Abstract
The collection of finegrained consumptions of users in the smart grid enables energy suppliers and grid operators to propose new services (e.g., consumption forecasts and demandresponse protocols) allowing to improve the efficiency and reliability of the grid. These services require the knowledge of aggregate consumption of users. However, an aggregate can be vulnerable to reidentification attacks which allow revealing the users’ individual consumption. Revealing an aggregate data is a key privacy concern. This paper focuses on publishing an aggregate of timeseries data such as finegrained consumptions, without indirectly disclosing individual consumptions. We propose novel algorithms which guarantee differential privacy, based on the discrete Fourier transform and the discrete wavelet transform. Experimental results using real data from the Irish Commission for Regulation of Utilities (CRU) demonstrate that our algorithms achieve better utility than previously proposed algorithms.
1. Introduction
A smart city is a designation given to a city that incorporates information and communication technologies to enhance the quality and performance of urban services such as energy, transportation, and utilities in order to reduce resource consumption, wastage, and overall costs. The overarching aim of a smart city is to enhance the quality of living for its citizens through smart technology [1–3].
The smart grid is an important part of the smart city. Indeed, the smart grid allows greater penetration of highly variable renewable energy sources such as solar and wind power in the smart city.
The smart grid modernizes the traditional electricity grid by establishing a communication infrastructure in parallel to the energy delivery network. This infrastructure is used by the grid operators and suppliers to remotely collect finegrained consumptions from household smart meters and to provide new energy services such as consumption forecasts or demandresponse. These services are suitable for improving the efficiency and reliability of the grid, saving energy and, more generally, for optimizing energy usage. In particular, forecasting enables the supplier to predict future consumptions based on past aggregate data in order to improve the grid and retail operations and enhance energy trading [4], while demandresponse (DR) aims to shift the users’ consumption from peak to offpeak periods in order to avoid consumption peaks in the smart city.
However, aggregates are vulnerable to reidentification attacks, such as set difference attacks [5] in which two aggregates that differ by a single consumer allow learning this individual consumption. Since the individual consumption data collected by smart meters reflect the use of all electric appliances by inhabitants in a household over time and enable to deduce the behaviors, activities, age, or preferences of the inhabitants [6–11], revealing an aggregate is a key privacy concern.
Differential privacy (DP) [12] allows publishing an aggregate data while guaranteeing that an attacker does not learn any individual inputs from the aggregate. However, the noise added by DP often leads to a loss of utility. Moreover, publishing timeseries data such as users’ consumption, which are correlated, by using DP, results in more noise added than publishing a single aggregate for the same privacy guarantee. Thus, disclosing timeseries data leads to more loss of utility. Utility can be improved by increasing the size of the aggregate. Eibl and Engel [13] showed that for realworld smart metering, the aggregation group size must be of the order of thousands of smart meters in order to have reasonable utility. This paper shows how to obtain good utility with a group size smaller than 600. We obtain a mean relative error lower than between the original data and the published one, which is considered practically suitable by energy experts for consumption forecasts.
The Laplace mechanism [14] is a popular mechanism to enable DP, by adding independent and identically distributed (IID) Laplace noise to each component of the timeseries. However, adding IID noise for correlated timeseries is not appropriate. In fact, an adversary can use refinement methods, such as filtering, to sanitize the IID noise and improve the probability of disclosing individual data [15, 16].
This paper focuses on disclosing an aggregate of users’ consumption data without learning individual data and proposes methods with improved utility. We summarize our contributions as follows: (i)We revisit the Fourier perturbation algorithm (FPA) [17] in order to correct some mistakes leading to poor users’ privacy protection. We show that, in order to ensure the desired budget of privacy , a factor must be added to the noise, where is the size of the timeseries. However, this reduces the utility of FPA.(ii)We propose the “clamping Fourier perturbation algorithm (CFPA)” using the clamping mechanism proposed in [18], for reducing the sensitivity, and thus the noise introduced in FPA. This new algorithm is an improvement of the Fourier perturbation algorithm (FPA). Experimental results show a utility improvement by a factor more than 6.(iii)We also propose the “clamping wavelet perturbation algorithm” (CWPA), a similar adaptation of wavelet perturbation algorithm (WPA) [19], with a utility improvement by a factor 2.(iv)We compare FPA, CFPA, WPA, and CWPA by analyzing their relative errors on a real dataset, and we explain why CFPA obtains the best utility.
The remainder of this paper is structured as follows. Section 2 provides an overview of the literature, while Section 3 presents preliminaries. Section 4 correctly computes the sensitivity of DFT in order to make FPA differentially private. Section 5 details our privacypreserving publication techniques using clamping mechanism, DFT, and DWT. Section 6 reports our experimental results. Section 7 concludes the paper.
Table 1 lists the acronyms used in this paper.
2. Related Work
Demandresponse protocols [20–23], and secure aggregation protocols [24–30] aim to protect the privacy of users while supporting energy services such as demandresponse, smart metering, billing, or forecasting.
