Differentially Private Database Release via Kernel Mean Embeddings
This work addresses privacy concerns in database sharing for researchers and analysts, offering a novel theoretical approach with potential broad applicability, though it is incremental in building on existing differential privacy and kernel methods.
The paper tackles the problem of releasing databases for statistical analysis while protecting individual privacy, by proposing a framework that releases kernel mean embeddings of the data instead of the raw database, ensuring differential privacy and allowing third-parties to construct consistent estimators of population statistics.
We lay theoretical foundations for new database release mechanisms that allow third-parties to construct consistent estimators of population statistics, while ensuring that the privacy of each individual contributing to the database is protected. The proposed framework rests on two main ideas. First, releasing (an estimate of) the kernel mean embedding of the data generating random variable instead of the database itself still allows third-parties to construct consistent estimators of a wide class of population statistics. Second, the algorithm can satisfy the definition of differential privacy by basing the released kernel mean embedding on entirely synthetic data points, while controlling accuracy through the metric available in a Reproducing Kernel Hilbert Space. We describe two instantiations of the proposed framework, suitable under different scenarios, and prove theoretical results guaranteeing differential privacy of the resulting algorithms and the consistency of estimators constructed from their outputs.