log n)$ due to sorting and local scanning. This method exploits spatial locality.

QK-means Clustering (Zhang et al., 2021):

For higher spatial fidelity, $k$ -means-like clustering is used; clusters grow until the $E'(\Phi) \ge e^\epsilon E_m$ constraint is met. Iterative centroid assignment and merging minimize the weighted average diameter.

Road-network and 3D Variants (Min et al., 27 Nov 2025):

Construction is as above, but with network distances or full 3D spatial distances, possibly using 3D Hilbert orderings for efficient subset enumeration.

Wireless Sensor Networks (Chen et al., 2021):

PLS is generated by random selection of phantoms in angular sectors around the source, with an explicit algorithm balancing load and anonymity.

3. PLS-Based Mechanism Integration

Once a PLS $\Phi$ is constructed for a true location $x$ (or, in partition-based frameworks, for all $x \in \Phi$ ), it controls the privacy mechanism:

A row of the obfuscation mechanism (typically the exponential mechanism) is assigned sensitivity $\operatorname{diam}(\Phi)$ :

$f(x'|x) \propto \exp\left(-\frac{\epsilon\, d(x, x')}{2\, \operatorname{diam}(\Phi)}\right)$

Where $x$ is the user's true location and $x'$ the released location (Zhang et al., 2021, Min et al., 26 Nov 2025, Shun et al., 2021).

In mechanisms supporting personalized privacy budgets ( $\epsilon_x$ ), the budget for a block $\Phi$ is $\min_{x \in \Phi} \epsilon_x$ .
In dynamic or personalized contexts, PLS determines support for the next release in composition, while auxiliary algorithms (e.g., Permute-and-Flip) leverage the PLS for privacy-utility trade-off (Min et al., 27 Nov 2025).
In wireless sensor network (WSN) applications, the PLS forms the set of candidate phantom nodes that decouple source location from observable data paths (Chen et al., 2021).

4. Theoretical Guarantees and Issues

The PLS provides simultaneous guarantees:

Geo-Indistinguishability: Within each PLS, for any pair $x, y \in \Phi$ , the reporting mechanism is $\epsilon$ -differentially private. In the partitioned (disjoint) setting, each block $\Phi_k$ enjoys its own sensitivity, yielding full $\epsilon$ -DP within-block; across PLSs, only a weaker global bound generally holds (Zhang et al., 2021, Shun et al., 2021).
Expected Inference Error: For any released location $x'$ , the adversary's optimal expected inference error is bounded below by $E_m$ , provided $E'(\Phi) \ge e^\epsilon E_m$ (Zhang et al., 2021, Min et al., 26 Nov 2025). In composition, this extends over sequences (trajectory privacy).

Critiques and Corrections:

The original adaptive PIVE scheme failed to provide full DP guarantees due to overlapping PLSs with mismatched sensitivities. This technical flaw led to the development of strictly partitioned (disjoint, per-block) PLS constructions and/or uniform-sensitivity approaches—ensuring all rows (true locations) in a block share the same sensitivity required for valid DP proofs (Shun et al., 2021). Uniform-sensitivity sacrifices utility for simplicity, while block partitioning achieves a better balance.

5. Parameter Dependence and Utility Trade-offs

The properties of the PLS—and thus the privacy-utility trade-off—depend explicitly on:

Privacy Budget $\epsilon$ : Higher $\epsilon$ (weaker privacy) forces the $E'(\Phi) \ge e^\epsilon E_m$ threshold higher, growing PLS size/diameter (more utility loss).
Distortion/Error Bound $E_m$ : Higher $E_m$ leads to larger PLS.
Prior $\pi$ and Topology: Highly skewed priors or sparse regions result in larger PLS sizes for isolated points, with topological features (e.g., urban grid vs. road network) further impacting diameter.
Personalized Allocation: Mechanisms such as PPBA adjust $\epsilon$ or $E_m$ locally per region, user preference, or semantic sensitivity, with the PLS construction adapting accordingly (Min et al., 26 Nov 2025, Min et al., 27 Nov 2025).

Empirical results indicate that tighter PLS partitioning (e.g., 2D QK-means vs. 1D Hilbert scan) can reduce mean PLS diameter (and thus utility loss) by up to $35.5\%$ in representative datasets (Zhang et al., 2021).

6. Applications and Empirical Studies

PLSs are central across several settings:

Location and Trajectory Privacy: DPIVE and successor schemes use PLS to enforce guarantees on each location or time-step, enabling customizable privacy-utility trade-offs for LBS, spatial crowdsourcing, and trajectory protection (Zhang et al., 2021, Min et al., 26 Nov 2025, Min et al., 27 Nov 2025).
Source Location Privacy in WSNs: In PSSPR, sector-based PLS reduces the adversary’s probability of backtracking, yielding strong anonymity with lower communication overhead compared to previous arc- or ring-based phantom routing (Chen et al., 2021).
Empirical Outcomes: Tighter PLS selection suppresses outlier leakage (adversarial success rates $< 20\%$ vs. $100\%$ in prior schemes for isolated points), saves up to $15.8\%$ in expected reporting distortion, and improves spatial crowdsourcing efficiency by $2$– $7\%$ (Zhang et al., 2021).
Trajectory Privacy: PLSs constructed using spatiotemporal priors and temporal correlations further improve privacy over static schemes, as shown in personalized differential privacy under temporal correlations (Cao et al., 20 Jan 2024).

7. Summary Table: PLS Implementations in Recent Research

Framework / Domain	PLS Construction	Guarantees
DPIVE (Zhang et al., 2021)	Partition (Hilbert/QK-means)	$\epsilon$ -DP/expected error
PIVE (Shun et al., 2021)	Adaptive (per point, flawed)	Partial, fails for overlap
PSSPR (Chen et al., 2021)	Sectors + reflection	Source anonymity
PTPPM (Min et al., 26 Nov 2025, Min et al., 27 Nov 2025)	Minimum-diameter (road/3D)	Trajectory privacy, PF mech.

All frameworks construct the PLS as a minimal-diameter set meeting a distortion/inference error threshold tied exponentially to the DP budget, use the PLS to set the sensitivity of the privatization mechanism, and rely on within-PLS DP guarantees. Key differences center on implementation details (global vs. partitioned vs. adaptive PLSs), domain topology, and personalized privacy allocation.

References

DPIVE: "DPIVE: A Regionalized Location Obfuscation Scheme with Personalized Privacy Levels" (Zhang et al., 2021)
Differential privacy critique and corrections: "On the differential privacy of dynamic location obfuscation with personalized error bounds" (Shun et al., 2021)
Road/trajectory privacy: "Road Network-Aware Personalized Trajectory Protection with Differential Privacy under Spatiotemporal Correlations" (Min et al., 26 Nov 2025); "Personalized 3D Spatiotemporal Trajectory Privacy Protection with Differential and Distortion Geo-Perturbation" (Min et al., 27 Nov 2025)
WSNs: "PSSPR: A Source Location Privacy Protection Scheme Based on Sector Phantom Routing in WSNs" (Chen et al., 2021)
Personalized trajectory with temporal correlation: "Protecting Personalized Trajectory with Differential Privacy under Temporal Correlations" (Cao et al., 20 Jan 2024)