Federated Heavy Hitters Discovery with Differential Privacy
This addresses privacy risks in app and web ecosystems by enabling heavy hitter discovery without centralizing raw data or incurring high utility loss from local differential privacy.
The paper tackles the problem of discovering heavy hitters in user-generated data streams while preserving privacy, proposing a distributed algorithm that is inherently differentially private without added noise, and validates it on a Twitter dataset with 1.6M tweets and 650k users, showing excellent utility and strong privacy.
The discovery of heavy hitters (most frequent items) in user-generated data streams drives improvements in the app and web ecosystems, but can incur substantial privacy risks if not done with care. To address these risks, we propose a distributed and privacy-preserving algorithm for discovering the heavy hitters in a population of user-generated data streams. We leverage the sampling and thresholding properties of our distributed algorithm to prove that it is inherently differentially private, without requiring additional noise. We also examine the trade-off between privacy and utility, and show that our algorithm provides excellent utility while also achieving strong privacy guarantees. A significant advantage of this approach is that it eliminates the need to centralize raw data while also avoiding the significant loss in utility incurred by local differential privacy. We validate our findings both theoretically, using worst-case analyses, and practically, using a Twitter dataset with 1.6M tweets and over 650k users. Finally, we carefully compare our approach to Apple's local differential privacy method for discovering heavy hitters.