Quantifying Classifier Utility under Local Differential Privacy

TL;DR

This paper develops a unified theoretical framework to quantify how local differential privacy mechanisms impact classifier utility, enabling better privacy-utility trade-offs and guiding mechanism selection.

Contribution

It introduces a general framework connecting LDP perturbations with classifier robustness, applicable to any LDP mechanism and classifier, and proposes refinement techniques for improved utility analysis.

Findings

Piecewise-based mechanisms often outperform alternatives in utility.

Theoretical quantification closely matches empirical results in low-dimensional spaces.

Framework guides optimal LDP mechanism and parameter selection for classifiers.

Abstract

Local differential privacy (LDP) offers rigorous, quantifiable privacy guarantees for personal data by introducing perturbations at the data source. Understanding how these perturbations affect classifier utility is crucial for both designers and users. However, a general theoretical framework for quantifying this impact is lacking and also challenging, especially for complex or black-box classifiers. This paper presents a unified framework for theoretically quantifying classifier utility under LDP mechanisms. The key insight is that LDP perturbations are concentrated around the original data with a specific probability, allowing utility analysis to be reframed as robustness analysis within this concentrated region. Our framework thus connects the concentration properties of LDP mechanisms with the robustness of classifiers, treating LDP mechanisms as general distributional functions and classifiers as black boxes. This generality enables applicability to any LDP mechanism and classifier. A direct application of our utility quantification is guiding the selection of LDP mechanisms and privacy parameters for a given classifier. Notably, our analysis shows that a piecewise-based mechanism often yields better utility than alternatives in common scenarios. Beyond the core framework, we introduce two novel refinement techniques that further improve utility quantification. We then present case studies illustrating utility quantification for various combinations of LDP mechanisms and classifiers. Results demonstrate that our theoretical quantification closely matches empirical observations, particularly when classifiers operate in lower-dimensional input spaces.