This work addresses privacy-preserving data sharing by proposing a min–max data sanitization mechanism: given a distortion constraint under which an authorized party can reconstruct the original data, the method maximizes the minimal inference loss incurred by two unauthorized adversaries—each possessing correlated side information—thereby enforcing their cooperation for effective reconstruction. Methodologically, we formulate a bi-adversarial min–max optimization framework, integrate principles from lossy secret sharing, and employ data-driven adversarial training to alternately optimize the sanitizer, reconstructor, and two adversary models. Theoretically, we derive optimal solutions for Gaussian and binary variables. Crucially, this is the first work to explicitly model “collaborative recoverability” as a core privacy design objective—ensuring individual privacy while enabling controllable collective recoverability. Experiments demonstrate substantial increases in inference difficulty for unauthorized parties.

We study a privacy-preserving data-sharing setting where a privatizer transforms private data into a sanitized version observed by an authorized reconstructor and two unauthorized adversaries, each with access to side information correlated with the private data. The reconstructor is evaluated under a distortion function, while each adversary is evaluated using a separate loss function. The privatizer ensures the reconstructor distortion remains below a fixed threshold while maximizing the minimum loss across the two adversaries. This two-adversary setting models cases where individual users cannot reconstruct the data accurately, but their combined side information enables estimation within the distortion threshold. The privatizer maximizes individual loss while permitting accurate reconstruction only through collaboration. This echoes secret-sharing principles, but with lossy rather than perfect recovery. We frame this as a constrained data-driven minimax optimization problem and propose a data-driven training procedure that alternately updates the privatizer, reconstructor, and adversaries. We also analyze the Gaussian and binary cases as special scenarios where optimal solutions can be obtained. These theoretical optimal results are benchmarks for evaluating the proposed minimax training approach.