Collusion Resistant Multi-Matrix Masking for Privacy-Preserving Data Collection.

An integral part of any social or medical research is the availability of reliable data. For the integrity of participants' responses, a secure environment for collecting sensitive data is required. This paper introduces a novel privacy-preserving data collection method: (CRM). The CRM method requires multiple masking service providers (MSP), each generating its own random masking matrices. The key step is that each participant's data is randomly decomposed into the sum of component vectors, and each component vector is sent to the MSPs for masking in a different order. The CRM method publicly releases two sets of masked data: one being right multiplied by random invertible matrices and the other being left multiplied by random orthogonal matrices. Both MSPs and the released data may be hosted on cloud platforms. Our data collection and release procedure is designed so that MSPs and the data collector are not able to derive the original participants' data hence providing strong privacy protection. However, statistical inference on parameters of interest will produce exactly the same results from the masked data as from the original data, under commonly used statistical methods such as general linear model, contingency table analysis, logistic regression, and Cox proportional hazard regression.