A Numerical Verification Framework for Differential Privacy in Estimation

TL;DR

This paper introduces a practical, data-driven framework to verify differential privacy in estimation mechanisms with continuous outputs, providing high-confidence guarantees and applying it to a specific estimator.

Contribution

It presents a novel finite-event testing approach for verifying differential privacy in continuous mechanisms, bridging the gap between theoretical conditions and practical evaluation.

Findings

Verified differential privacy of the $W_2$ Moving Horizon Estimator

Compared privacy performance with alternative methods in simulations

Quantified confidence levels of the privacy guarantees

Abstract

This work proposes an algorithmic method to verify differential privacy for estimation mechanisms with performance guarantees. Differential privacy makes it hard to distinguish outputs of a mechanism produced by adjacent inputs. While obtaining theoretical conditions that guarantee differential privacy may be possible, evaluating these conditions in practice can be hard. This is especially true for estimation mechanisms that take values in continuous spaces, as this requires checking for an infinite set of inequalities. Instead, our verification approach consists of testing the differential privacy condition for a suitably chosen finite collection of events at the expense of some information loss. More precisely, our data-driven, test framework for continuous range mechanisms first finds a highly-likely, compact event set, as well as a partition of this event, and then evaluates differential privacy wrt this partition. This results into a type of differential privacy with high confidence, which we are able to quantify precisely. This approach is then used to evaluate the differential-privacy properties of the recently proposed $W_2$ Moving Horizon Estimator. We confirm its properties, while comparing its performance with alternative approaches in simulation.