“…Hence, user privacy is preserved in the Some attack scenarios in Table 1 have rather strong assumptions regarding the complexity of the attack setup and demand huge resources. For example, attackers in the Organized Crime I model (ID 5) require TEKs and aggregated data in each 10 to 20-minute time window to deanonymize infected users [3], [6], [7]. Aggregated data include public and sensitive information, such as date, time, interaction graph, social graph, address, location type (e.g., residential, workplace, and library), and surveillance cameras.…”