Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Inferentially-Private Private Information

Shuaiqi Wang, Shuran Zheng, Zinan Lin, Giulia Fanti, Zhiwei Steven Wu

TL;DR

This work defines inferential privacy (IP) as a bound on how much an adversary’s posterior on the secret $S$ can change after observing the released signal $T$, and seeks information structures that maximize informativeness about the state $Y$ under IP. It develops a geometric characterization of Blackwell-optimal disclosures under IP, proving a cardinality bound $|\mathcal{T}|\le 3|\mathcal{S}|+1$ and providing a closed-form, unique solution for binary secrets, plus a programming approach for $|\mathcal{S}|>2$. The results show that allowing positive IP ($\varepsilon>0$) can yield substantial utility gains over perfect privacy, and they offer practical mechanisms for binary secrets and a scalable method for larger secret spaces. The framework connects Blackwell optimality, pufferfish/privacy constraints, and geometric tilings, with potential implications for private information release in finance, healthcare, and data-sharing settings.

Abstract

Information disclosure can compromise privacy when revealed information is correlated with private information. We consider the notion of inferential privacy, which measures privacy leakage by bounding the inferential power a Bayesian adversary can gain by observing a released signal. Our goal is to devise an inferentially-private private information structure that maximizes the informativeness of the released signal, following the Blackwell ordering principle, while adhering to inferential privacy constraints. To achieve this, we devise an efficient release mechanism that achieves the inferentially-private Blackwell optimal private information structure for the setting where the private information is binary. Additionally, we propose a programming approach to compute the optimal structure for general cases given the utility function. The design of our mechanisms builds on our geometric characterization of the Blackwell-optimal disclosure mechanisms under privacy constraints, which may be of independent interest.

Inferentially-Private Private Information

TL;DR

This work defines inferential privacy (IP) as a bound on how much an adversary’s posterior on the secret can change after observing the released signal , and seeks information structures that maximize informativeness about the state under IP. It develops a geometric characterization of Blackwell-optimal disclosures under IP, proving a cardinality bound and providing a closed-form, unique solution for binary secrets, plus a programming approach for . The results show that allowing positive IP () can yield substantial utility gains over perfect privacy, and they offer practical mechanisms for binary secrets and a scalable method for larger secret spaces. The framework connects Blackwell optimality, pufferfish/privacy constraints, and geometric tilings, with potential implications for private information release in finance, healthcare, and data-sharing settings.

Abstract

Information disclosure can compromise privacy when revealed information is correlated with private information. We consider the notion of inferential privacy, which measures privacy leakage by bounding the inferential power a Bayesian adversary can gain by observing a released signal. Our goal is to devise an inferentially-private private information structure that maximizes the informativeness of the released signal, following the Blackwell ordering principle, while adhering to inferential privacy constraints. To achieve this, we devise an efficient release mechanism that achieves the inferentially-private Blackwell optimal private information structure for the setting where the private information is binary. Additionally, we propose a programming approach to compute the optimal structure for general cases given the utility function. The design of our mechanisms builds on our geometric characterization of the Blackwell-optimal disclosure mechanisms under privacy constraints, which may be of independent interest.

Paper Structure

This paper contains 30 sections, 13 theorems, 47 equations, 12 figures, 1 algorithm.

Table of Contents

  1. Introduction
  2. Related work
  3. Relation to he2022private
  4. Problem Formulation
  5. Privacy Metric
  6. Relation to pufferfish privacy
  7. Informativeness and Utility
  8. Utility
  9. Geometric Visualization of Information Structures
  10. Interpretation of privacy constraints
  11. Blackwell-optimal structure from he2022private
  12. Geometric characterization of IP Blackwell-Optimal Solutions
  13. Geometric characterization of $\mathbb{P}\left( Y|S, T \right)$
  14. Geometric characterization of $\mathbb{P}\left( T|S \right)$
  15. Upper left characterization
  16. ...and 15 more sections