In this paper, we investigate tools enabling forecasting and demandresponse. In particular, we are interested in publishing an aggregate of individual consumptions, while preserving privacy.
Differential privacy (DP), introduced by Dwork in 2006, guarantees that the publication of an aggregate does not indirectly reveal the individual data [12]. Moreover, DP guarantees that two aggregates that differ by a single consumer are almost indistinguishable. DP has evolved overtime [31] and was adopted by organizations such as the US Census Bureau [32], Google [33], Apple [34], and Microsoft [35]. The Laplace mechanism [14] is a popular mechanism that allows guaranteeing DP by adding a noise drawn from the Laplace distribution to the aggregate.
The Laplace mechanism takes as input two parameters: the privacy budget and the sensitivity of the function to publish (in our case, the sum of users’ consumption). Smaller values of lead to a better protection, but add a bigger noise to the aggregate.
Utility can be improved by increasing the size of the aggregate in order that the effect of noise is small enough that the result can be utilized. Eibl and Engel [13] showed that for realworld smart metering, the aggregation group size must be of the order of thousand smart meters in order to have reasonable utility. This paper shows how to obtain good utility with a group size smaller than a thousand.
DP is typically applied to static data, i.e., to a single query. In this paper, we consider timeseries consumption, which is equivalent to multiple queries on correlated data. Applying the Laplace mechanism independently to each data point of the timeseries is not appropriate. Indeed, an adversary can use refinement methods, such as filtering, to sanitize the Laplace noise and improve the probability disclosing individual data [15, 16]. Thus, the data points of the timeseries are correlated. The composition theorem [14] states that the privacy budget of correlated queries adds up, i.e., setting the privacy budget for a single query to , the privacy budget of single queries (corresponding to a day profile with a time interval of 30 min) is . In order to guarantee a global privacy budget of , one solution is to set the privacy budget of each query to . Of course, this leads to more noise in the aggregate and a loss of utility.
One method to guarantee DP for correlated timeseries data publishing consists in transforming the original correlated timeseries into another representation while maintaining its major characteristics before adding the Laplace noise. Rastogi and Nath [17] proposed the Fourier perturbation algorithm (FPA) that combines discrete Fourier transform (DFT) with DP to support timeseries of count queries while not disclosing any individual data and ensuring good utility. We note that the sensitivity of count queries is 1, and the global sensitivity is for a timeseries of length . Ács et al. [36] proposed an optimization of the FPA allowing to release histograms, where the global sensitivity is 1. They show through experimental evaluation that their scheme improves the utility of the initial FPA by a factor 10. Lyu et al. [19] applied FPA to timeseries consumptions and proposed wavelet perturbation algorithm (WPA) by replacing DFT by discrete wavelet transform (DWT). The authors show through experimental results that WPA ensures better utility than FPA.
We apply these approaches to timeseries of consumption data and refine them by reducing the sensitivity of the queries in order to reduce the relative error of the final result.
3. Preliminaries
3.1. System and Threat Model
The entities involved in this paper are as follows:(i)Trustworthy homes, which smart meter (SM) enables to collect their true individual timeseries consumption.(ii)A honest aggregator, which collects users’ individual consumption, and which publishes an aggregate timeseries consumption of users to a forecaster in a privacypreserving way for the forecaster not to be able to deduce any individual consumption of users.(iii)A forecaster, which predicts future consumptions based on the aggregate consumption received in order to improve the grid and retail operations and enhance energy trading. The forecaster is considered honestbutcurious as it provides appropriate forecasts, but it may attempt to infer the users’ individual consumption from the aggregate in order to deduce the behaviors, activities, age, or preferences of the inhabitants.
Figure 1 depicts the system model. In a real scenario, the aggregator can be an energy distributor, and the forecaster can be a municipality that seeks to find out the total consumption of the inhabitants of the municipality.
Considering the case where the aggregator and the forecaster belong to two entities of the same energy provider, the publication of aggregate users’ consumption to forecasters in a privacypreserving way reduces the risk of disclosing users’ individual consumption. Moreover, this avoids the need for forecasters to ask for explicit consent from customers in accordance with the GDPR [37] to process their personal data.
Let be the number of smart meters (SMs) in a district. Let be the timeseries of energy consumptions collected by SM , where is the consumption at time slot () collected by SM (), with being the time period considered. Each timeseries consumption is sent to an aggregator who computes the following aggregate:
To reveal to a forecaster without indirectly disclosing individual consumptions (), the aggregator can use differential privacy (DP).
3.2. Differential Privacy
Differential privacy is a framework introduced by Dwork allowing quantifying the privacy guarantees of a request on a database [38]. This request can be the publication of a database, or a more precise one, such as “what is the sum of energy consumptions of users in this database?”.
A request on databases is said to be differentially private if this request makes two similar databases indistinguishable from looking only at the output of the request. Differential privacy relies on a parameter, noted , called the privacy budget. The formal definition of a differentially private algorithm is given as follows.
Definition 1 (differentially private). A request is differentially private if and only if for all databases differing by at most one record, and for all subsets ,
This definition can be applied not only to requests on databases but also to any function, by considering the domain of the function as a database format.
