BlockRR: A Unified Framework of RR-type Algorithms for Label Differential Privacy

TL;DR

BlockRR is a unified randomized-response framework for label differential privacy that generalizes existing mechanisms, ensuring privacy guarantees and improving accuracy in high-privacy regimes on imbalanced datasets.

Contribution

We propose BlockRR, a unified RR-type mechanism for label DP that generalizes existing methods and maintains privacy under composition, with empirical validation on CIFAR-10 variants.

Findings

BlockRR satisfies $$-label DP.

It achieves better accuracy balance in high-privacy regimes.

In low-privacy regimes, it reduces to standard RR without performance loss.

Abstract

In this paper, we introduce BlockRR, a novel and unified randomized-response mechanism for label differential privacy. This framework generalizes existed RR-type mechanisms as special cases under specific parameter settings, which eliminates the need for separate, case-by-case analysis. Theoretically, we prove that BlockRR satisfies $\epsilon$-label DP. We also design a partition method for BlockRR based on a weight matrix derived from label prior information; the parallel composition principle ensures that the composition of two such mechanisms remains $\epsilon$-label DP. Empirically, we evaluate BlockRR on two variants of CIFAR-10 with varying degrees of class imbalance. Results show that in the high-privacy and moderate-privacy regimes ($\epsilon \leq 3.0$), our propsed method gets a better balance between test accuaracy and the average of per-class accuracy. In the low-privacy regime ($\epsilon \geq 4.0$), all methods reduce BlockRR to standard RR without additional performance loss.