Trajectory data collection is a common task with many applications in our daily lives. Analyzing trajectory data enables service providers to enhance their services, which ultimately benefits users. However, directly collecting trajectory data may give rise to privacy-related issues that cannot be ignored. Local differential privacy (LDP), as the de facto privacy protection standard in a decentralized setting, enables users to perturb their trajectories locally and provides a provable privacy guarantee. Existing approaches to private trajectory data collection in a local setting typically use relaxed versions of LDP, which cannot provide a strict privacy guarantee, or require some external knowledge that is impractical to obtain and update in a timely manner. To tackle these problems, we propose a novel trajectory perturbation mechanism that relies solely on an underlying location set and satisfies pure $\epsilon$-LDP to provide a stringent privacy guarantee. In the proposed mechanism, each point's adjacent direction information in the trajectory is used in its perturbation process. Such information serves as an effective clue to connect neighboring points and can be used to restrict the possible region of a perturbed point in order to enhance utility. To the best of our knowledge, our study is the first to use direction information for trajectory perturbation under LDP. Furthermore, based on this mechanism, we present an anchor-based method that adaptively restricts the region of each perturbed trajectory, thereby significantly boosting performance without violating the privacy constraint. Extensive experiments on both real-world and synthetic datasets demonstrate the effectiveness of the proposed mechanisms.

翻译：轨迹数据收集是日常生活中的常见任务，具有众多应用。分析轨迹数据使服务提供商能够优化服务，最终惠及用户。然而，直接收集轨迹数据可能引发不可忽视的隐私问题。本地化差分隐私作为去中心化场景下事实上的隐私保护标准，允许用户对本地轨迹进行扰动，并提供可证明的隐私保障。现有本地化场景中的隐私保护轨迹数据收集方法通常采用LDP的宽松变体，无法提供严格的隐私保证，或需要依赖某些不切实际且难以实时更新的外部知识。为解决这些问题，我们提出了一种新型轨迹扰动机制，该机制仅依赖底层位置集合，并满足纯$\epsilon$-LDP以提供严格的隐私保障。在所提机制中，轨迹中每个点的邻接方向信息被用于扰动过程。此类信息可作为连接相邻点的有效线索，并用于限制扰动点的可能区域以提升可用性。据我们所知，本研究首次在LDP下利用方向信息进行轨迹扰动。此外，基于该机制，我们提出了一种锚定自适应方法，通过限制每条扰动轨迹的区域范围，在不违反隐私约束的前提下显著提升性能。在真实和合成数据集上的大量实验验证了所提机制的有效性。