Trajectory data collection is a common task with many applications in our daily lives. Analyzing trajectory data enables service providers to enhance their services, which ultimately benefits users. However, directly collecting trajectory data may give rise to privacy-related issues that cannot be ignored. Local differential privacy (LDP), as the de facto privacy protection standard in a decentralized setting, enables users to perturb their trajectories locally and provides a provable privacy guarantee. Existing approaches to private trajectory data collection in a local setting typically use relaxed versions of LDP, which cannot provide a strict privacy guarantee, or require some external knowledge that is impractical to obtain and update in a timely manner. To tackle these problems, we propose a novel trajectory perturbation mechanism that relies solely on an underlying location set and satisfies pure $\epsilon$-LDP to provide a stringent privacy guarantee. In the proposed mechanism, each point's adjacent direction information in the trajectory is used in its perturbation process. Such information serves as an effective clue to connect neighboring points and can be used to restrict the possible region of a perturbed point in order to enhance utility. To the best of our knowledge, our study is the first to use direction information for trajectory perturbation under LDP. Furthermore, based on this mechanism, we present an anchor-based method that adaptively restricts the region of each perturbed trajectory, thereby significantly boosting performance without violating the privacy constraint. Extensive experiments on both real-world and synthetic datasets demonstrate the effectiveness of the proposed mechanisms.

翻译：轨迹数据收集是一项常见任务，在我们的日常生活中具有许多应用。分析轨迹数据能使服务提供商优化其服务，最终惠及用户。然而，直接收集轨迹数据可能会引发不可忽视的隐私问题。局部差分隐私作为去中心化场景下事实上的隐私保护标准，允许用户在本地扰动其轨迹，并提供可证明的隐私保障。现有的局部场景下私有轨迹数据收集方法通常采用宽松版本的LDP，无法提供严格的隐私保证，或者需要依赖某些难以获取及及时更新的外部知识。为解决这些问题，我们提出了一种新型轨迹扰动机制，该机制仅依赖底层位置集合，并满足纯$\epsilon$-LDP，以提供严格的隐私保证。在所提机制中，轨迹中每个点的相邻方向信息被用于其扰动过程。此类信息可作为连接相邻点的有效线索，并用于限制扰动点的可能区域，从而提升效用。据我们所知，本研究是首个在LDP下利用方向信息进行轨迹扰动的工作。此外，基于该机制，我们提出了一种自适应限制每条扰动轨迹区域的方法，在不违反隐私约束的前提下显著提升性能。在真实数据集和合成数据集上的大量实验证明了所提机制的有效性。