PRISM: Differentially Private Synthetic Data with Structure-Aware Budget Allocation for Prediction

TL;DR

PRISM is a novel differentially private synthetic data generation method that optimizes feature selection and noise allocation based on structural knowledge to improve prediction accuracy under privacy constraints.

Contribution

It introduces a prediction-centric, structure-aware approach for DP synthetic data, formalizes the mechanism, and demonstrates improved accuracy over generic methods.

Findings

Task-aware allocation enhances prediction accuracy.

Targeting causal parents improves AUC under distribution shift.

PRISM outperforms generic synthesizers in predictive tasks.

Abstract

Differential privacy (DP) provides a mathematical guarantee limiting what an adversary can learn about any individual from released data. However, achieving this protection typically requires adding noise, and noise can accumulate when many statistics are measured. Existing DP synthetic data methods treat all features symmetrically, spreading noise uniformly even when the data will serve a specific prediction task. We develop a prediction-centric approach operating in three regimes depending on available structural knowledge. In the causal regime, when the causal parents of $Y$ are known and distribution shift is expected, we target the parents for robustness. In the graphical regime, when a Bayesian network structure is available and the distribution is stable, the Markov blanket of $Y$ provides a sufficient feature set for optimal prediction. In the predictive regime, when no structural knowledge exists, we select features via differentially private methods without claiming to recover causal or graphical structure. We formalize this as PRISM, a mechanism that (i) identifies a predictive feature subset according to the appropriate regime, (ii) constructs targeted summary statistics, (iii) allocates budget to minimize an upper bound on prediction error, and (iv) synthesizes data via graphical-model inference. We prove end-to-end privacy guarantees and risk bounds. Empirically, task-aware allocation improves prediction accuracy compared to generic synthesizers. Under distribution shift, targeting causal parents achieves AUC $\approx 0.73$ while correlation-based selection collapses to chance ($\approx 0.49$).