General inferential limits under differential and Pufferfish privacy

IJAR

Differential privacy (DP) is a class of mathematical standards for assessing the privacy provided by a data-release mechanism. This work concerns two important flavors of DP that are related yet conceptually distinct: pure $\epsilon $-differential privacy ($\epsilon $-DP) and Pufferfish privacy. We restate $\epsilon $-DP and Pufferfish privacy as Lipschitz continuity conditions and provide their formulations in terms of an object from the imprecise probability literature: the interval of measures. We use these formulations to derive limits on key quantities in frequentist hypothesis testing and in Bayesian inference using data that are sanitised according to either of these two privacy standards. Under very mild conditions, the results in this work are valid for arbitrary parameters, priors and data generating models. These bounds are weaker than those attainable when analysing specific data generating models or data-release mechanisms. However, they provide generally applicable limits on the ability to learn from differentially private data – even when the analyst’s knowledge of the model or mechanism is limited. They also shed light on the semantic interpretations of the two DP flavors under examination, a subject of contention in the current literature.

This paper is an extended version of an ISIPTA’23 conference proceeding entitled Differential privacy: General inferential limits via Intervals of Measures, PMLR (215)11–24.