Controlling Privacy Loss in Sampling Schemes: an Analysis of Stratified and Cluster Sampling
This addresses privacy risks in statistical and algorithmic applications for practitioners using advanced sampling methods, highlighting a critical gap in differential privacy theory.
The paper tackles the problem of privacy amplification in complex, data-dependent sampling schemes like stratified and cluster sampling, finding that these schemes often fail to enhance privacy and can even degrade it, contrasting with the known benefits of simple random sampling.
Sampling schemes are fundamental tools in statistics, survey design, and algorithm design. A fundamental result in differential privacy is that a differentially private mechanism run on a simple random sample of a population provides stronger privacy guarantees than the same algorithm run on the entire population. However, in practice, sampling designs are often more complex than the simple, data-independent sampling schemes that are addressed in prior work. In this work, we extend the study of privacy amplification results to more complex, data-dependent sampling schemes. We find that not only do these sampling schemes often fail to amplify privacy, they can actually result in privacy degradation. We analyze the privacy implications of the pervasive cluster sampling and stratified sampling paradigms, as well as provide some insight into the study of more general sampling designs.