Formal Privacy Guarantees with Invariant Statistics

TL;DR

This paper introduces Semi-DP, a privacy framework extending differential privacy to jointly release private outputs and nonprivate invariants, with applications to census data analysis.

Contribution

It redefines adjacency focusing on datasets conforming to invariants and develops mechanisms satisfying Semi-DP, including for rank-deficient sensitivity spaces.

Findings

Semi-DP enables joint release of private outputs and invariants.

Customized mechanisms like Gaussian and $K$-norm are developed for Semi-DP.

Analysis shows US Census privacy guarantees are weaker than claimed.

Abstract

Motivated by the 2020 US Census products, this paper extends differential privacy (DP) to address the joint release of DP outputs and nonprivate statistics, referred to as invariant. Our framework, Semi-DP, redefines adjacency by focusing on datasets that conform to the given invariant, ensuring indistinguishability between adjacent datasets within invariant-conforming datasets. We further develop customized mechanisms that satisfy Semi-DP, including the Gaussian mechanism and the optimal $K$-norm mechanism for rank-deficient sensitivity spaces. Our framework is applied to contingency table analysis which is relevant to the 2020 US Census, illustrating how Semi-DP enables the release of private outputs given the one-way margins as the invariant. Additionally, we provide a privacy analysis of the 2020 US Decennial Census using the Semi-DP framework, revealing that the effective privacy guarantees are weaker than advertised.