Realisation-Level Privacy Filtering
This work addresses privacy concerns in data release for users handling sensitive databases, offering a refined method that is incremental over prior composition-based approaches.
The paper tackles the problem of differentially private data release by proposing a realisation-level filtering approach to determine stopping times for queries, proving it guarantees (ε, δ)-differential privacy and showing through numerical evidence that it improves utility beyond existing methods.
We study differentially private data release, where a database is accessed through successive, possibly adaptive queries and mechanisms. Existing composition theorems and privacy filters combine worst case per-round privacy parameters, leaving room for more refined accounting based on realised leakage, which we term realisation-level accounting. We propose a realisation-level filtering approach to determine stopping times for data releases, and design one such filter. Despite technical challenges arising from conditioning on realisations and stopping time, we prove that the filter guarantees $(ε, δ)$-differential privacy, with $ε$ and $δ$ chosen by the data handler. Through numerical evidence, we demonstrate that realisation-level filtering provides a path to better utility beyond mechanism-level methods. Furthermore, our proposed filter applies to arbitrary mechanisms, including those that are badly behaved under Rényi differential privacy.