Collecting and Analyzing Multidimensional Data with Local Differential Privacy

TL;DR

This paper introduces improved local differential privacy mechanisms for collecting and analyzing multidimensional data, enhancing accuracy in basic tasks like mean computation and enabling privacy-preserving machine learning applications.

Contribution

It proposes novel LDP mechanisms for numeric and multidimensional data that outperform existing solutions in worst-case noise variance, and applies them to develop an LDP-compliant SGD algorithm.

Findings

Mechanisms achieve lower worst-case noise variance than existing methods.

Enhanced accuracy in mean estimation under LDP.

Effective application to privacy-preserving machine learning.

Abstract

Local differential privacy (LDP) is a recently proposed privacy standard for collecting and analyzing data, which has been used, e.g., in the Chrome browser, iOS and macOS. In LDP, each user perturbs her information locally, and only sends the randomized version to an aggregator who performs analyses, which protects both the users and the aggregator against private information leaks. Although LDP has attracted much research attention in recent years, the majority of existing work focuses on applying LDP to complex data and/or analysis tasks. In this paper, we point out that the fundamental problem of collecting multidimensional data under LDP has not been addressed sufficiently, and there remains much room for improvement even for basic tasks such as computing the mean value over a single numeric attribute under LDP. Motivated by this, we first propose novel LDP mechanisms for collecting a numeric attribute, whose accuracy is at least no worse (and usually better) than existing solutions in terms of worst-case noise variance. Then, we extend these mechanisms to multidimensional data that can contain both numeric and categorical attributes, where our mechanisms always outperform existing solutions regarding worst-case noise variance. As a case study, we apply our solutions to build an LDP-compliant stochastic gradient descent algorithm (SGD), which powers many important machine learning tasks. Experiments using real datasets confirm the effectiveness of our methods, and their advantages over existing solutions.