Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

An Algorithm for Streaming Differentially Private Data

Girish Kumar, Thomas Strohmer, Roman Vershynin

TL;DR

The paper tackles streaming differential privacy for multi-dimensional spatial data, proposing a DP-preserving pipeline (PHDStream) that converts domain data into a hierarchical tree, applies a private tree selection (PrivTree), and updates a DP-consistent synthetic stream through leaf-level perturbations extended to the tree. It introduces online selective counting to improve utility by aggregating counts with DP-safe counters, enabling efficient, private updates during streaming. The approach is demonstrated on real and simulated spatial datasets, showing competitive accuracy under continual DP while supporting insertions and deletions (turnstile). The work advances practical privacy-preserving synthetic data generation for dynamic spatial domains and provides a flexible framework for online query answering and DP data synthesis.

Abstract

Much of the research in differential privacy has focused on offline applications with the assumption that all data is available at once. When these algorithms are applied in practice to streams where data is collected over time, this either violates the privacy guarantees or results in poor utility. We derive an algorithm for differentially private synthetic streaming data generation, especially curated towards spatial datasets. Furthermore, we provide a general framework for online selective counting among a collection of queries which forms a basis for many tasks such as query answering and synthetic data generation. The utility of our algorithm is verified on both real-world and simulated datasets.

An Algorithm for Streaming Differentially Private Data

TL;DR

The paper tackles streaming differential privacy for multi-dimensional spatial data, proposing a DP-preserving pipeline (PHDStream) that converts domain data into a hierarchical tree, applies a private tree selection (PrivTree), and updates a DP-consistent synthetic stream through leaf-level perturbations extended to the tree. It introduces online selective counting to improve utility by aggregating counts with DP-safe counters, enabling efficient, private updates during streaming. The approach is demonstrated on real and simulated spatial datasets, showing competitive accuracy under continual DP while supporting insertions and deletions (turnstile). The work advances practical privacy-preserving synthetic data generation for dynamic spatial domains and provides a flexible framework for online query answering and DP data synthesis.

Abstract

Much of the research in differential privacy has focused on offline applications with the assumption that all data is available at once. When these algorithms are applied in practice to streams where data is collected over time, this either violates the privacy guarantees or results in poor utility. We derive an algorithm for differentially private synthetic streaming data generation, especially curated towards spatial datasets. Furthermore, we provide a general framework for online selective counting among a collection of queries which forms a basis for many tasks such as query answering and synthetic data generation. The utility of our algorithm is verified on both real-world and simulated datasets.
Paper Structure (35 sections, 3 theorems, 30 equations, 19 figures, 10 algorithms)

This paper contains 35 sections, 3 theorems, 30 equations, 19 figures, 10 algorithms.

Table of Contents

  1. Introduction
  2. Related Work
  3. The problem
  4. A DP streaming, synthetic data algorithm
  5. Privacy of multiple data points is protected
  6. The method
  7. From streaming on sets to streaming on trees
  8. Consistent extension
  9. Differentially Private Tree
  10. Differentially Private Stream
  11. Privacy of PHDStream
  12. Counters and selective counting
  13. Counters
  14. PHDStreamTree with counters
  15. Multi-dimensional counter
  16. ...and 20 more sections

Key Result

Theorem 3.1

The randomized algorithm $\mathcal{M} \coloneqq \mathop{\mathrm{PrivTree}}\nolimits_T(F, \varepsilon, \theta)$ is $\varepsilon$-differentially private in the $\norm{\cdot}_{C(T)}$ norm for any $\theta \geq 0$.

Figures (19)

  • Figure 1: The progression of relative error in small range queries with time. All experiments are with privacy budget $\varepsilon=0.5$. Each subplot has a time horizon on the x-axis and corresponds to a particular value of $t_0$ (increasing from left to right).
  • Figure 2: Comparing Simple, Block with size 8, and Binary Tree counters with privacy budget $\varepsilon=0.5$. The true data is a random bit stream of 0s and 1s. On the y-axis, we have the absolute error in the value of the counter at any time averaged over 10 independent runs of the counter algorithm.
  • Figure 3: Scatter plot for the simulated datasets of two concentric circles showing the resulting location of users at four different times steps progressing from left to right
  • Figure 4: Geometry used for datasets
  • Figure 5: Cummulative count as time progresses for Gowalla and NY Taxi Dataset. The plot illustrates our motivation for the choice of initialization time.
  • ...and 14 more figures

Theorems & Definitions (8)

  • Definition 2.1: Differential privacy
  • Theorem 3.1: Privacy of PrivTree
  • Theorem 3.2: Privacy of PHDStream
  • Definition 4.1
  • Theorem 4.2
  • proof : Proof of Theorem \ref{['thm: PrivTree privacy']}
  • proof : Proof of Theorem \ref{['thm: PHDStream privacy']}
  • proof