Extremal Mechanisms for Pointwise Maximal Leakage

TL;DR

This work develops a rigorous mechanism-design framework for Pointwise Maximal Leakage (PML) in the local privacy setting, focusing on trading privacy for utility under convex (sub-convex) utility functions. It establishes a cardinality bound ($|\mathcal{Y}|\le|\mathcal{X}|$), characterizes the feasible privacy region as a polytope, and derives closed-form optimal mechanisms in key cases (binary X, high-privacy regime, and uniform priors). It also provides a general linear-programming approach that computes optimal mechanisms for arbitrary priors and privacy levels, leveraging majorization theory and lift-vector representations to reduce complexity. Numerical results show that PML-optimized mechanisms outperform randomized response under equivalent PML budgets, highlighting practical gains for privacy-by-design. Overall, the paper delivers actionable design tools and structural insights for implementing PML-based privacy with provable utility benefits in real systems.

Abstract

Data publishing under privacy constraints can be achieved with mechanisms that add randomness to data points when released to an untrusted party, thereby decreasing the data's utility. In this paper, we analyze this privacy-utility tradeoff for the pointwise maximal leakage privacy measure and a general class of convex utility functions. Pointwise maximal leakage (PML) was recently proposed as an operationally meaningful privacy measure based on two equivalent threat models: An adversary guessing a randomized function and an adversary aiming to maximize a general gain function. We study the behavior of the randomized response mechanism designed for local differential privacy under different prior distributions of the private data. Motivated by the findings of this analysis, we derive several closed-form solutions for the optimal privacy-utility tradeoff in the presented PML context using tools from convex analysis. Finally, we present a linear program that can compute optimal mechanisms for PML in a general setting.

Figures (4)

• Figure 1: Comparison of mutual information utility between the PML-optimal mechanisms and the randomized response mechanisms in \ref{['eq:LDP-RR']} for $N=3$. The dashed line marks the maximum utility, i.e., the Shannon entropy of $X$.
• Figure 2: Empirical mutual information of the optimal binary mechanism \ref{['eq:binarymech']} and the optimal high-privacy mechanism \ref{['eq:RRpml']} for non-uniform prior distributions, and how they compare to the randomized response mechanism in \ref{['eq:LDP-RR']}. The black line indicates the mean value of the $10$ experiments.
• Figure 3: Emprical correlation coefficient of the optimal binary and optimal high-privacy mechanism compared to the randomized response mechanism in \ref{['eq:LDP-RR']}. The black line indicates the mean value of the $10$ experiments.
• Figure 4: Geometry of the binary input binary output optimization problem for different prior configuration and $\varepsilon = \log 1.5$. Contour lines show mutual information between source alphabet and the variable induced by the mechanism. Stars mark optimal solutions. Note that \ref{['fig:BIBO-mi:subfig:asym']} corresponds to a case where $e^{\varepsilon} P_X(x_1) \geq 1$, that is, a case with an active box constraint. \ref{['fig:BIBO-mi:subfig:sym']} corresponds to a case with no active box constraints. The dividing line indicates the regions $S_1$,$S_2$.

Theorems & Definitions (30)

• Definition 1: Pointwise maximal leakage (PML), pml
• Definition 2: Majorization
• Definition 3: Schur-convex / Schur-concave function
• Definition 4: Sub-convex function, extremalmechanismLong
• Remark 1
• Theorem 1: Cardinality bound
• Lemma 1
• Definition 5: Randomized response extremalmechanismLong
• Proposition 1
• proof