Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Gaussian Differentially Private Human Faces Under a Face Radial Curve Representation

Carlos Soto, Matthew Reimherr, Aleksandra Slavkovic, Mark Shriver

TL;DR

The paper tackles privacy-preserving release of a 3D human face under $\\mu$-Gaussian differential privacy (GDP). It introduces a disk-parameterized face representation via face radial curves and applies a GDP-for-functional-data mechanism by adding Gaussian process noise in an RKHS, releasing a private mean function with $\\tilde{h}(D)=h(D)+\\sigma Z$ and $\\sigma \\ge \\Delta/\\mu$. The contributions include (i) the novel face radial curves representation that preserves the shape of the average face, (ii) the extension of approximate DP FDA techniques to the $\\mu$-GDP framework with tight composition, and (iii) empirical demonstrations showing less injected noise than pointwise DP for the same privacy budget and applicability to other disk-like surfaces. This approach enables privacy-preserving sharing of 3D facial data in anthropological and genomic contexts while maintaining geometric fidelity through elastic shape analysis and disk parameterization.

Abstract

In this paper we consider the problem of releasing a Gaussian Differentially Private (GDP) 3D human face. The human face is a complex structure with many features and inherently tied to one's identity. Protecting this data, in a formally private way, is important yet challenging given the dimensionality of the problem. We extend approximate DP techniques for functional data to the GDP framework. We further propose a novel representation, face radial curves, of a 3D face as a set of functions and then utilize our proposed GDP functional data mechanism. To preserve the shape of the face while injecting noise we rely on tools from shape analysis for our novel representation of the face. We show that our method preserves the shape of the average face and injects less noise than traditional methods for the same privacy budget. Our mechanism consists of two primary components, the first is generally applicable to function value summaries (as are commonly found in nonparametric statistics or functional data analysis) while the second is general to disk-like surfaces and hence more applicable than just to human faces.

Gaussian Differentially Private Human Faces Under a Face Radial Curve Representation

TL;DR

The paper tackles privacy-preserving release of a 3D human face under -Gaussian differential privacy (GDP). It introduces a disk-parameterized face representation via face radial curves and applies a GDP-for-functional-data mechanism by adding Gaussian process noise in an RKHS, releasing a private mean function with and . The contributions include (i) the novel face radial curves representation that preserves the shape of the average face, (ii) the extension of approximate DP FDA techniques to the -GDP framework with tight composition, and (iii) empirical demonstrations showing less injected noise than pointwise DP for the same privacy budget and applicability to other disk-like surfaces. This approach enables privacy-preserving sharing of 3D facial data in anthropological and genomic contexts while maintaining geometric fidelity through elastic shape analysis and disk parameterization.

Abstract

In this paper we consider the problem of releasing a Gaussian Differentially Private (GDP) 3D human face. The human face is a complex structure with many features and inherently tied to one's identity. Protecting this data, in a formally private way, is important yet challenging given the dimensionality of the problem. We extend approximate DP techniques for functional data to the GDP framework. We further propose a novel representation, face radial curves, of a 3D face as a set of functions and then utilize our proposed GDP functional data mechanism. To preserve the shape of the face while injecting noise we rely on tools from shape analysis for our novel representation of the face. We show that our method preserves the shape of the average face and injects less noise than traditional methods for the same privacy budget. Our mechanism consists of two primary components, the first is generally applicable to function value summaries (as are commonly found in nonparametric statistics or functional data analysis) while the second is general to disk-like surfaces and hence more applicable than just to human faces.
Paper Structure (21 sections, 3 theorems, 9 equations, 10 figures, 1 table)

This paper contains 21 sections, 3 theorems, 9 equations, 10 figures, 1 table.

Table of Contents

  1. Introduction
  2. Notation and Background on Face Representation
  3. Parameterization
  4. Shape Analysis of Surfaces
  5. Novel Face Radial Curves Representation
  6. Gaussian Differential Privacy for Functional Data
  7. Background on Differential Privacy for Functional Data
  8. Extension of GDP to Functional Data
  9. Face Radial Curve Example
  10. Experimental Results
  11. Conclusions
  12. Appendix
  13. Limitations
  14. Experiments Compute Resources
  15. Reparameterization
  16. ...and 6 more sections

Key Result

Corollary 4.2

A mechanism is $\mu-$GDP if and only if it is $(\epsilon,\delta(\epsilon))-$DP for all $\epsilon\geq 0$, where $\delta(\epsilon)\geq \Phi\left(-\frac{\epsilon}{\mu}+\frac{\mu}{2}\right)-e^{\epsilon} \Phi\left(-\frac{\epsilon}{\mu}-\frac{\mu}{2}\right).$

Figures (10)

  • Figure 1: Left: A triangulated mesh face. Middle: A disk-parameterized face, the center of the disk being the left nostril. Right: A disk-parameterized face after a Möbius transformation forcing the center of the disk to be the tip of the nose.
  • Figure 2: Left: A point cloud representation of a face. Right: A surface representation of the face with an overlay of radial curves.
  • Figure 3: Left: The same face represented using 16, 27, and 80 face radial curves, respectively. Right: The $x$, $y$, and $z$ coordinate curves, respectively, for a particular face radial curve.
  • Figure 4: Left: Two angles of the average face constructed of average face radial curves with $\phi_x=\phi_y=0.01$ and $\phi_z=0.005$. Right: Two angles of the point-wise mean.
  • Figure 5: Left: Two angles of a private face sanitized with point wise Gaussian noise with total $\mu_T=2$. Right: Two angles of a differentially private face constructed from private mean face radial curves with $\mu_T=2.9961$$\phi_x=\phi_y=0.01$ and $\phi_z=0.005$.
  • ...and 5 more figures

Theorems & Definitions (6)

  • Definition 4.1
  • Corollary 4.2: dong2019gaussian
  • Theorem 4.3
  • proof
  • Definition A.1: dwork2006calibrating
  • Theorem A.2: mirshani2017establishing