Dwork also proposes the Laplace mechanism, which allows making any (vectors of) realvalued function differentially private [38]. This mechanism relies on the notion of sensitivity of a function, which represents how a single record of the database can influence the output of the function.
Definition 2 (sensitivity). Let be a function; the sensitivity of is
This sensitivity is also called sensitivity due to the norm used in its definition and is denoted by . Similarly, the sensitivity used later and denoted by is computed using the norm (the norm and the norm of a vector are respectively equal to and ).
The Laplace mechanism consists of adding a random value to the original result of the query, where the random value follows the Laplace distribution, where the parameter depends on the chosen and on the sensitivity of the function, as follows.
Theorem 1 (Laplacian mechanism). For all functions , the algorithm is differentially private, where is the distribution of Laplace and is the sensitivity of .
DP introduces noise in order to guarantee privacy. This noise can decrease the utility of the function. We quantify this loss using mean relative estimation error (MRE), defined as follows.
Definition 3 (mean relative estimation error). The mean relative estimation error (MRE) between two vectors and of size is 2 (we add 1 to the denominator in order to avoid dividing by zero. This definition is also used in [27]).
Consider the aggregate defined in (1). Let be the maximum consumption in the domain. One naive solution to publish without revealing any individual consumption is to use the Laplace mechanism to add independent Laplace noise to each component of and to release the results: , where the sensitivity of the sum of timeseries consumption is . However, this simple approach leads to excessive noise rendering the aggregate useless [13].
Example 1. Figures 2(a) and 2(b), respectively, show the aggregated consumption of 250 homes from December 30^{th}, 2009, to January 5^{th}, 2010, taken from the CER dataset [39], and its noisy version using the naively applied Laplace mechanism, with per day. Figure 2(a) shows two consumption peaks at 12 am and 6 pm which respectively correspond to lunch and dinner time. We also observe that in the night (from 12 pm to 6 am) the consumption decreases. Figure 2(b) shows that the noisy version is completely different from the original aggregate (Figure 2(a)). In this example, the MRE between the aggregate consumption and the noisy version is , which is not usable. Moreover, the noisy version has inconsistent values such as negative consumptions.
(a)
(b)
Rastogi and Nath [17] introduce the Fourier perturbation algorithm (FPA) and show that is an effective tool for reducing the noise introduced by the Laplace mechanism for timeseries. Section 3.3 presents the FPA. However, there are some mistakes in this version relying on the estimation of the FPA sensitivity. These mistakes are presented in Section 4, along with the corrected FPA.
Table 2 lists the symbols used in the rest of the paper.
3.3. Fourier Perturbation Algorithm
The Fourier perturbation algorithm (FPA) presented in [17, 19, 36] takes as input a timeseries and an integer and returns the noisy timeseries , as shown in Algorithm 1.

Rastogi and Nath [17] show that FPA is differentially private. However, there are some mistakes in their proof of Theorem 4.1 of [17] which justified that FPA is differentially private. These mistakes rely on the estimation of the FPA sensitivity and are presented in Section 4.
3.4. Wavelet Perturbation Algorithm
By replacing the DFT with the discrete Haar wavelet transform (DWT), Lyu et al. [19] proposed the wavelet perturbation algorithm (WPA) and showed that WPA guarantees better utility than DFT. Algorithm 2 describes WPA.
Figure 3 shows the same aggregated consumption presented in Example 1 and its noisy version using WPA (Algorithm 2) with Haar wavelet, per day and . In Figure 3, the MRE is however higher than (). In the noisy aggregate, the first peak of the morning is masked and the peak of the evening is truncated, as well as the trough of the night.

Theorem 2. Wavelet perturbation algorithm (WPA) is differentially private.
Proof. DWT is orthonormal [40], i.e., has the same norm as , that is, . Furthermore, (because DWT coefficients of are set to 0). With the inequality of norm, . Then, . Thus, the noise introduced in Step 3 is justified and WPA guarantees differential privacy.
4. Correctly Estimating the Sensitivity of FPA
In [17], authors show that FPA, as described in Section 3, guarantees differential privacy. The authors estimated the sensitivity of DFT to be , while it should be , with being the size of the timeseries and being the maximum consumption in the domain. Thus, for a given privacy budget , the utility of FPA is worse than presented in [17].
This section correctly computes the sensitivity of DFT, which allows to make render FPA differential private. Before that we recall the definition of DFT.
4.1. Discrete Fourier Transform (DFT)
Let be a timeseries. DFT takes as input and returns a timeseries of complex numbers such thatwhere . The inverse of the DFT is computed as follows:
This version of the DFT is normalized, that is, .
DFT can be defined in other ways, for instance, the , present in both the DFT and the inverse definitions above, can be replaced by a factor 1 in the DFT and in the inverse DFT. In that case, the DFT is not normalized.
In [17, 19, 36], the authors use the latter version of DFT, which is not normalized. However, the sensitivity computation relies on the equality , while it should be . Thus, the correct total privacy budget is instead of . This is the first mistake in this approach and can be resolved by using the normalized DFT.