Key Result

Theorem 2.1

When $Y\in \{0,1\}$ is binary, let random variable $Q_1 = \mathbb{P}\left( Y=1|T_1 \right) \in [0,1]$ be the posterior about $Y=1$ after observing $T_1$. Similarly, we define $Q_2 = \mathbb{P}\left( Y=1|T_2 \right)$. Then the following statements are equivalent:

Figures (12)

  • Figure 1: Information structure of $\mathbb{P}\left( S,Y,T \right)$. We use the term "column" to denote a set of cells with fixed output signal $t\in \mathcal{T}$; in our terminology, each column need not be a single rectangle, as shown in the column outlined in red for $t_2$. Each row corresponds to a secret $s \in \mathcal{S}$. For each cell, the color represents the posterior probability $\mathbb{P}\left( Y=1|S,T \right)$ (dark yellow is 1, light yellow is some value between 0 and 1, and white is 0). The height of each row represents $\mathbb{P}\left( S \right)$, and the width of each cell represents $\mathbb{P}\left( T|S \right)$.
  • Figure 2: Blackwell-optimal structure with perfect privacy constraint. $\mathcal{T}=\left\{ t_1, t_2, t_3 \right\}$. The width of each cell is determined by the $\mathbb{P}\left( Y=1|S \right)$, and each cell is either dark yellow or white, indicating $\mathbb{P}\left( Y|S,T \right)\in\left\{ 0,1 \right\}$.
  • Figure 3: Under an inferentially-private Blackwell optimal information structure, $\mathbb{P}\left( Y=1|S=s, T=t \right) \in \{ 0,1 \}$, $\forall s\in\mathcal{S}, t\in\mathcal{T}$. In other words, every cell in the visualization is fully white or dark yellow.
  • Figure 4: Under an inferentially-private Blackwell optimal information structure with $\mathcal{S}=\left\{ s_0, s_1 \right\}$ and $\widetilde{\mathcal{T}}=\left\{ t_2, t_3, t_4 \right\}$, $\mathbb{P}\left( T=t_2|S=s_1 \right)=H_{t_2}$, $\mathbb{P}\left( T=t_3|S=s_0 \right)=H_{t_3}$, $\mathbb{P}\left( T=t_4|S=s_1 \right)=H_{t_4}$, illustrated by cells with red outlines, $\mathbb{P}\left( T=t_2|S=s_0 \right)=L_{t_2}$, $\mathbb{P}\left( T=t_3|S=s_1 \right)=L_{t_3}$, $\mathbb{P}\left( T=t_4|S=s_0 \right)=L_{t_4}$, illustrated by cells with blue outlines, and $H_{t}=e^{\varepsilon}\cdot L_{t}, \forall t\in\left\{ t_2, t_3, t_4 \right\}$.
  • Figure 5: Under an inferentially-private Blackwell optimal information structure with $\mathcal{S}=\left\{ s_1, s_2, s_3 \right\}$ and $\widetilde{\mathcal{T}}=\left( t_2, t_3, t_4 \right)$, region $\mathcal{A}$ is illustrated as the yellow cells, region $\mathcal{B}$ is illustrated as the yellow cells with red outlines, and region $\mathcal{C}$ is illustrated as the white cells with red outlines. The region $\mathcal{A}$ is $\mathcal{T}$-upper-left, region $\mathcal{B}$ is $\widetilde{\mathcal{T}}$-upper-left, and region $\mathcal{C}$ is $\widetilde{\mathcal{T}}$-lower-right.
  • ...and 7 more figures

Theorems & Definitions (31)

  • Definition 2.1: Inferential Privacy (IP)
  • Definition 2.2: Blackwell ordering
  • Theorem 2.1: Properties of Blackwell ordering blackwell1951comparisonblackwell1953equivalent
  • Definition 2.3: $\varepsilon$-Inferentially-Private Blackwell optimality
  • Theorem 3.1: he2022private
  • Lemma 4.1
  • Lemma 4.2
  • Definition 4.1
  • Lemma 4.3
  • Definition 4.2: Equivalent Transformation
  • ...and 21 more