Timezone: »

Black-Box Differential Privacy for Interactive ML
Haim Kaplan · Yishay Mansour · Shay Moran · Kobbi Nissim · Uri Stemmer

Thu Dec 14 08:45 AM -- 10:45 AM (PST) @ Great Hall & Hall B1+B2 #1608

In this work we revisit an interactive variant of joint differential privacy, recently introduced by Naor et al. [2023], and generalize it towards handling online processes in which existing privacy definitions seem too restrictive. We study basic properties of this definition and demonstrate that it satisfies (suitable variants) of group privacy, composition, and post processing.In order to demonstrate the advantages of this privacy definition compared to traditional forms of differential privacy,we consider the basic setting of online classification. We show that any (possibly non-private) learning rule can be effectively transformed to a private learning rule with only a polynomial overhead in the mistake bound. This demonstrates a stark difference with traditional forms of differential privacy, such as the one studied by Golowich and Livni [2021], where only a double exponential overhead in the mistake bound is known (via an information theoretic upper bound).

Author Information

Haim Kaplan (TAU, GOOGLE)
Yishay Mansour (Tel Aviv University / Google)
Shay Moran (Technion)
Kobbi Nissim (Georgetown University)
Uri Stemmer (Tel Aviv University and Google Research)

More from the Same Authors