Abstract:
|
A common way to protect privacy of sensitive data is to introduce additional randomness, beyond sampling. Differential Privacy (DP) provides a rigorous framework for quantifying privacy risk of such procedures, which allow for the release of a statistic T. However, the structure of T is often not carefully analyzed, resulting in inefficient implementation of DP mechanisms that reduce the statistical utility of the result. We introduce the adjacent output space S_T, and connect S_T to the notion of sensitivity, which controls the amount of randomness required to protect privacy. Using S_T, we formalize the comparison of K-Norm Mechanisms and derive the optimal one as a function of the adjacent output space. We use these methods to extend the Objective Perturbation and the Functional mechanisms to arbitrary K-Norm Mechanisms, and apply them to Logistic and Linear Regression, to allow for private releases of statistical results. We compare the performance through simulations, and on a housing price data. Our results show that the choice of mechanism impacts the utility of the output, and our proposed methodology offers a significant improvement at the same level of risk.
|