Thinking Outside of the Differential Privacy Box: A Case Study in Text Privatization with Language Model Prompting

TL;DR

This paper critically examines the use of Differential Privacy in NLP, especially in text privatization with language models, highlighting limitations and comparing utility and privacy outcomes.

Contribution

It provides a critical analysis of DP integration in NLP, focusing on a recent text privatization method and empirical evaluation of its utility and privacy trade-offs.

Findings

DP imposes restrictions that affect text rewriting quality

Empirical results show benefits and limitations of DP in NLP

Discussion emphasizes need for more usability research in DP-NLP

Abstract

The field of privacy-preserving Natural Language Processing has risen in popularity, particularly at a time when concerns about privacy grow with the proliferation of Large Language Models. One solution consistently appearing in recent literature has been the integration of Differential Privacy (DP) into NLP techniques. In this paper, we take these approaches into critical view, discussing the restrictions that DP integration imposes, as well as bring to light the challenges that such restrictions entail. To accomplish this, we focus on $\textbf{DP-Prompt}$, a recent method for text privatization leveraging language models to rewrite texts. In particular, we explore this rewriting task in multiple scenarios, both with DP and without DP. To drive the discussion on the merits of DP in NLP, we conduct empirical utility and privacy experiments. Our results demonstrate the need for more discussion on the usability of DP in NLP and its benefits over non-DP approaches.