Another error lies in the fact that the Laplacian mechanism is only applied to the real part of the Fourier coefficients, which are complex numbers. This mistake can be resolved by applying the Laplace mechanism to both real and imaginary parts of the Fourier coefficients.
The following section computes the sensitivity of the DFT, and thus of FPA, and takes into account those two errors.
4.2. Sensitivity of the DFT
Let be the function which takes a timeseries as input and returns the first DFT coefficients of . This function can be seen as a , the function which returns the real and imaginary parts of the first Fourier coefficients. This function is a realvalued function, we can thus use the Laplace mechanism on it. First, we need to compute the sensitivity of .
Lemma 1. Let be defined as follows:
We denote the th coefficient of , with and . and respectively represent the real and imaginary parts of .
The sensitivity of , , is when the DFT is normalized (respectively, when the DFT is not normalized), with as the maximum value in the dataset.
Proof. Let be defined as in Lemma 1.
This result is true when the DFT is normalized (2) as in our case. In [17, 19, 36], the L_{2} norm of Fourier coefficients equals to times the L_{2} norm of S (Parvesal’s theorem). This result is valid when the normalized DFT (2) is used as in our case. When the DFT is not normalized, as is the case in [17, 19, 36], the sensitivity of the first DFT coefficients should be instead of (). Thus, using the normalized DFT, the function then becomeswhich is DP, with , for all and .
For simplicity, in the following, we write instead of , meaning that two independent Laplace noises are added to the real and imaginary parts of .
Algorithm 3 shows the Fourier perturbation algorithm (FPA) revisited.

4.3. Differences between the Initial, yet Incorrect, FPA, and the Corrected FPA
For a budget of privacy , the differences between the initial incorrect FPA and the corrected one can be highlighted as follows:(1)The DFT used in the initial incorrect FPA [17] is not normalized, while it is normalized in the corrected FPA. Thus, a factor is missing in the Laplace noise in Algorithm 1.(2)In the initial incorrect FPA [17], Laplace noises are only added to the real part of the DFT coefficients, while they should be added to the real and imaginary parts of the DFT coefficients as in the corrected FPA (Algorithm 3). Thus, imaginary coefficients are not noised in Algorithm 1.
Figure 4 shows the same aggregated consumption presented in Example 1 and its noisy version using the corrected FPA (Algorithm 3) with per day and . Figure 4 shows that the corrected FPA obtains a large MRE (), making it useless. The noisy aggregate has negative consumptions and does not contain the peaks present in the original aggregate.
For the sake of simplicity, in the following sections, we use FPA to talk about the corrected version.
5. Clamping Transform Perturbation Algorithm
The intuition behind our approach, “Clamping transform perturbation algorithm,” lies in the perturbation error, caused by the Laplace mechanism, which depends on the sensitivity of the sum of consumptions. As such, by reducing the sensitivity, we expect to reduce the perturbation error.
To estimate the sensitivity of consumptions, we split our database of users into two almost equal parts: corresponding to the consumptions of the first half of users (a training dataset) and containing the second half of users’ consumptions (a validation dataset). Using , we compute the distribution of users’ consumptions in the frequency domain. We denote by the maximum magnitude (by ignoring outliers) of the first coefficients.
For example, using the Irish consumption database [39], the distribution of the individual consumption of the first half customers (from 1 to 1818) in the frequency domain is given in Figure 5. In Figure 5, the maximum magnitudes (rounded) of the 5 first coefficients are .
The database is used for testing our methodology. Let with for all be the users’ individual consumptions. To publish the sum of consumptions , our methodology, which can be applied to either the Fourier transform or to wavelet transforms, is described as follows:(1)For all individual consumptions (), compute the corresponding magnitude in the domain of the transform and keep the first coefficients denoted by .(2)If the modulus of coefficient is greater than (), replace with so that all coefficients have a modulus smaller than and their phase, if the coefficient is complex, is unchanged.(3)Compute the sum of coefficients .(4)Add a noise following the distribution of Laplace , depending on the sensitivity of the transform, to each coefficient of . The result is denoted by . We note that the Laplace noise is added to the real and imaginary parts of each coefficient when the DFT is used.(5)Pad the vector by zeroes and compute the inverse transform to obtain the noisy version of the consumption .
Section 5.1 presents an adaptation of this methodology using the discrete Fourier transform.
5.1. Clamping Fourier Perturbation Algorithm
This section describes the clamping Fourier perturbation algorithm (CFPA) detailed in Algorithm 4. This algorithm allows an aggregator to compute and publish an aggregate guaranteeing differential privacy.

CFPA takes as inputs the individual timeseries consumptions of consumers, the maximum magnitudes of DFT coefficients of individual consumptions (computed over database ), the number of DFT coefficients to be considered, and the privacy budget , and it returns the noisy timeseries sum of consumptions of consumers.
