Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Rethinking Disclosure Prevention with Pointwise Maximal Leakage

Sara Saeidian, Giulia Cervia, Tobias J. Oechtering, Mikael Skoglund

TL;DR

A general model of utility and privacy is proposed, in which utility is achieved by disclosing the value of low-entropy features of a secret X, while privacy is maintained by hiding the value of high-entropy features of X, to prove that contrary to popular opinion, it is possible to provide meaningful inferential privacy guarantees.

Abstract

This paper introduces a paradigm shift in the way privacy is defined, driven by a novel interpretation of the fundamental result of Dwork and Naor about the impossibility of absolute disclosure prevention. We propose a general model of utility and privacy in which utility is achieved by disclosing the value of low-entropy features of a secret $X$, while privacy is maintained by hiding the value of high-entropy features of $X$. Adopting this model, we prove that, contrary to popular opinion, it is possible to provide meaningful inferential privacy guarantees. These guarantees are given in terms of an operationally-meaningful information measure called pointwise maximal leakage (PML) and prevent privacy breaches against a large class of adversaries regardless of their prior beliefs about $X$. We show that PML-based privacy is compatible with and provides insights into existing notions such as differential privacy. We also argue that our new framework enables highly flexible mechanism designs, where the randomness of a mechanism can be adjusted to the entropy of the data, ultimately, leading to higher utility.

Rethinking Disclosure Prevention with Pointwise Maximal Leakage

TL;DR

A general model of utility and privacy is proposed, in which utility is achieved by disclosing the value of low-entropy features of a secret X, while privacy is maintained by hiding the value of high-entropy features of X, to prove that contrary to popular opinion, it is possible to provide meaningful inferential privacy guarantees.

Abstract

This paper introduces a paradigm shift in the way privacy is defined, driven by a novel interpretation of the fundamental result of Dwork and Naor about the impossibility of absolute disclosure prevention. We propose a general model of utility and privacy in which utility is achieved by disclosing the value of low-entropy features of a secret , while privacy is maintained by hiding the value of high-entropy features of . Adopting this model, we prove that, contrary to popular opinion, it is possible to provide meaningful inferential privacy guarantees. These guarantees are given in terms of an operationally-meaningful information measure called pointwise maximal leakage (PML) and prevent privacy breaches against a large class of adversaries regardless of their prior beliefs about . We show that PML-based privacy is compatible with and provides insights into existing notions such as differential privacy. We also argue that our new framework enables highly flexible mechanism designs, where the randomness of a mechanism can be adjusted to the entropy of the data, ultimately, leading to higher utility.
Paper Structure (25 sections, 12 theorems, 64 equations, 1 figure)

This paper contains 25 sections, 12 theorems, 64 equations, 1 figure.

Table of Contents

  1. Introduction
  2. Overview and Contributions
  3. Preliminaries
  4. Notation and Terminology
  5. Min-entropy and Rényi Divergence of Order Infinity
  6. Pointwise Maximal Leakage
  7. Leakage Capacity
  8. Impossibility of Absolute Disclosure Prevention
  9. What Is Privacy and What Is Utility?
  10. Entropy-based Disclosure Prevention
  11. How to Pick epsilon?
  12. Inferential Database Privacy
  13. Laplace Mechanism and the Counting Query
  14. Other Related Works
  15. Conclusions
  16. ...and 10 more sections

Key Result

Theorem 2.4

Let $P_{XY}$ be a distribution on the set $\mathcal{X} \times \mathcal{Y}$ with the marginal distribution $P_X$ on $\mathcal{X}$. The pointwise maximal leakage from $X$ to $y \in \mathcal{Y}$ isTo be able to define PML for all $y \in \mathcal{Y}$, we use the convention that $P_{X \mid Y=y} = P_X$ if where $P_{X \mid Y=y}$ denotes the posterior distribution of $X$ given $y \in \mathcal{Y}$.

Figures (1)

  • Figure 1: Upper bounds on $\ell_{P_{XY}}(X \to 1)$ in Example \ref{['ex:deterministic']} when $p \in \{0.3, 0.5\}$ and $n \in \{200, 500, 1000, 2000\}$.

Theorems & Definitions (26)

  • Definition 2.1: Min-entropy
  • Definition 2.2: Rényi divergence of order $\infty$ van2014renyi
  • Definition 2.3: Pointwise maximal leakage saeidian2023pointwise_it
  • Theorem 2.4: saeidian2023pointwise_it
  • Definition 2.5: Conditional PML saeidian2023pointwise_it
  • Definition 2.6: $(\epsilon, \mathcal{P})$-PML
  • Definition 2.7: Leakage Capacity
  • Theorem 2.8: issaOperationalApproachInformation2020
  • Example 3.1
  • Example 3.2
  • ...and 16 more