Subject Granular Differential Privacy in Federated Learning

Subject Granular Differential Privacy in Federated Learning

Virendra Marathe, Pallika Kanani

19 November 2021

Differential Privacy (DP) enforcement in Federated Learning (FL) appears at two granularities in the literature: (i) item level, and (ii) user level. In this paper, we consider a third granularity of privacy – data subject level privacy, where a subject is an individual whose private information is embodied by several data items either confined within a single federation user or distributed across multiple federation users. Neither item level nor user level privacy are sufficient to enforce subject level privacy. We formally define the notion if subject level DP for FL, and analyze its differences with item and user level DP guarantees. Furthermore, we present two algorithms that enforce subject level DP that build on the notion of group differential privacy. In the process we make some interesting observations: Enforcement of subject level privacy at individual users entails the same privacy even when subjects’ data items are distributed over multiple users. Additionally, while both item and user level DP are insufficient to enforce subject level DP, Local Differential Privacy guarantees subject level privacy, even when a subject’s data items span across multiple users.


Venue : Privacy Preserving Machine Learning (PPML), ACM CCS 2021 Workshop.