Optimum Noise Mechanism for Probabilistic Differentially Private Queries in Discrete Finite Sets

Most published work on differential privacy (DP) focuses exclusively on meeting privacy constraints by adding to the query noise with a pre-specified parametric distribution model, typically with one or two degrees of freedom. The accuracy of the response and its utility for the intended use are often not part of the design. Considering that several database queries are categorical in nature (e.g., label, color, etc.), or discrete numerical data (e.g., ranking, histogram, etc.), or can be quantized to discrete values, the parameters that define the randomized mechanism’s distribution are finite. Thus, it is reasonable to search through numerical optimization for the probability masses that meet the privacy constraints while minimizing the query distortion. Considering the modulo summation of random noise as the probabilistic DP mechanism, the goal of this paper is to introduce a tractable framework to design the optimum noise probability mass function (PMF) for database queries with a discrete and finite set, optimizing with an expected distortion metric for a given privacy requirement. This paper shows that the optimum PMF can be obtained by solving a mixed integer linear program (MILP) and that the proposed optimal mechanism significantly outperforms the state-of-the-art.