Bounding User Contributions for User-Level Differentially Private Mean Estimation
V. Arvind Rameshwar, Anshoo Tandon
TL;DR
The paper addresses releasing the mean under user-level DP for heterogeneous, bounded data. It introduces a distribution-independent worst-case error metric and identifies the optimal clipping/bounding strategy within a broad estimator class. Theoretical results provide explicit optimal bounds based on per-user contribution counts and privacy budget, while empirical studies show the proposed method outperforms prior approaches like Amin et al. 2019 in average-case performance. This work strengthens privacy-utility guarantees for realistic, non-i.i.d. data settings and suggests extending the worst-case analysis to other statistics.
Abstract
We revisit the problem of releasing the sample mean of bounded samples in a dataset, privately, under user-level $\varepsilon$-differential privacy (DP). We aim to derive the optimal method of preprocessing data samples, within a canonical class of processing strategies, in terms of the error in estimation. Typical error analyses of such \emph{bounding} (or \emph{clipping}) strategies in the literature assume that the data samples are independent and identically distributed (i.i.d.), and sometimes also that all users contribute the same number of samples (data homogeneity) -- assumptions that do not accurately model real-world data distributions. Our main result in this work is a precise characterization of the preprocessing strategy that gives rise to the smallest \emph{worst-case} error over all datasets -- a \emph{distribution-independent} error metric -- while allowing for data heterogeneity. We also show via experimental studies that even for i.i.d. real-valued samples, our clipping strategy performs much better, in terms of \emph{average-case} error, than the widely used bounding strategy of Amin et al. (2019).