How can we restrict dynamically nginx upload/download speed per user?

Yes, you can rate limit on a specific location.

location /something/ { 
    set $limit_rate  4k; 
}

You can also surround the limite_rate with statements like if as well to dynamically control the rates. See this link for further details on limite rate: http://wiki.nginx.org/NginxHttpCoreModule#limit_rate

There is another module you should be mindful of: http://wiki.nginx.org/NginxHttpLimitZoneModule

That module allows you to set limits of connection count. So, even if you set a low limit, if they can just make 10 connections, your limit is rather meaningless.

I suggest you have private and public users get different links so that nginx can easily distinguish between the types of users and verify in your application layer for security.