Differentially Private Domain Adaptation with Theoretical Guarantees
This work addresses privacy-preserving domain adaptation for applications where labeled data is limited and sensitive, offering theoretical guarantees but being incremental in nature.
The authors tackled the problem of supervised domain adaptation from a public source to a private target domain under differential privacy constraints, presenting two algorithms with theoretical guarantees and showing in experiments that their private versions perform close to non-private ones for larger sample sizes or privacy parameters.
In many applications, the labeled data at the learner's disposal is subject to privacy constraints and is relatively limited. To derive a more accurate predictor for the target domain, it is often beneficial to leverage publicly available labeled data from an alternative domain, somewhat close to the target domain. This is the modern problem of supervised domain adaptation from a public source to a private target domain. We present two $(ε, δ)$-differentially private adaptation algorithms for supervised adaptation, for which we make use of a general optimization problem, recently shown to benefit from favorable theoretical learning guarantees. Our first algorithm is designed for regression with linear predictors and shown to solve a convex optimization problem. Our second algorithm is a more general solution for loss functions that may be non-convex but Lipschitz and smooth. While our main objective is a theoretical analysis, we also report the results of several experiments first demonstrating that the non-private versions of our algorithms outperform adaptation baselines and next showing that, for larger values of the target sample size or $ε$, the performance of our private algorithms remains close to that of the non-private formulation.