A Differentially Private Weighted Empirical Risk Minimization Procedure and its Application to Outcome Weighted Learning

TL;DR

This paper introduces the first differentially private algorithm for weighted empirical risk minimization (wERM), enabling privacy-preserving personalized treatment models like outcome weighted learning (OWL) with strong theoretical guarantees and practical effectiveness.

Contribution

It develops a novel DP-wERM algorithm applicable to weighted ERM, extending privacy-preserving methods to personalized treatment learning including OWL.

Findings

DP-wERM achieves theoretical privacy guarantees.

Models trained with DP-wERM maintain strong predictive performance.

Empirical results confirm feasibility in clinical settings.

Abstract

It is common practice to use data containing personal information to build predictive models in the framework of empirical risk minimization (ERM). While these models can be highly accurate in prediction, sharing the results from these models trained on sensitive data may be susceptible to privacy attacks. Differential privacy (DP) is an appealing framework for addressing such data privacy issues by providing mathematically provable bounds on the privacy loss incurred when releasing information from sensitive data. Previous work has primarily concentrated on applying DP to unweighted ERM. We consider weighted ERM (wERM), an important generalization, where each individual's contribution to the objective function can be assigned varying weights. We propose the first differentially private algorithm for general wERM, with theoretical DP guarantees. Extending the existing DP-ERM procedures to wERM creates a pathway for deriving privacy-preserving learning methods for individualized treatment rules, including the popular outcome weighted learning (OWL). We evaluate the performance of the DP-wERM framework applied to OWL in both simulation studies and in a real clinical trial. All empirical results demonstrate the feasibility of training OWL models via wERM with DP guarantees while maintaining sufficiently robust model performance, providing strong evidence for the practicality of implementing the proposed privacy-preserving OWL procedure in real-world scenarios involving sensitive data.