We study online privacy-preserving anomaly detection in a setting in which the data are distributed over a network and locally sensitive to each node, and a probabilistic data model is unknown. We design and analyze a data-driven solution scheme where each node observes a high-dimensional data stream for which it computes a local outlierness score. This score is then perturbed, encrypted, and sent to a network operator. The network operator then decrypts an aggregate statistic over the network and performs online network anomaly detection via the proposed generalized cumulative sum (CUSUM) algorithm. We derive an asymptotic lower bound and an asymptotic approximation for the average false alarm period of the proposed algorithm. Additionally, we derive an asymptotic upper bound and asymptotic approximation for the average detection delay of the proposed algorithm under a certain anomaly. We show the analytical tradeoff between the anomaly detection performance and the differential privacy level, controlled via the local perturbation noise. Experiments illustrate that the proposed algorithm offers a good tradeoff between privacy and quick anomaly detection against the UDP flooding and spam attacks in a real Internet of Things (IoT) network.