
Bug bounty programs are a popular way to find security flaws in deployed systems. We are the first to use a bounty program to find flaws in anonymization schemes, namely the anonymization scheme we designed called Diffix. We take an empirical approach to anonymization rather than the more common formal…