Privacy enhancing profile disclosure

To offer personalized services on the web and on mobile devices, service providers want to have as much information about their users as possible. In the ideal case, the user controls how much of this information is revealed during a transaction. This is a tradeoff between privacy and personalization: if the disclosed profile is too complex, it may become a pseudonym for the user, making it possible to recognize the user at a later time and link different revealed profile parts into one comprehensive profile of the individual. This paper introduces a model for profiles and analyzes it with the methods of probability theory: how much information is revealed and what is the the user's probability of staying anonymous. The paper examines how likely it is that a provider can link different disclosed profiles and recommends algorithms to avoid a possible privacy compromise.