Research Challenges in Designing Differentially Private Text Generation
Mechanisms
- URL: http://arxiv.org/abs/2012.05403v1
- Date: Thu, 10 Dec 2020 01:44:50 GMT
- Title: Research Challenges in Designing Differentially Private Text Generation
Mechanisms
- Authors: Oluwaseyi Feyisetan, Abhinav Aggarwal, Zekun Xu, Nathanael Teissier
- Abstract summary: We describe some challenges in balancing the tradeoff between privacy and utility for differentially private text mechanisms.
Our objective is not to evaluate a single solution but to further the conversation on these challenges and chart pathways for building better mechanisms.
- Score: 5.123298347655088
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: Accurately learning from user data while ensuring quantifiable privacy
guarantees provides an opportunity to build better Machine Learning (ML) models
while maintaining user trust. Recent literature has demonstrated the
applicability of a generalized form of Differential Privacy to provide
guarantees over text queries. Such mechanisms add privacy preserving noise to
vectorial representations of text in high dimension and return a text based
projection of the noisy vectors. However, these mechanisms are sub-optimal in
their trade-off between privacy and utility. This is due to factors such as a
fixed global sensitivity which leads to too much noise added in dense spaces
while simultaneously guaranteeing protection for sensitive outliers. In this
proposal paper, we describe some challenges in balancing the tradeoff between
privacy and utility for these differentially private text mechanisms. At a high
level, we provide two proposals: (1) a framework called LAC which defers some
of the noise to a privacy amplification step and (2), an additional suite of
three different techniques for calibrating the noise based on the local region
around a word. Our objective in this paper is not to evaluate a single solution
but to further the conversation on these challenges and chart pathways for
building better mechanisms.
Related papers
- Collaborative Inference over Wireless Channels with Feature Differential Privacy [57.68286389879283]
Collaborative inference among multiple wireless edge devices has the potential to significantly enhance Artificial Intelligence (AI) applications.
transmitting extracted features poses a significant privacy risk, as sensitive personal data can be exposed during the process.
We propose a novel privacy-preserving collaborative inference mechanism, wherein each edge device in the network secures the privacy of extracted features before transmitting them to a central server for inference.
arXiv Detail & Related papers (2024-10-25T18:11:02Z) - Private Language Models via Truncated Laplacian Mechanism [18.77713904999236]
We propose a novel private embedding method called the high dimensional truncated Laplacian mechanism.
We show that our method has a lower variance compared to the previous private word embedding methods.
Remarkably, even in the high privacy regime, our approach only incurs a slight decrease in utility compared to the non-private scenario.
arXiv Detail & Related papers (2024-10-10T15:25:02Z) - Unified Mechanism-Specific Amplification by Subsampling and Group Privacy Amplification [54.1447806347273]
Amplification by subsampling is one of the main primitives in machine learning with differential privacy.
We propose the first general framework for deriving mechanism-specific guarantees.
We analyze how subsampling affects the privacy of groups of multiple users.
arXiv Detail & Related papers (2024-03-07T19:36:05Z) - InferDPT: Privacy-Preserving Inference for Black-box Large Language Model [66.07752875835506]
InferDPT is the first practical framework for the privacy-preserving Inference of black-box LLMs.
RANTEXT is a novel differential privacy mechanism integrated into the perturbation module of InferDPT.
arXiv Detail & Related papers (2023-10-18T18:00:11Z) - Adaptive Privacy Composition for Accuracy-first Mechanisms [55.53725113597539]
Noise reduction mechanisms produce increasingly accurate answers.
Analysts only pay the privacy cost of the least noisy or most accurate answer released.
There has yet to be any study on how ex-post private mechanisms compose.
We develop privacy filters that allow an analyst to adaptively switch between differentially private and ex-post private mechanisms.
arXiv Detail & Related papers (2023-06-24T00:33:34Z) - On Differentially Private Federated Linear Contextual Bandits [9.51828574518325]
We consider cross-silo federated linear contextual bandit (LCB) problem under differential privacy.
We identify three issues in the state-of-the-art: (i) failure of claimed privacy protection and (ii) incorrect regret bound due to noise miscalculation.
We show that our algorithm can achieve nearly optimal'' regret without a trusted server.
arXiv Detail & Related papers (2023-02-27T16:47:49Z) - Breaking the Communication-Privacy-Accuracy Tradeoff with
$f$-Differential Privacy [51.11280118806893]
We consider a federated data analytics problem in which a server coordinates the collaborative data analysis of multiple users with privacy concerns and limited communication capability.
We study the local differential privacy guarantees of discrete-valued mechanisms with finite output space through the lens of $f$-differential privacy (DP)
More specifically, we advance the existing literature by deriving tight $f$-DP guarantees for a variety of discrete-valued mechanisms.
arXiv Detail & Related papers (2023-02-19T16:58:53Z) - Optimum Noise Mechanism for Differentially Private Queries in Discrete Finite Sets [3.5379819043314176]
We introduce a novel framework for designing an optimal noise Mass Probability Function tailored to discrete and finite query sets.
Our framework seeks to optimize the noise distribution under an arbitrary $(epsilon, delta)$ constraint, thereby enhancing the accuracy and utility of the response.
Numerical experiments highlight the superior performance of our proposed optimal mechanisms compared to state-of-the-art methods.
arXiv Detail & Related papers (2021-11-23T05:24:34Z) - On a Utilitarian Approach to Privacy Preserving Text Generation [5.123298347655088]
We propose a class of differentially private mechanisms that parameterizes the nearest neighbor selection criterion in traditional mechanisms.
Motivated by Vickrey auction, where only the second highest price is revealed and the highest price is kept private, we balance the choice between the first and the second nearest neighbors.
Experiments on real text classification datasets show up to 50% improvement in utility compared to the existing state-of-the-art with the same empirical privacy guarantee.
arXiv Detail & Related papers (2021-04-23T23:13:43Z) - Differential Privacy of Hierarchical Census Data: An Optimization
Approach [53.29035917495491]
Census Bureaus are interested in releasing aggregate socio-economic data about a large population without revealing sensitive information about any individual.
Recent events have identified some of the privacy challenges faced by these organizations.
This paper presents a novel differential-privacy mechanism for releasing hierarchical counts of individuals.
arXiv Detail & Related papers (2020-06-28T18:19:55Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.