Abstract
Sequential querying of differentially private mechanisms degrades the overall privacy level. In this paper, we answer the fundamental question of characterizing the level of overall privacy degradation as a function of the number of queries and the privacy levels maintained by each privatization mechanism. Our solution is complete: we prove an upper bound on the overall privacy level and construct a sequence of privatization mechanisms that achieves this bound. The key innovation is the introduction of an operational interpretation of differential privacy (involving hypothesis testing) and the use of a data processing inequality along with its converse. Our result improves over the state of the art, and has immediate connections to several problems studied in the literature.
Original language | English (US) |
---|---|
Article number | 7883827 |
Pages (from-to) | 4037-4049 |
Number of pages | 13 |
Journal | IEEE Transactions on Information Theory |
Volume | 63 |
Issue number | 6 |
DOIs | |
State | Published - Jun 2017 |
Externally published | Yes |
All Science Journal Classification (ASJC) codes
- Information Systems
- Computer Science Applications
- Library and Information Sciences
Keywords
- Differential privacy
- hypothesis testing