Context-Aware Local Differential Privacy

TL;DR

This paper introduces a context-aware local differential privacy framework that adapts privacy guarantees based on data sensitivity, providing optimal privatization schemes and reducing sample complexity in practical applications.

Contribution

It proposes a novel context-aware LDP framework, develops optimal privatization schemes for binary and k-ary data, and demonstrates reduced sample requirements in real-world scenarios.

Findings

Universal optimal privatization scheme for binary data.

Context-aware LDP reduces sample complexity compared to classical LDP.

Efficient schemes and bounds for distribution estimation in k-ary data.

Abstract

Local differential privacy (LDP) is a strong notion of privacy for individual users that often comes at the expense of a significant drop in utility. The classical definition of LDP assumes that all elements in the data domain are equally sensitive. However, in many applications, some symbols are more sensitive than others. This work proposes a context-aware framework of local differential privacy that allows a privacy designer to incorporate the application's context into the privacy definition. For binary data domains, we provide a universally optimal privatization scheme and highlight its connections to Warner's randomized response (RR) and Mangat's improved response. Motivated by geolocation and web search applications, for $k$-ary data domains, we consider two special cases of context-aware LDP: block-structured LDP and high-low LDP. We study discrete distribution estimation and provide communication-efficient, sample-optimal schemes and information-theoretic lower bounds for both models. We show that using contextual information can require fewer samples than classical LDP to achieve the same accuracy.