Determining the Robustness of Privacy Enhancing DeID Against the ReID Adversary: An Experimental Study

Abstract

Prior research literature shows that there has been considerable work done in the last decade in the area of image de-identification (DeID) for privacy protection. With the advances made in privacy enhancing image DeID techniques, there have been research studies on different DeID performance evaluation approaches for determining the effectiveness of these methods. Existing approaches for evaluating DeID methods can be classified into three separate categories - analysis of privacy versus utility, analysis of viewer experience-based user studies, and analysis of robustness against adversarial attacks. However, none of these categorized approaches have utilized person re-identification (ReID) for evaluating DeID. Additionally, there are no previous research studies that have analyzed the threat of ReID to DeID. In this paper, we present a unique experimental case study that demonstrates how ReID can be used successfully for evaluating the efficacy of DeID techniques, and how, in the process, we can assess the threat of ReID to DeID. We describe a novel approach, in which a selected ReID algorithm is pitted against multiple DeID techniques to test the robustness of these DeID methods, and to determine if ReID can pose a threat to DeID as an adversary. Through this approach, we compare the DeID performances based upon how effectively they can deter successful ReID in the privacy enhanced versions of the ReID image dataset. Our preliminary results show how we can potentially evaluate DeID and compare DeID performances by analyzing the extents to which they are able to successfully resist re-identification i.e., by studying the impact of DeID on the ReID performances.