Differentially Private In-context Learning via Sampling Few-shot Mixed with Zero-shot Outputs
James Flemings, Haosheng Gan, Hongyi Li, Meisam Razaviyayn, Murali, Annavaram
TL;DR
This paper introduces a novel decoding framework, dps-mozo, that enhances privacy in in-context learning for generation tasks by sampling from mixed outputs, achieving differential privacy without noise and maintaining high utility.
Contribution
The paper proposes dps-mozo, a sampling-based method for differentially private in-context learning that reduces information leakage without utility loss.
Findings
Achieves strong privacy guarantee with ε=2
Minimal utility degradation with only 0.3% ROUGE-L F1 decrease
Effective privacy-utility tradeoff in open-ended generation tasks
Abstract
In-context learning (ICL) has shown promising improvement in downstream task adaptation of LLMs by augmenting prompts with relevant input-output examples (demonstrations). However, the ICL demonstrations can contain privacy-sensitive information, which can be leaked and/or regurgitated by the LLM output. Differential Privacy (DP), a widely adopted privacy safeguard, has emerged to mitigate this privacy leakage, with recent work demonstrating strong privacy-utility tradeoffs in classification tasks for ICL. However, generation tasks for ICL are challenging due to the high-dimensional output space of open-ended generation. To this end, we propose , Differentially Private Sampling by Mixing One-shot with Zero-shot Outputs, a decoding framework that generates DP text by sampling from the product of multiple one-shot outputs mixed with a zero-shot output. This mixing…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsDomain Adaptation and Few-Shot Learning