Conference StatMathAppli

Four big ideas in Differential Privacy

This webpage includes a series of four lectures I provided at the conference StatMathAppli (Statistics, Mathematics, and Applications), in Frejus, at Villa Clythia. The main purpose of the lectures is (was) to provide an overview of techniques in and applications of differential privacy, a set of techniques for rigorously guaranteeing privacy. Any errors in the lecture slides are, of course, my own, and I hope that readers note that the references in them reflect what are likely my idiosynchratic biases. I apologize to anyone whose work I omitted.

• Basic ideas in privacy. Introduces differential privacy, develops several standard mechanisms (e.g., Laplace, Gaussian, and Randomized Response), and discusses composition of private mechanisms.

• Privacy amplification. Shows how to use what might appear to be “best practices,” such as randomizing and anonymizing data, or subsampling, to give provable boosts in privacy. Discusses a few applications of these ideas.

• Advanced mechanisms. Discusses local sensitivities and the related inverse sensitivity mechanism, which provides an abstractly optimal algorithm. Also overviews matrix-multiplication mechanisms, which form basis for modern large-scale deployments of machine learning under privacy.

• Optimality and lower bounds. Demonstrates two of the major techniques for lower bounds (fundamental limits) of private procedures. The first, most common in local differential privacy, demonstrates contractions of certain probability measures; the second looks at “integral” lower bounds, which relate to the Bayesian approaches to the Van Trees inequality and so-called fingerprinting code-techniques.