Step 1, called clamping, computes the first DFT coefficients of each individual timeseries consumption. If the magnitude of a coefficient is greater than the maximum magnitude , then this coefficient is clamped and replaced by , in which magnitude is . Thus, for all individual consumptions , the maximum magnitude of the first DFT coefficients is , i.e., the final values of the coefficients have the same phase as the initial values, but their magnitudes are bounded by .
After computing the first DFT coefficients of each individual timeseries consumption of consumers (), Step 2 consists in computing the sum of these coefficients using the Laplacian mechanism. The result is denoted by .
Finally, the noisy sum of consumptions is equal to the inverse of the noisy DFT coefficients padded with zeros.
Theorem 3. Algorithm CFPA is differentially private.
Proof. To prove that Algorithm 4 is differentially private, we need to prove that the sensitivity of the sum of DFT coefficients of users’ individual consumptions (resp. ) is (resp. ). This is done in Lemma 2.
Then, as a Laplacian noise is added to each component (), the resulting (resp. ) is differentially private. Finally, the composition theorem [14] guarantees that any computation on the components of is differentially private; thus, the inverse DFT of those coefficients is DP.
Lemma 2. Let be the first DFT coefficients of the individual consumption of consumer (), obtained after the clamping mechanism. The sensitivity of the sum of each DFT coefficient () of consumers’ individual consumptions is .
Proof. Let . After the clamping, the magnitude of each DFT coefficient is smaller than for , and the sensitivity of the function defined by , with being equal to
Thus, Lemma 2 proves Theorem 3, and algorithm CFPA guarantees differential privacy.
For example, Figure 6 shows the same aggregated consumption presented in Example 1 and its noisy version using CFPA (Algorithm 4) with per day and . Figure 6 shows that CFPA obtains a good utility with an MRE equal to . This good utility of CFPA can be explained by the fact that Laplace noise added in CFPA depends on the amplitude of each coefficient, while in FPA, the same noise is added to every DFT coefficients, where is the maximum consumption in the dataset.
5.2. Clamping Wavelet Perturbation Algorithm
The clamping wavelet perturbation algorithm (CWPA), as presented in Algorithm 5, is obtained by replacing DFT with DWT in Algorithm 4. The computation of DWT is based on multiresolution analysis which determines the number of approximation coefficients (scaling functions) and detail coefficients (wavelet functions) [40]. DWT takes as input a timeseries of length a power of 2. If the input’s length is not a power of 2, we can pad it with zeroes [41].

Algorithm 5 takes as inputs the maximum magnitudes of the first DWT coefficients which are obtained in the training process on , by computing the distribution of DWT coefficients of individual consumptions.
We note that there are multiple DWTs, such as Haar, Daubechies, Symlets, and Coiflets. In this paper, we use Haar and Daubechies wavelets as shown in Section 6, because they give a low reconstruction error, as will be discussed in Section 6.1.
Theorem 4. The clamping wavelet perturbation algorithm (CWPA), Algorithm 5, is differentially private.
Proof. The proof is similar to the one for Theorem 3. We need to prove that the sensitivity of the sum of DWT coefficients of users’ individual consumptions (resp. ) is (resp. ). This is done in Lemma 3.
Then, as a Laplacian noise is added to each component (), the resulting (resp. ) is differentially private. Finally, the composition theorem [14] guarantees that any computation on the components is differentially private; thus, the inverse DWT of those coefficients is DP.
Lemma 3. Let be the first DWT coefficients of the individual consumption of consumer (), obtained after the clamping mechanism. The sensitivity of the sum of each DWT coefficient () of consumers’ individual consumptions is .
Proof. Let . After the clamping, the magnitude of each DWT coefficient is smaller than for , and the sensitivity of the function defined by is equal to
For example, Figure 7 shows the same aggregated consumption presented in Example 1 and its noisy version using CWPA (Algorithm 5) with Haar wavelet, per day and . However, Figure 3 shows that the MRE of CWPA is still higher than . We explain this result in Section 6.
6. Experimental Results
This section compares FPA, CFPA, WPA, and CWPA and explains through experimentations why CFPA achieves a better utility than other publication techniques. After presenting the raw results, we explain them by decomposing the mean relative error into a perturbation error, caused by the clamping mechanism and the Laplace mechanism, and a reconstruction error, due to ignoring coefficients of the transform. The analysis of the error is thus conducted in the next two Subsections 6.1 and 6.2. Section 6.1 analyzes the reconstruction error, while Section 6.2 analyzes the perturbation one. Conditions: the experiments rely on data originating from the Irish Commission for Energy Regulation (CER) [39]. This dataset contains real timeseries consumptions. The achieved results are valid for this very specific case, for Irish consumptions with an Irish weather being never too hot or too cold. The results show that the approach is good, but will probably have to be adapted for other datasets, i.e., by computing the maximum magnitudes of the first coefficients of the considered transform over a subpart of the dataset. Consumption data from the CER were collected every 30 minutes from 2009 to 2010 with the participation of more than Irish homes and businesses. This experiment only considers homes. We divided the database in two parts: , corresponding to the first half of consumers (1 to 1818), and , corresponding to the second half (1819 to 3639). is used to calibrate the algorithms by computing the maximum magnitudes of the first coefficients in the frequency domain, and is used to test the publication techniques FPA, CFPA, WPA, and CWPA. Notations: we note as the number of homes or smart meters considered in the district to compute the timeseries of the sum of consumptions. For each day (48 time slots), we compute the sum of consumptions of 50 different districts of random homes, and we execute FPA, WPA, CFPA, and CWPA with privacy budget for each day and . The discrete wavelet transforms used here are Haar transform (which represents the same wavelet as Daubechies with order 1, noted db1), Daubechies with order 2, and Daubechies with order 3, respectively, noted db2 and db3. Raw results and analysis: Figures 8 and 9 show the distribution of the mean relative estimation error (MRE) according to the number of homes in the district ( from 50 to 450) and from 5 to 12 for the budget of privacy and , respectively. The boxes extend from the lower to upper quartile values of the MRE, with a line at the median and a triangle representing the mean. The whiskers extend from the box to show the range of the MRE. In order to make consumption forecasts, an MRE lower than 10% is required in practice by experts in the energy sector. In this section, an MRE of less than 10% is therefore considered useful.
