Chapter 5. Definitions of Privacy

So far in this book, you have become familiar with how the privacy parameter $ϵ$ bounds the privacy loss of a data release. However, pure-differential privacy (or $ϵ$-differential privacy) can be overly restrictive, resulting in a privacy analysis that adds more noise than is practically necessary. This chapter presents other definitions of differential privacy that are widely used in practice, as well as the mechanisms they enable.

You learned in Chapter 4 that the key criteria of a privacy measure is that it possesses immunity against postprocessing. This means that for a mechanism $M(·)$ to satisfy differential privacy, it is impossible to manipulate a data release in a way that will increase the divergence between the probability distributions $M\left(x\right)$ and $M\left(x^{\text{'}}\right)$, where $x$ and $x^{\text{'}}$ are adjacent data sets.

This chapter introduces the privacy measures behind other variants of differential privacy. These variants of differential privacy also improve utility or interpretability and preserve robustness against auxiliary information and support for composition.

This chapter discusses the following variants of differential privacy, which meet these criteria and are in popular use:

• Approximate differential privacy: $(ϵ,\delta )$ or $ϵ\left(\delta \right)$

• Rényi differential privacy: $\overline{ϵ}\left(\alpha \right)$

• Zero-concentrated differential privacy: $\rho$

• Bounded range: $\eta$

• Characteristic functions: $\phi \left(t\right)$

• $f$-differential privacy: $\beta$