Robustness Implies Privacy in Statistical Estimation

TL;DR

This paper establishes a fundamental link between robustness and privacy in high-dimensional statistical estimation, providing new algorithms that achieve optimal tradeoffs and are resilient to adversarial data corruption.

Contribution

It introduces the first black-box reduction from privacy to robustness, enabling the design of nearly-optimal private estimators with polynomial-time algorithms for high-dimensional problems.

Findings

First polynomial-time private estimators for high-dimensional Gaussian mean and covariance.

Reduction achieves optimal sample complexity, accuracy, and privacy tradeoffs.

Algorithms are robust to nearly optimal fractions of adversarial samples.

Abstract

We study the relationship between adversarial robustness and differential privacy in high-dimensional algorithmic statistics. We give the first black-box reduction from privacy to robustness which can produce private estimators with optimal tradeoffs among sample complexity, accuracy, and privacy for a wide range of fundamental high-dimensional parameter estimation problems, including mean and covariance estimation. We show that this reduction can be implemented in polynomial time in some important special cases. In particular, using nearly-optimal polynomial-time robust estimators for the mean and covariance of high-dimensional Gaussians which are based on the Sum-of-Squares method, we design the first polynomial-time private estimators for these problems with nearly-optimal samples-accuracy-privacy tradeoffs. Our algorithms are also robust to a nearly optimal fraction of adversarially-corrupted samples.