Differential Privacy

Dated Jan 22, 2019; last modified on Sat, 27 Mar 2021

A data release mechanism is differentially private if any computation performed on the released data yields essentially the same result if a single data point is added/removed.

More specifically, let $Q$ be any (probabilistic) query function. $Q$ is $\epsilon$-differentially private if for all databases $B$, $B'$ that differ in one item, and for all functions $F$, and all values $y$:

$$ \mathbb{P}\{F(Q(B)) = y\} \le e^{\epsilon} \cdot \mathbb{P}\{F(Q(B')) = y\} $$

$\epsilon$ is a privacy parameter. Increasing $\epsilon$ improves accuracy, but reduces privacy.

Cynthia Dwork, the pioneer of Differential Privacy, has just won the 2020 Knuth Prize .

See Differential Privacy Blog Series | NIST for more discussions on Differential Privacy.

		Random Link ¯\_(ツ)_/¯
Jan 22, 2019	»	Applications for DP 1 min; updated Mar 14, 2021 DP in the 2020 US Census Scenario: Census bureau releases mean household income by block $N - 1$ households in a block can work together to infer the outcome of household $N$ Solution: Define $i_{max}$, the hypothetical maximum income To protect outliers (like Jeff and Bill) clip their values to $i_{max}$ before computing the mean Add noise to mean income that’s proportional to $i_{max} / \epsilon$...
Jan 22, 2019	»	Building Intuition About DP 1 min; updated Mar 14, 2021 Scenario Researcher wants to estimate percentage of HIV positive individuals. Survey respondents don’t want to disclose HIV status DP Solution Each respondent flips answer with probability $p$. Exercise: show that respondent privacy is protected Exercise: show that researcher can accurately estimate the quantity of interest Let $x_i = 1$ if the $i$‘th respondent is HIV positive, and zero otherwise. We’re interested in $ S/N $, where $S = \sum_{i=1}^{n}{x_i} $....