In dynamic spectrum access, commercially-operated database servers are often used to assist the opportunistic users (OUs) to query and access spectrum vacancies of incumbent users (IUs). The query and answer process in such DSA architectures introduce significant privacy concerns for potential leakage of the sensitive operational details of the IUs, especially their locations. Existing privacy-preserving mechanisms such as location cloaking or spatial obfuscation can be used to hide IUs' locations. They however cannot guarantee the interference from all surrounding access-allowed OUs staying under a given limit. In addition, the spectrum utilization (i.e., transmission opportunities) of OUs should also be considered in the design of mechanisms. The complex three-way tradeoff among privacy, interference and utility has not been systematically studied in the literature. In this paper, we first endeavor to tackle this challenge, by introducing a privacy zone within the exclusion zone. In the privacy zone the IU's location is indistinguishable, while the exclusion zone guarantees the interference limit within the privacy zone. Under two variants of the system model (either known OU locations or probabilistic locations with known density), we formulate and solve corresponding optimization problems to find the optimal tradeoff of one versus the other two objectives. Simulation results with real-world maps/parameters show that the IU's privacy increases with decreasing OUs' utility given a fixed allowable interference for the IUs.