An Algorithmic Approach to Managing Supply Chain Data Security: The Differentially Private Newsvendor

Data are now widely considered a key firm asset for enabling better operational decisions. However, data-driven decisions can inadvertently expose private data, leaving firms vulnerable to unforeseen danger. How to manage data security risks by protecting data from being inferred from observable decisions thus becomes an important question. In this paper, we focus on data security in supply chains because of their data-intensive nature. Specifically, we examine a data-driven contextual newsvendor problem. To quantify and ensure data security, we adopt the notion of differential privacy, a mathematically rigorous measure of data security that limits an attacker’s inference accuracy. Employing convolution smoothing and noise injection, we propose several differentially private algorithms that provably guarantee both data security and asymptotic optimality with (near) optimal rates. In the nonasymptotic regime, we further identify three drivers of the cost of data security, namely, data set size, context, and number of products. This finding suggests that gathering more data, collecting detailed context, and pooling data from multiple products can lower data security costs. Lastly, we examine the impact of a newsvendor’s private algorithms on supply chain partners. We discover additional distortion to the demand signaling process and a lower profit share for an upstream supplier.

Funding: This work was supported by the Ministry of Education, Singapore (MOE AcRF Tier 1 [Grant RG117/23]).

Supplemental Material: All supplemental materials, including the code, data, and files required to reproduce the results, are available at https://doi.org/10.1287/opre.2024.1213.