(a)
(b)
(c)
(d)
(e)
(f)
(g)
(h)
(i)
(j)
(k)
(l)
(a)
(b)
(c)
(d)
(e)
(f)
(g)
(h)
(i)
(j)
(k)
(l)
In Figures 8 and 9, the first column corresponds to the comparison between the FPA and the CFPA. The other columns correspond to the comparison between the WPA and the CWPA using Haar wavelet with 2 approximation coefficients, Daubechies 2 (db2) with 5 approximation coefficients, and Daubechies 3 (db3) with 10 approximation coefficients, respectively.
Figures 8 and 9 show that CFPA has a better utility than FPA. For example, for (Figure 8), when and the number of homes , the MRE of CFPA is , while the MRE of FPA is . In that configuration, the MRE of CFPA is 6.25 times lower than that of FPA. Similarly, the CWPA obtains a better utility than the WPA. For example, for and the number of homes , the MRE of CWPA using Haar wavelet is , while the MRE of the WPA is . In that configuration, the MRE of CWPA is 2 times lower than that of WPA.
Generally, the larger the size of the district , the smaller the MRE is. Similarly, the larger the budget of privacy , the smaller the MRE is; Figure 9 () shows a better utility than Figure 8 (). However, Figures 8 and 9 show that WPA and CWPA using db3 are not useful for because, as shown in Section 6.1, the reconstruction error is high (between and ).
Figures 8 and 9 show that for larger , the MRE of WPA and CWPA using db3 is smaller. Moreover, in Figure 9, for and when the number of homes is higher than 250 and , CWPA using db3 has the median of MRE smaller than . The CWPA using Haar wavelet obtains the second best utility, with the median of MRE smaller than when is greater than 250, while the CFPA gets the best utility, with the median of MRE decreasing to when and .
However, the utility of FPA and WPA decreases when increases. This is caused by the perturbation error; indeed, the greater the , the greater the Laplacian noise added to each coefficient is. This noise is attenuated by the clamping as shown by the CFPA. Indeed, when goes from 5 to 8, the reconstruction error decreases and the clamping also decreases the perturbation error leading to the total error reduction. However, when goes from 8 to 12, although the reconstruction error decreases, clamping does not reduce the perturbation error sufficiently. This explains why the MRE of CFPA is a little bigger when compared to .
In Figures 8 and 9, we notice that the median of MRE of WPA and CWPA converge to a threshold and never goes below it. For example, for and , the median of MRE of WPA and CWPA using db2 converges to . This is caused by the reconstruction error.
6.1. Reconstruction Error
The reconstruction error is due to considering only the first transform coefficients, thus removing the precision brought by coefficients (). To measure this error, a first solution consists in computing the cumulative distribution function (CDF) of the coefficients as a first assessment of the impact of the transform coefficients and, then, to get confirmation through some experimental reconstruction error measurements. Intuitively, if the CDF of some coefficients is close to 1, it means that the coefficients after () have less impact on the reconstruction, and thus, when set to zero, lead to a smaller reconstruction error.
The CDF is computed for a district of 50 homes of several transformations: discrete Fourier transform (DFT), discrete wavelet transform (DWT) using Haar, and Daubechies 2 and Daubechies 3 wavelets. The closer to 1 the cumulative distribution function at is, the smaller the reconstruction error is. Figure 10 compares the cumulative distribution function of DFT and DWT with different wavelet transforms. This figure shows that DFT has a higher cumulative distribution than DWT for the considered range value of ().
In order to analyze this error more precisely, we define formally the reconstruction error below, and we then compute it experimentally.
