The Bounded Laplace Mechanism in Differential Privacy
This addresses a practical issue for data analysts using differential privacy, but is incremental as it builds on existing solutions.
The paper tackled the problem of the Laplace mechanism in differential privacy producing impossible values like negative counts, and showed that bounding its support with standard parameters fails to preserve privacy, while providing a method to compute optimal parameters for privacy.
The Laplace mechanism is the workhorse of differential privacy, applied to many instances where numerical data is processed. However, the Laplace mechanism can return semantically impossible values, such as negative counts, due to its infinite support. There are two popular solutions to this: (i) bounding/capping the output values and (ii) bounding the mechanism support. In this paper, we show that bounding the mechanism support, while using the parameters of the pure Laplace mechanism, does not typically preserve differential privacy. We also present a robust method to compute the optimal mechanism parameters to achieve differential privacy in such a setting.