Efficient, Differentially Private Point Estimators

Differential privacy is a recent notion of privacy for statistical databases that provides rigorous, meaningful confidentiality guarantees, even in the presence of an attacker with access to arbitrary side information. We show that for a large class of parametric probability models, one can construct a differentially private estimator whose distribution converges to that of the maximum likelihood estimator. In particular, it is efficient and asymptotically unbiased. This result provides (further) compelling evidence that rigorous notions of privacy in statistical databases can be consistent with statistically valid inference.

[1]  Cynthia Dwork,et al.  Privacy-Preserving Datamining on Vertically Partitioned Databases , 2004, CRYPTO.

[2]  Chris Clifton,et al.  Tools for privacy preserving distributed data mining , 2002, SKDD.

[3]  Alexandre V. Evfimievski,et al.  Limiting privacy breaches in privacy preserving data mining , 2003, PODS.

[4]  Latanya Sweeney,et al.  Privacy-enhanced linking , 2005, SKDD.

[5]  Dan Suciu,et al.  The Boundary Between Privacy and Utility in Data Publishing , 2007, VLDB.

[6]  Cynthia Dwork,et al.  Calibrating Noise to Sensitivity in Private Data Analysis , 2006, TCC.

[7]  Kobbi Nissim,et al.  Private Data Analysis via Output Perturbation - A Rigorous Approach to Constructing Sanitizers and Privacy Preserving Algorithms , 2008, Privacy-Preserving Data Mining.

[8]  Rakesh Agrawal,et al.  Privacy-preserving data mining , 2000, SIGMOD 2000.

[9]  Aaron Roth,et al.  A learning theory approach to noninteractive database privacy , 2011, JACM.

[10]  Cynthia Dwork,et al.  Privacy, accuracy, and consistency too: a holistic solution to contingency table release , 2007, PODS.

[11]  Irit Dinur,et al.  Revealing information while preserving privacy , 2003, PODS.

[12]  Cynthia Dwork,et al.  The price of privacy and the limits of LP decoding , 2007, STOC '07.

[13]  P. Diaconis,et al.  Algebraic algorithms for sampling from conditional distributions , 1998 .

[14]  Moni Naor,et al.  Our Data, Ourselves: Privacy Via Distributed Noise Generation , 2006, EUROCRYPT.

[15]  Cynthia Dwork,et al.  An Ad Omnia Approach to Defining and Achieving Private Data Analysis , 2007, PinKDD.

[16]  Sofya Raskhodnikova,et al.  What Can We Learn Privately? , 2008, 2008 49th Annual IEEE Symposium on Foundations of Computer Science.

[17]  Stephen E. Fienberg,et al.  Making the Release of Confidential Data from Multi-Way Tables Count , 2004 .

[18]  Cynthia Dwork,et al.  Differential Privacy , 2006, ICALP.

[19]  Cynthia Dwork,et al.  Differential Privacy: A Survey of Results , 2008, TAMC.

[20]  Cynthia Dwork,et al.  Practical privacy: the SuLQ framework , 2005, PODS.

[21]  Nabil R. Adam,et al.  Security-control methods for statistical databases: a comparative study , 1989, ACM Comput. Surv..

[22]  S L Warner,et al.  Randomized response: a survey technique for eliminating evasive answer bias. , 1965, Journal of the American Statistical Association.

[23]  S. Reiss,et al.  Data-swapping: A technique for disclosure control , 1982 .

[24]  D. Firth Bias reduction of maximum likelihood estimates , 1993 .

[25]  M. Kendall Theoretical Statistics , 1956, Nature.

[26]  Sofya Raskhodnikova,et al.  Smooth sensitivity and sampling in private data analysis , 2007, STOC '07.

[27]  Bing Li,et al.  An optimal estimating equation based on the first three cumulants , 1998 .