OpenDP Programming Framework for Renyi Privacy Filters and Odometers

Abstract

Data scientists work with large-scale sensitive data, which inevitably leads to privacy risks. Differential Privacy (DP) is a mathematical definition of privacy that aims to mitigate privacy risks inherent in data analysis and machine learning. OpenDP, an open-source software DP tool, allows the government, industry, and academic institutions to share sensitive data to researchers or the public while preserving privacy.

An active research question in DP literature is how to bound the total privacy loss of a sequence of DP computations. Most known DP theorems and the OpenDP library require the privacy parameters of each computation to be fixed in advance. However, this prevents the design of privacy preserving machine learning algorithms that change the privacy budget on the fly. For the adaptive parameter setting, privacy filters and odometers are two objects designed to model the total privacy loss.

In this paper, we extend the programming framework for OpenDP library to handle DP composition under adaptive privacy budgets through Renyi Differential Privacy (RDP). To do so, we construct Renyi filter and odometer and prove its privacy guarantees by generalizing RDP Adaptive Composition. To generalize our Odometer results, we implement a constructor that converts any Odometer to a Filter. Our results allow for the real world DP deployment of ML algorithms and interactive query interfaces that adaptively update the privacy budget.