Definition 4 (reconstruction error). Let be a sum of timeseries consumptions and be the coefficients in the frequency domain of this timeseries. We denote as the first coefficients padded with zeros and as the inverse of (in the time domain). The reconstruction error (RE) of is equal to the mean relative estimation error between and given by (we add 1 to the denominator in order to avoid the division by zero)
Figure 11 shows the reconstruction error for DFT and DWT with different wavelet transforms for a district of 50 and 450 homes. This figure shows that the DFT obtains the smallest relative error (lower than when is greater than 5) followed by Haar and Daubechies. We note that the reconstruction error of Daubechies 2 is higher than when , which leads to a total error higher than and justifies the relative error obtained in Figures 8 and 9.
(a)
(b)
Moreover, when , the reconstruction error of Daubechies 3 is higher than , which justifies why its total error is higher than when , according to Figures 8 and 9.
According to the database from the Irish Commission for Energy Regulation (CER) [39], the discrete Fourier transform gets the smaller reconstruction error, followed respectively by Haar (which is the same as Daubechies 1) and Daubechies 2 and Daubechies 3 wavelets.
6.2. Perturbation Error
The perturbation error is caused by the Laplace mechanism, applied on the first transform coefficients. The higher the transform coefficients, the lower the impact of this perturbation in terms of relative error, and thus the lower the perturbation error.
We note that the amplitude of the Laplace noise introduced by the Laplace mechanism is different for CFPA and CWPA; it is times greater for CFPA than for CWPA. Indeed, for all , the parameter for the Laplace noise is for CFPA and for CWPA. Moreover, in the CFPA, coefficients (the real and imaginary parts of the DFT coefficients) are noisy while only coefficients are noisy in the CWPA.
For a district of 50 homes, we compute the distribution of the magnitude of DFT and DWT with Haar amd Daubechies 2 and 3 wavelets, and we compare their coefficient distribution median in Figure 12.
Figure 12 shows that the coefficient values vary according to the values of and the considered transforms. For instance, when is in the interval , Daubechies 3 obtains the highest magnitudes of coefficients, followed by Daubechies 2 and DFT.
In clamping perturbation algorithms (CFPA, CWPA), the clamping mechanism allows to add a noise proportional to the modulus of the coefficients of the considered transform (DFT, DWT). This reduces the impact of noise compared to perturbation algorithms (FPA, WPA); however, at the price of a perturbation error induced by the clamping of the coefficients. Formally, the perturbation error of clamping perturbation algorithms (CFPA, CWPA) is defined as follows:
Definition 5. Perturbation error for clamping perturbation algorithms (CFPA, CWPA).
Let be the individual timeseries of energy consumptions of homes, with for . The sum of timeseries consumptions is noted as . For all , we note as the result of the considered transform of the timeseries consumption whose first coefficients have been clamped. We note as the maximum magnitude of the first coefficients of the considered transform. Let be the sum of coefficients of the considered transform by perturbing only the first coefficients, with (respectively ) for CFPA (respectively for CWPA), for .
Let be the inverse transform of . The perturbation error of equals to the mean relative estimation error (MRE) between and , given by(we add 1 to the denominator in order to avoid the division by zero). For CWPA, the Laplace noise must be replaced by for and the DFT by the DWT,
The perturbation error depends on the following parameters, , , , and for . , () and are parameters of the Laplace distribution, so they have a direct impact on the amplitude of the added noise. Let and be fixed; the bigger the , the smaller the Laplace distribution parameter is, and thus, the bigger the noise added on the first coefficients is. This makes the perturbation error more significant. The choice of is important to define the clamping threshold and it directly impacts the perturbation of the Laplace mechanism. The greater the , the bigger the Laplace noise is, and thus, the more the perturbation error is. The smaller the (close to zero), the less the Laplace noise is, but the more the coefficients are clamped, and thus, the more the perturbation error is. The number of homes indirectly plays a role in the perturbation error; the larger the , the more diluted the added noise is. This leads to decrease the perturbation error.
Figure 13 (respectively, Figure 14) shows the distribution of the perturbation error of the clamping perturbation algorithms (CFPA and CWPA) according to , , with (respectively, ).
(a)
(b)
(c)
(d)
(a)
(b)
(c)
(d)
Figures 13 and 14 show that the perturbation error of CFPA is higher than that of CWPA. This result is explained by(1)The number of coefficients to be noised in CFPA is twice as many as the number of coefficients to be noised in CWPA. Indeed, in CFPA, the DFT coefficients are complex numbers, so both real and imaginary parts must be noised.(2)The absolute value of the noise added in the CFPA is times greater than that in the CWPA.
In addition, the greater the , the more the added noise is diluted in the aggregate, causing the perturbation error to decrease. E.g., for (Figure 13), when , the median of the perturbation error of CFPA (respectively, CWPA with Haar) goes from to (respectively from to ) when goes from 50 to 550. Likewise, for (Figure 14), when , the median of perturbation error of CFPA (respectively, CWPA with Haar) goes from to (respectively from to ) when goes from 50 to 550. We notice that, the greater the , the smaller the difference of the perturbation error between CFPA and CWPA is. This result is also true when increases. This can be explained by the decrease of the noise introduced on the coefficients of the transforms.
Figures 13 and 14 show that the perturbation error increases when increases. The larger the , the smaller the budget allocated to each coefficient is. This leads to a noise increase on each coefficient and thus on the perturbation error.
