Optimizing Histogram Queries under Differential Privacy (0912.4742v2)

Abstract: Differential privacy is a robust privacy standard that has been successfully applied to a range of data analysis tasks. Despite much recent work, optimal strategies for answering a collection of correlated queries are not known. We study the problem of devising a set of strategy queries, to be submitted and answered privately, that will support the answers to a given workload of queries. We propose a general framework in which query strategies are formed from linear combinations of counting queries, and we describe an optimal method for deriving new query answers from the answers to the strategy queries. Using this framework we characterize the error of strategies geometrically, and we propose solutions to the problem of finding optimal strategies.

• The paper proposes the matrix mechanism, a novel method that strategically selects query sets to reduce noise in histogram queries under differential privacy.
• It employs rank-constrained semidefinite programming to optimize sensitivity and error profiles, significantly enhancing the accuracy of query answers.
• The framework unifies existing hierarchical and wavelet-based methods, offering practical insights for improving privacy-preserving data analyses.

Optimizing Linear Counting Queries Under Differential Privacy

The paper "Optimizing Linear Counting Queries Under Differential Privacy" by Chao Li et al. presents a comprehensive approach to answering a collection of related queries under differential privacy, focusing on improving the accuracy of query answers while maintaining strong privacy guarantees. This work introduces the matrix mechanism, an innovative algorithm that leverages an explicitly chosen query strategy to optimize the utility of query answers within the constraints of differential privacy.

Differential privacy is a well-established standard for data privacy that provides rigorous protection against adversaries with arbitrary auxiliary information. It is achieved by introducing randomness into query results, most commonly through the addition of Laplace noise scaled to the query's sensitivity. However, when answering multiple related queries, this straightforward approach can lead to suboptimal results due to the compounding of noise. The matrix mechanism addresses this by deriving answers to a target workload of queries from noisy answers to a strategically chosen set of queries, referred to as a query strategy.

The paper's contributions are multifold:

1. Matrix Mechanism and Derivation of Answers: The matrix mechanism is designed to target specific correlations between queries. By answering a strategically chosen set of queries, independent Laplace noise is transformed into noise that can be correlated in a way that reduces error for the workload queries. The technique involves the use of a matrix representing the strategy, and a detailed analysis allows derivation of answers from the transformed noisy strategy queries while minimizing the variance.
2. Analyzing Error and Optimization: The authors provide a formal analysis of error, characterizing it in terms of a strategy's sensitivity and error profile. The error profile determines how error is distributed across queries. The criteria for optimal query strategy selection are articulated as a rank-constrained semidefinite program, a sophisticated optimization framework that considers both sensitivity and error profile to minimize the total error on a workload.
3. Comparison and Relation to Existing Methods: The approach of the matrix mechanism encompasses previously proposed techniques, such as hierarchical and wavelet-based strategies, which the authors analyze within this unifying framework. They show that seemingly disparate methods can be understood as specific instances of the matrix mechanism, revealing underlying commonalities and providing bounds on their error.
4. Implications for Workload Strategy Design: The insights from the paper have significant implications for the design of query strategies under differential privacy. It aids practitioners in understanding the trade-offs between privacy costs and utility, enabling a structured approach to query strategy design that can potentially outperform traditional methods on complex workloads of correlated queries.

In terms of practical applications, the matrix mechanism provides a pathway for data custodians to release more accurate statistical summaries and analyses, thereby enhancing the decision-making processes based on private data. The theoretical development around rank-constrained optimization sets the stage for future research in exploring efficient algorithmic solutions and delving deeper into workload-specific strategy design under additional types of privacy constraints.

Given the growing demand for privacy-preserving data analysis, the matrix mechanism offers a compelling framework that bridges the gap between robust data privacy and high utility, setting the direction for further advancements in differentially private data analysis frameworks.