Privacy Preserving Recalibration under Domain Shift

Rachel Luo; Shengjia Zhao; Jiaming Song; Jonathan Kuck; Stefano Ermon,; Silvio Savarese

arXiv:2008.09643·cs.LG·August 25, 2020

Privacy Preserving Recalibration under Domain Shift

Rachel Luo, Shengjia Zhao, Jiaming Song, Jonathan Kuck, Stefano Ermon,, Silvio Savarese

PDF

Open Access

TL;DR

This paper presents a framework for privacy-preserving recalibration of classifiers under domain shift, introducing a new algorithm that improves calibration accuracy while maintaining differential privacy, especially on challenging datasets.

Contribution

The authors develop a framework for differentially private recalibration under domain shift and propose a novel accuracy temperature scaling algorithm that outperforms existing methods.

Findings

01

Significant improvement in calibration on privacy-sensitive domain-shift benchmarks.

02

Median ECE of 0.029 on ImageNet-C perturbations, outperforming prior methods.

03

Effective preservation of privacy while enhancing model calibration in real-world scenarios.

Abstract

Classifiers deployed in high-stakes real-world applications must output calibrated confidence scores, i.e. their predicted probabilities should reflect empirical frequencies. Recalibration algorithms can greatly improve a model's probability estimates; however, existing algorithms are not applicable in real-world situations where the test data follows a different distribution from the training data, and privacy preservation is paramount (e.g. protecting patient records). We introduce a framework that abstracts out the properties of recalibration problems under differential privacy constraints. This framework allows us to adapt existing recalibration algorithms to satisfy differential privacy while remaining effective for domain-shift situations. Guided by our framework, we also design a novel recalibration algorithm, accuracy temperature scaling, that outperforms prior work on private…

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.

Taxonomy

TopicsPrivacy-Preserving Technologies in Data · Domain Adaptation and Few-Shot Learning · Advanced Neural Network Applications