6.3. Summary of the Experimental Results
The combination of the reconstruction error (Figure 11) and the perturbation error (Figures 13 and 14) enables to determine which transform is appropriate according to the number of homes and the budget of privacy , for getting a total error as small as possible.
Lemma 4. The mean relative error (MRE) of CFPA (respectively, CWPA) is lower than or equal to the sum of the reconstruction error and the perturbation error of CFPA (respectively, CWPA).
Proof. The proof of the above lemma deferred to the appendix.
Section 6.1 shows that the reconstruction error of DFT is lower than that of the considered DWT. For example, when and , the median of the reconstruction error is for DFT, while it is for the Haar and Daubechies 2 transforms.
However, Section 6.2 shows that algorithms based on DFT (e.g., CFPA) have a higher perturbation error than those based on DWT (e.g., CWPA).
According to Lemma 4, the total error (MRE) is less than or equal to the sum of reconstruction error and perturbation error. Thus, if the reconstruction error or perturbation error is greater than , there is a high probability that the final error will not be less than this threshold.
As the reconstruction error of the DWT is greater than , there is a high probability that the final error of CWPA will not be less than this threshold, even if the Laplace noise decreases, i.e., when the number of homes or the privacy budget increases. However, as the reconstruction error of the DFT is small (the median is between and when ), then the total error of the CFPA may be lower than that of the CWPA when the impact of Laplace noise decreases. For example, the median of the perturbation error of CFPA is between and when , , and . This analysis explains why, for , the CWPA obtains a better utility than the CFPA when the number of homes is less than 250. For example, when and , the median of the perturbation error (respectively, the reconstruction error) of CFPA is (respectively, ) against (respectively, ) for CWPA using Haar. Thus, the median of MRE of CFPA is between and against and for CWPA.
When is higher than 250, CFPA gets a better utility than CWPA. For example, when and , the median of the perturbation error (respectively, the reconstruction error) of CFPA is (respectively, ) against (respectively, ) for CWPA using Haar. Thus, the median of MRE of CFPA is between and against and for CWPA.
In this use case, by comparing the different techniques for publishing timeseries consumption, it appears that clamping perturbation algorithms (CFPA, CWPA) get a better utility than unbounded algorithms (FPA, WPA), which shows that the clamping mechanism reduces the total error. Furthermore, when the number of homes is greater than 250, CFPA obtains the best utility, with a mean relative error of less than when . When the budget of privacy , the mean relative error of CFPA is less than for homes.
The CWPA gets the best utility when the number of homes is smaller than 150 and the budget of privacy is 1. This is justified by its low perturbation error.
Table 3 summarizes the publishing algorithm with the smallest MRE according to the budget of privacy and the number of homes in the district (). Based on the dataset from the Irish Commission for Energy Regulation (CER) [39], Table 3 shows that the clamping Fourier perturbation algorithm (CFPA) achieves a lower MRE than the clamping wavelet perturbation algorithm (CWPA) for . Hence, CFPA gets a better utility than CWPA for .
7. Conclusion
The large deployment of smart meters provides users and suppliers with the capacity to optimize the energy consumption through forecasting and demandresponse services. This paper proposes an original and efficient approach to mitigate privacy leakages of users’ consumptions. This approach uses differential privacy and timeseries transformations for supporting high privacy guarantees and utility. The clamping Fourier perturbation algorithm (CFPA) we propose achieves an error 6 times lower than the Fourier perturbation algorithm (FPA). Similarly, the clamping wavelet perturbation algorithm (CWPA) achieves an error 2 times lower than the wavelet perturbation algorithm (WPA). Thanks to our algorithm, the publication of aggregate timeseries consumptions is now possible while guaranteeing that the aggregate does not reveal any individual consumptions and while achieving better utility than existing algorithms. These privacypreserving aggregate timeseries consumptions can then be used as a building block, enabling services such as forecasting and demandresponse, which are suitable for improving the efficiency and reliability of the electric grid.
In the future, we plan to investigate how to decentralize our clamping transform perturbation algorithm in order to resist to malicious aggregators. We plan to examine how to combine secure multiparty computation (SMC) with differential privacy (DP). SMC enables parties to compute a joint function without learning any individual inputs. SMC combined with DP could allow homes to compute and publish their aggregated consumptions without relying on an aggregator. However, SMC incurs a communication cost, which might have an impact on the running time performance.
Appendix
Proof of Lemma 4
Lemma Appendix (Lemma 4). The mean relative error (MRE) of CFPA (respectively, CWPA) is lower than or equal to the sum of the reconstruction error and the perturbation error of CFPA (respectively, CWPA).
Proof. Let be the aggregate consumption to be published by using CFPA or CWPA. Let be the coefficients of the considered transform of . For simplicity, we consider that we use the CFPA5; we have , where IDFT means the inverse of the DFT transform. We note as the clamped coefficient of for . Let be the result of the aggregate consumption, where is the maximum magnitude of the first DFT coefficients. Let for :