12 research outputs found
Differential Privacy for the Analyst via Private Equilibrium Computation
We give new mechanisms for answering exponentially many queries from multiple
analysts on a private database, while protecting differential privacy both for
the individuals in the database and for the analysts. That is, our mechanism's
answer to each query is nearly insensitive to changes in the queries asked by
other analysts. Our mechanism is the first to offer differential privacy on the
joint distribution over analysts' answers, providing privacy for data analysts
even if the other data analysts collude or register multiple accounts. In some
settings, we are able to achieve nearly optimal error rates (even compared to
mechanisms which do not offer analyst privacy), and we are able to extend our
techniques to handle non-linear queries. Our analysis is based on a novel view
of the private query-release problem as a two-player zero-sum game, which may
be of independent interest
Private Matchings and Allocations
We consider a private variant of the classical allocation problem: given k
goods and n agents with individual, private valuation functions over bundles of
goods, how can we partition the goods amongst the agents to maximize social
welfare? An important special case is when each agent desires at most one good,
and specifies her (private) value for each good: in this case, the problem is
exactly the maximum-weight matching problem in a bipartite graph.
Private matching and allocation problems have not been considered in the
differential privacy literature, and for good reason: they are plainly
impossible to solve under differential privacy. Informally, the allocation must
match agents to their preferred goods in order to maximize social welfare, but
this preference is exactly what agents wish to hide. Therefore, we consider the
problem under the relaxed constraint of joint differential privacy: for any
agent i, no coalition of agents excluding i should be able to learn about the
valuation function of agent i. In this setting, the full allocation is no
longer published---instead, each agent is told what good to get. We first show
that with a small number of identical copies of each good, it is possible to
efficiently and accurately solve the maximum weight matching problem while
guaranteeing joint differential privacy. We then consider the more general
allocation problem, when bidder valuations satisfy the gross substitutes
condition. Finally, we prove that the allocation problem cannot be solved to
non-trivial accuracy under joint differential privacy without requiring
multiple copies of each type of good.Comment: Journal version published in SIAM Journal on Computation; an extended
abstract appeared in STOC 201
The Optimal Mechanism in Differential Privacy
We derive the optimal -differentially private mechanism for single
real-valued query function under a very general utility-maximization (or
cost-minimization) framework. The class of noise probability distributions in
the optimal mechanism has {\em staircase-shaped} probability density functions
which are symmetric (around the origin), monotonically decreasing and
geometrically decaying. The staircase mechanism can be viewed as a {\em
geometric mixture of uniform probability distributions}, providing a simple
algorithmic description for the mechanism. Furthermore, the staircase mechanism
naturally generalizes to discrete query output settings as well as more
abstract settings. We explicitly derive the optimal noise probability
distributions with minimum expectation of noise amplitude and power. Comparing
the optimal performances with those of the Laplacian mechanism, we show that in
the high privacy regime ( is small), Laplacian mechanism is
asymptotically optimal as ; in the low privacy regime
( is large), the minimum expectation of noise amplitude and minimum
noise power are and as , while the expectation of
noise amplitude and power using the Laplacian mechanism are
and , where is
the sensitivity of the query function. We conclude that the gains are more
pronounced in the low privacy regime.Comment: 40 pages, 5 figures. Part of this work was presented in DIMACS
Workshop on Recent Work on Differential Privacy across Computer Science,
October 24 - 26, 201
New oracle-efficient algorithms for private synthetic data release
We present three new algorithms for constructing differentially private synthetic data—a sanitized version of a sensitive dataset that approximately preserves the answers to a large collection of statistical queries. All three algorithms are oracle-efficient in the sense that they are computationally efficient when given access to an optimization oracle. Such an oracle can be implemented using many existing (non-private) optimization tools such as sophisticated integer program solvers. While the accuracy of the synthetic data is contingent on the oracle’s optimization performance, the algorithms satisfy differential privacy even in the worst case. For all three algorithms, we provide theoretical guarantees for both
accuracy and privacy. Through empirical evaluation, we demonstrate that our methods scale well with both the dimensionality of the data and the number of queries. Compared to the state-of-the-art method High-Dimensional Matrix Mechanism McKenna et al. (2018), our algorithms provide better accuracy in the large workload and high privacy regime (corresponding to low privacy loss ε).https://arxiv.org/pdf/2007.05453.pd