Enforcing Demographic Coherence: A Harms Aware Framework for Reasoning about Private Data Release

TL;DR

This paper introduces demographic coherence, a privacy condition inspired by attacks, which captures inference risks related to demographic patterns and offers a less stringent alternative to differential privacy.

Contribution

It proposes demographic coherence as a new privacy framework, connecting privacy attacks to a formal condition and analyzing its relation to differential privacy.

Findings

Demographic coherence is weaker than differential privacy.

All differentially private algorithms are demographically coherent.

Some demographically coherent algorithms are not differentially private.

Abstract

The technical literature about data privacy largely consists of two complementary approaches: formal definitions of conditions sufficient for privacy preservation and attacks that demonstrate privacy breaches. Differential privacy is an accepted standard in the former sphere. However, differential privacy's powerful adversarial model and worst-case guarantees may make it too stringent in some situations, especially when achieving it comes at a significant cost to data utility. Meanwhile, privacy attacks aim to expose real and worrying privacy risks associated with existing data release processes but often face criticism for being unrealistic. Moreover, the literature on attacks generally does not identify what properties are necessary to defend against them. We address the gap between these approaches by introducing demographic coherence, a condition inspired by privacy attacks that we argue is necessary for data privacy. This condition captures privacy violations arising from inferences about individuals that are incoherent with respect to the demographic patterns in the data. Our framework focuses on confidence rated predictors, which can in turn be distilled from almost any data-informed process. Thus, we capture privacy threats that exist even when no attack is explicitly being carried out. Our framework not only provides a condition with respect to which data release algorithms can be analysed but suggests natural experimental evaluation methodologies that could be used to build practical intuition and make tangible assessment of risks. Finally, we argue that demographic coherence is weaker than differential privacy: we prove that every differentially private data release is also demographically coherent, and that there are demographically coherent algorithms which are not differentially private.