Abstract:An algorithm is developed to gradually relax the Differential Privacy (DP) guarantee of a randomized response. The output from each relaxation maintains the same probability distribution as a standard randomized response with the equivalent DP guarantee, ensuring identical utility as the standard approach. The entire relaxation process is proven to have the same DP guarantee as the most recent relaxed guarantee.
What problem does this paper attempt to address?
The main problem that this paper attempts to solve is: how to gradually relax the privacy protection level (i.e., privacy budget) of random response under the local differential privacy (LDP) mechanism, while ensuring that the output after each relaxation has the same probability distribution and utility as the standard random response. Specifically, the paper proposes an algorithm that can gradually increase the privacy budget while maintaining the same privacy protection level and ensure that the entire relaxation process still meets the corresponding LDP guarantees.
### Problem Background
With the development of artificial intelligence, data privacy protection has become increasingly important. Differential Privacy (DP) is a technique for protecting the privacy of personal data, and Local Differential Privacy (LDP) is a method of perturbing data at the individual data level to protect privacy. LDP allows data to be processed locally, eliminating the need for a trusted third party, thereby enhancing privacy security.
### Core Problems of the Paper
1. **Gradually Relaxing the Privacy Budget**
- How to gradually relax the privacy protection level of random response without reducing utility?
- During the gradual relaxation process, how to ensure that the output after each relaxation still meets the corresponding LDP guarantees?
2. **Optimizing the Use of the Privacy Budget**
- How to maximize its utility during the process of gradually releasing the privacy budget? For example, in time - sensitive data (such as disease incidence), stronger privacy protection is required initially, but as time passes, the privacy requirements can be gradually relaxed.
- In the data market, users can sell data at different privacy protection levels according to different buyer requirements while ensuring that the overall privacy budget is not exceeded.
### Solutions
The paper proposes an algorithm for gradually relaxing the privacy protection level of random response. The main features of this algorithm are as follows:
- **Maintaining the Same Probability Distribution**: The output after each relaxation still follows the same probability distribution as the standard random response, ensuring that the utility remains unchanged.
- **Meeting LDP Guarantees**: The entire relaxation process still meets the corresponding LDP guarantees, that is, for any query combination, its privacy protection level will not exceed the set privacy budget.
- **Adapting to Multiple Application Scenarios**: This algorithm is applicable to any LDP mechanism based on random response and has been applied in tools such as RAPPOR, optimizing the utility of frequency estimation.
### Formula Representation
For binary random response, the formula for the probability distribution after relaxation is:
\[
\text{Pr}(o_2 = a | X = a) = \frac{e^{\epsilon_2}}{e^{\epsilon_2}+1}
\]
\[
\text{Pr}(o_2 = b | X = a) = \frac{1}{e^{\epsilon_2}+1}
\]
For multi - value random response, the formula for the probability distribution after relaxation is:
\[
\text{Pr}(o_2 = a | X = a) = \frac{e^{\epsilon_2}}{e^{\epsilon_2}+m - 1}
\]
\[
\text{Pr}(o_2 = b | X = a) = \frac{1}{e^{\epsilon_2}+m - 1}\quad\text{s.t. }b\neq a
\]
Through these formulas, the paper ensures that the output after each relaxation still meets the corresponding LDP guarantees and can gradually release the privacy budget, thereby optimizing the balance between privacy protection and data utility.
### Application Scenarios
- **Gradual Privacy Relaxation in RAPPOR**: By gradually relaxing the privacy protection level of random response, the utility of frequency estimation is optimized.
- **Mean Estimation**: Combined with the gradual relaxation of random response, the privacy protection and utility of mean estimation are optimized.
- **Data Market**: Users can sell data at different privacy protection levels according to different buyer requirements while ensuring that the overall privacy budget is not exceeded.
In conclusion, this paper solves the problem of how to optimize the use of the privacy budget under the LDP mechanism by proposing an algorithm for gradually relaxing the privacy protection level of random response, which has important theoretical and practical significance.