Differential Privacy for Black-Box Statistical Analyses

Authors: Nitin Kohli (UC Berkeley Center for Effective Global Action), Paul Laskowski (UC Berkeley School of Information)

Volume: 2023
Issue: 3
Pages: 418–431
DOI: https://doi.org/10.56553/popets-2023-0089

Download PDF

Abstract: We formalize a notion of a privacy wrapper, defined as an algorithm that can take an arbitrary and untrusted script and produce an output with differential privacy guarantees. Our novel privacy wrapper, named TAHOE, incorporates two design ideas: a type of stability under subsetting, and randomization over subset size. We show that TAHOE imposes differential privacy for every possible script. When the data alphabet is finite and small enough, TAHOE can be practically run on a single computer. Performance simulations show that TAHOE has greater accuracy than a benchmark algorithm based on a subsample-and-aggregate approach for certain scenarios and parameter values.

Keywords: Differential Privacy, Untrusted Code, Black Box, Statistics

Copyright in PoPETs articles are held by their authors. This article is published under a Creative Commons Attribution 4.0 license.