Professional Documents
Culture Documents
COE426: Lecture 9 2
Recall Definition of Differential Privacy
COE426: Lecture 9 3
Another Way to Understand DP
COE426: Lecture 9 4
Differential Privacy Modes
Query f
x
…1
Global xn
Differential Privacy
Analyst 𝒇 (𝑫 )+ 𝑳𝒂𝒑
𝐺 𝑆𝑓
𝜖 ( ) Database D
Query f
𝒇 ( 𝑼 𝟏) + 𝑵 𝟏 𝐷1
𝒇 ( 𝑼 𝟐) + 𝑵 𝟐
𝐷2
Local
Differential
Privacy
𝒇 ( 𝑫 ) =∑ 𝒇 ( 𝑼 𝒊 ) + 𝑵 𝒊
Analyst Database D
𝒇 ( 𝑼 𝟑) + 𝑵 𝟑
𝐷3
Example: Randomized Response
COE426: Lecture 10 5
How to Achieve DP?
•Randomized Response
•Laplace Mechanism
•Report Noisy Max
•Exponential Mechanism
COE426: Lecture 9 6
Randomized Response: Werner Process
Query f
x
…1
xn
• Werner Process:
• To answer the question, throw a coin
• If tails, response faithfully
• If heads, flip a second coin and respond
• "Yes" if heads
• "No" if tails
COE426: Lecture 9 7
Warner Procedure is Differentially Private
https://github.com/kjam/practical-data-privacy/blob/main/06%20-%20Local%20Differential%20Priva
cy%20via%20Randomized%20Response.ipynb
COE426: Lecture 9 8
Check Our Understanding of DP
• Are there any drawback of DP? Why only big companies are using it?
COE426: Lecture 9 9
How to Achieve DP?
•Randomized Response
•Laplace Mechanism
•Exponential Mechanism
•Report Noisy Max
COE426: Lecture 9 10
Global Sensitivity
•Global sensitivity
•Example
• where p and q are vectors
COE426: Lecture 9 11
Global Sensitivity: Example
COE426: Lecture 9 13
Laplace Distribution
: mean
: variance
•When =0,
COE426: Lecture 9 14
Laplace Mechanism
COE426: Lecture 9 15
Laplace Mechanism Example
Query f
x
…1
xn
Analyst 𝒇 (𝑫 )+ 𝑳𝒂𝒑
𝐺 𝑆𝑓
𝜖 ( ) Database D
𝒇 ( 𝑫 )+ 𝑳𝒂𝒑 ()1
𝜖 Satisfies -differential privacy
https://github.com/kjam/practical-data-privacy/blob/main/02%20-%20
Exploring%20Differential%20Privacy%20with%20Laplace.ipynb
COE426: Lecture 9 16
Example: COUNT query
•Answer: , 6 75K
COE426: Lecture 9 19
Example: Average query
•Answer: , 6 75K
COE426: Lecture 9 20
Laplace Mechanism: Sketch of Proof
Or
• For any possible output , the probability density is
proportional to the probability density of the added
noise
, because
• Then
• Recall
COE426: Lecture 9 21
Properties of Differential Privacy
COE426: Lecture 9 22
Post-processing
Query f
x1
…
xn
Analyst Database D
COE426: Lecture 9 23
Composability
COE426: Lecture 9 24
Sequential Composition
0.2
COE426: Lecture 9 25
Parallel Composition
0.2
COE426: Lecture 9 26
Proof of Sequential Composability
D) (D)
ε1-DP ε2-DP
COE426: Lecture 9 27
Why Composition?
COE426: Lecture 9 28
Group Privacy
COE426: Lecture 9 29
Next Attraction
•Exponential Mechanism
•Applying differential privacy
•Practicing Differential privacy with Python
COE426: Lecture 9 30