Interpreting Epsilon of Differential Privacy in Terms of Advantage in Guessing or Approximating Sensitive Attributes
This work addresses the challenge of parameter selection in differential privacy for data analysts and privacy practitioners, offering a more interpretable approach, though it is incremental as it builds on existing DP frameworks.
The paper tackles the problem of selecting an appropriate epsilon value for differential privacy by linking it to an adversary's advantage in guessing sensitive attributes, providing a method to compute epsilon based on a specified delta representing the attacker's probability gain.
There are numerous methods of achieving $ε$-differential privacy (DP). The question is what is the appropriate value of $ε$, since there is no common agreement on a "sufficiently small" $ε$, and its goodness depends on the query as well as the data. In this paper, we show how to compute $ε$ that corresponds to $δ$, defined as the adversary's advantage in probability of guessing some specific property of the output. The attacker's goal can be stated as Boolean expression over guessing particular attributes, possibly within some precision. The attributes combined in this way should be independent. We assume that both the input and the output distributions have corresponding probability density functions, or probability mass functions.